Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-ruby@lists.debian.org
Hello,
Rails was recently affected by 3 CVEs (CVE-2021-2290{2,4} and CVE-2021-22885).
I'm attaching a filtered diff for your review; the diff is really
small and minimal which should be clear by looking at it. The only
caveat is that it needs ruby-marcel, which has an unblock request
(#989036) opened a few minutes ago.
rails has been in unstable for around 9 days now[1]; I've done some
testing and it all works OK w/ Bullseye, so it should be good to go.
[1]: https://tracker.debian.org/pkg/rails
The command used to filter the debdiff is as follows:
filterdiff --exclude='*/Gemfile.lock' --exclude='*/CHANGELOG.md'
--exclude='*/gem_version.rb' --exclude='*/package.json'
--exclude='*/test/*' ../rails.debdiff
Let me know if you need any other information from my end. Thanks!
- u
rails_filtered.debdiff
Description: Binary data
