Debian Patches
Status for rubygems/3.3.15-2+deb12u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Don-t-consider-gems-provided-by-Debian-packages-as-d.patch | Don't consider gems provided by Debian packages as deleted In Debian, old-style packages provide a gemspec but the actual library files are shipped in /usr/lib/ruby/vendor_ruby/. We are converting all packages to the Rubygems layout, but we are not finished yet. This fixed a regression introduced in Debian by 8950631f02498195794096a8e7c28b7feac56382 ("Fix `bundle install` to force reinstallation of deleted gems"). |
Antonio Terceiro <terceiro@debian.org> | yes | debian | 2022-01-28 | |
| CVE-2025-27221_1.patch | Truncate userinfo with URI#join, URI#merge and URI#+ | Hiroshi SHIBATA <hsbt@ruby-lang.org> | no | backport, https://github.com/ruby/uri/commit/3675494839112b64d5f082 | 2025-02-21 | |
| CVE-2025-27221_2.patch | Fix merger of URI with authority component https://hackerone.com/reports/2957667 |
Hiroshi SHIBATA <hsbt@ruby-lang.org> | no | backport, https://github.com/ruby/uri/commit/2789182478f42ccbb6 | 2025-02-21 | |
| CVE-2023-28755.patch | Fix quadratic backtracking on invalid URI https://hackerone.com/reports/1444501 |
Nobuyoshi Nakada <nobu@ruby-lang.org> | no | backport, https://github.com/ruby/uri/commit/eaf89cc31619d49e67c64d | 2022-01-10 |
All known versions for source package 'rubygems'
- 3.6.7-3~exp1 (experimental)
- 3.6.7-2 (forky, sid, trixie)
- 3.3.15-2+deb12u1 (bookworm)