-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 17 Apr 2025 22:54:07 -0300
Source: rubygems
Binary: bundler ruby-bundler ruby-rubygems
Architecture: all
Version: 3.3.15-2+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Lucas Kanashiro <kanashiro@debian.org>
Description:
 bundler    - Manage Ruby application dependencies
 ruby-bundler - Manage Ruby application dependencies (runtime)
 ruby-rubygems - Package management framework for Ruby
Changes:
 rubygems (3.3.15-2+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2025-27221.
     The URI handling methods (URI.join, URI#merge, URI#+) have an
     inadvertent leakage of authentication credentials because userinfo is
     retained even after changing the host.
      - d/p/CVE-2025-27221_*.patch
   * Fix CVE-2023-28755.
     A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby
     through 3.2.1. The URI parser mishandles invalid URLs that have specific
     characters. It causes an increase in execution time for parsing strings
     to URI objects.
      - d/p/CVE-2023-28755.patch
Checksums-Sha1:
 b39639e8bc171c2d7fb43233a2e7019a00532428 74648 bundler_2.3.15-2+deb12u1_all.deb
 c3d89719a39d08d67e3090d4747ee988ecd9a9b8 388648 ruby-bundler_2.3.15-2+deb12u1_all.deb
 11e6f232747972ba7ad9f1e1980c2763f23ff266 292916 ruby-rubygems_3.3.15-2+deb12u1_all.deb
 055cfca5a54dfe0c1eaf3963bf75b11aa4705f08 9934 rubygems_3.3.15-2+deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 162257ae6b4bbd78c7525c497550d87b8a1bf7d816141f9fac629f3fbd4376f6 74648 bundler_2.3.15-2+deb12u1_all.deb
 fcf5de0bb32880168daa0bd86acdd0df3189a6bb6610959f5242a643dd7fa0fa 388648 ruby-bundler_2.3.15-2+deb12u1_all.deb
 49485e383cea98395b57a795179b837800bf05a3a7dfb1c6ca708187452a8bd6 292916 ruby-rubygems_3.3.15-2+deb12u1_all.deb
 46b499d1933cc2c3b80bf4a407aee2dd089030ec643a371371da8ca6315bf348 9934 rubygems_3.3.15-2+deb12u1_all-buildd.buildinfo
Files:
 62100cda1d364dd07d0146603064b942 74648 ruby optional bundler_2.3.15-2+deb12u1_all.deb
 9d7f800e2c4634c06e49ad6d90dbc50c 388648 ruby optional ruby-bundler_2.3.15-2+deb12u1_all.deb
 485969d05c693c171df21634fa90566f 292916 ruby optional ruby-rubygems_3.3.15-2+deb12u1_all.deb
 d822dd84b0ac13dca2af66b8f379c392 9934 ruby optional rubygems_3.3.15-2+deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmg7eyUACgkQJuP6X4A0
XeK2pRAAx8ji3aGTAUw6zJloWBcE6ELOEeOXPAuhZ4R/LZcte0TbT9ZzroRUsDR1
aZTzk/VFM9Mk0A5vv169+3tCAMSnLnAKVk9S+UBj/M893ThsJV7ciNwT4zYlcBt3
q7ZzoLuhYCyD5XqcQGpLu7MNGwcaxwpouagPEyEQx5AE/XrYS+aY8dW5iV1XqTJF
+Qc+DM/Jrvk/kRpqTfeZ1IRQM/RMWIbhm/jGVR8oYdPFS3vJFEeIj/c2V8ToNQwU
wNFipDaPvAJ0YN0pScPX/tFYP+TT4tiiTHPO5h2eKOb3nUzjj0OK9Dm/Ev5nEsAW
fhHkL6YVhhikRVViLo2wwHjz0uF0KKJ9SrLOUFOPXumON/w396wifhGiwTBT9rEl
6wbztxynuGSSTyvRuq7KZVyVZTjfrc4zhOFuWNacQZbpKGLNJvBuX05tTk5mOQ5W
IpFYZLqoqhynFeXm9PhxuuFz3K2CW9zrUqVHAf1D4kOr3GSsr3wYZDTqyQJMubRM
FHGe5VpYBzBzdz35uCO8cmAObbcaiuSg63wyh1t3L/uCmkQhw750QD50SH3zekHf
OJoK04sd2qHQaiw+fv0jXtHzWP5grq7tovt/DLcc5q3Le4ltnWwEDrPipIkukbPw
cXwvw+AFmRvNEABb7WsKrC3oBk9oYq5QorOzKtYANknGX9+5kSA=
=3PjS
-----END PGP SIGNATURE-----