-
Committer:
Bazaar Package Importer
-
Author(s):
Lucas Nussbaum
-
Date:
2008-09-10 10:27:45 UTC
-
mfrom:
(1.1.11 upstream)
-
Revision ID:
james.westby@ubuntu.com-20080910102745-2zxcsvuv7t0bb4fq
Tags: 1.8.7.72-1
* New upstream release.
- many patches in 1.8.7.22-4 were simply backported from upstream SVN, and
are integrated into that release. We drop those:
+ 103_array_c_r17472_to_r17756.dpatch
+ 810_ruby187p22_fixes.dpatch
+ 811_multiple_vuln_200808.dpatch
- Fixes the following security issues: (Closes: #494401)
* Several vulnerabilities in safe level
* DoS vulnerability in WEBrick
* Lack of taintness check in dl
* DNS spoofing vulnerability in resolv.rb (CVE-2008-1447)
* Applied debian/patches/168_rexml_dos.dpatch:
Fix CVE-2008-3790 (REXML expansion DOS). Closes: #496808.