Hi Christian, 2016-06-28 7:27 GMT+02:00 Christian Hofstaedtler <z...@debian.org>: > Hi, > > * Bálint Réczey <bal...@balintreczey.hu> [160628 00:28]: >> Dear Ruby and LTS Maintainers, >> >> I plan updating the ruby-eventmachine package in Wheezy LTS to >> fix the following security issue: >> https://security-tracker.debian.org/tracker/TEMP-0678512-2E167C >> >> Please see the diff to previous version attached.
Thanks! I also tried the new test without fixing the issue in the code and it crashes nicely. > > Only gave this a quick glance, but LGTM. > >> I plan updating Jessie's version through jessie-proposed-updates, since >> the issue is marked as no-DSA. > > This can probably still go through debian-security? I'll ask them, showing the proposed diff. > Also, given there's no ruby1.8 in jessie, the diff will be a lot > smaller I guess. IMO the difference is very small and I'd rather add the few macros for 1.8 than breaking the source package's compatibility with the update. I have pushed my changes to the packaging repository in two new branches here: https://anonscm.debian.org/cgit/pkg-ruby-extras/ruby-eventmachine.git Cheers, Balint > >> Cheers, >> Balint > > Thanks, > Christian >
