Merge version 2.3.3-1+deb9u9+rpi1 and 2.3.3-1+deb9u10 to produce 2.3.3-1+deb9u10...

author Raspbian automatic forward porter <root@raspbian.org>

Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)

committer Raspbian automatic forward porter <root@raspbian.org>

Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)
author Raspbian automatic forward porter <root@raspbian.org>
Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)
committer Raspbian automatic forward porter <root@raspbian.org>
Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)
diff --cc debian/changelog

index 20ce87d2c92b9487fe6738f4bb814b71751cc795,251f4c9b0926ec64d6c3038d4f6af5c5f6edf814..ddffe83b320c204e4f99dfd8b81888c37666abca
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,13 +1,20 @@@
- ruby2.3 (2.3.3-1+deb9u9+rpi1) stretch-staging; urgency=medium
++ruby2.3 (2.3.3-1+deb9u10+rpi1) stretch-staging; urgency=medium
+ +
+ +  [changes brought forward from 2.3.3-1+deb9u1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 21 Oct 2017 22:40:37 +0000]
+ +  * Disable testsuite.
+ +
-  -- Raspbian forward porter <root@raspbian.org>  Thu, 01 Oct 2020 22:03:49 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Wed, 13 Oct 2021 14:59:02 +0000
++
+ ruby2.3 (2.3.3-1+deb9u10) stretch-security; urgency=high
+ 
+   * Add patch to use File.open to fix the OS Command
+     Injection vulnerability. (Fixes: CVE-2021-31799)
+   * Add patch to fix StartTLS stripping vulnerability.
+     (Fixes: CVE-2021-32066)
+   * Add patch to ignore IP addresses in PASV responses
+     by default. (Fixes: CVE-2021-31810)
+ 
+  -- Utkarsh Gupta <utkarsh@debian.org>  Sun, 19 Sep 2021 09:10:46 +0530
   
   ruby2.3 (2.3.3-1+deb9u9) stretch-security; urgency=high
author	Raspbian automatic forward porter <root@raspbian.org>
	Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)
committer	Raspbian automatic forward porter <root@raspbian.org>
	Wed, 13 Oct 2021 14:59:02 +0000 (15:59 +0100)