Control: tags -1 + confirmed On Sat, 2016-06-04 at 20:32 +0200, Petter Reinholdtsen wrote: > On my Debian Jessie machine, a security issue from 2009 is reported by > debsecan, > <URL: https://security-tracker.debian.org/tracker/CVE-2009-5147 >. > > The issue was fixed in Squeeze by the LTS team (DLA-299-1), but has not > yet been fixed in Jessie. I would like to get it fixed, to get it out > of my debsecan list. > > The attached patch is based on the squeeze patch (had to refresh it), and > should solve the problem.
We'd generally prefer a bit more testing than "should solve the problem", although I agree that the patch looks sane enough as someone who knows practically nothing about Ruby... Please go ahead. Regards, Adam

