Package: ruby-openid / 2.1.8debian-6

Metadata

Package Version Patches format
ruby-openid 2.1.8debian-6 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01_remove_rubygems_require.diff | (download)

admin/runtests.rb | 1 0 + 1 - 0 !
examples/active_record_openid_store/init.rb | 6 0 + 6 - 0 !
examples/rails_openid/config/boot.rb | 1 0 + 1 - 0 !
3 files changed, 8 deletions(-)

 remove rubygems require statements
02_fix_CVE 2013 1812.patch | (download)

lib/openid/fetchers.rb | 22 17 + 5 - 0 !
lib/openid/yadis/xrds.rb | 34 22 + 12 - 0 !
2 files changed, 39 insertions(+), 17 deletions(-)

 limit fetching file size & disable xml entity expansion
  This prevents possible XML denial of service attacks [CVE-2013-1812]