This bug was fixed in the package ruby-activesupport-2.3 - 2.3.14-2ubuntu0.11.10.2
--------------- ruby-activesupport-2.3 (2.3.14-2ubuntu0.11.10.2) oneiric-security; urgency=low
* SECURITY UPDATE: Add an OkJson backend and remove the YAML backend to resolve improper conversion of JSON to YAML (LP: #1119256) - debian/patches/CVE-2013-0333.patch: added patch from Debian 2.3.14-6 - CVE-2013-0333 -- Jamie Strandboge <email address hidden> Wed, 13 Feb 2013 10:48:42 -0600
This bug was fixed in the package ruby-activesupp ort-2.3 - 2.3.14- 2ubuntu0. 11.10.2
--------------- ort-2.3 (2.3.14- 2ubuntu0. 11.10.2) oneiric-security; urgency=low
ruby-activesupp
* SECURITY UPDATE: Add an OkJson backend and remove the YAML backend to patches/ CVE-2013- 0333.patch: added patch from Debian 2.3.14-6
resolve improper conversion of JSON to YAML (LP: #1119256)
- debian/
- CVE-2013-0333
-- Jamie Strandboge <email address hidden> Wed, 13 Feb 2013 10:48:42 -0600