Merge version 2.3.3-1+deb9u10+rpi1 and 2.3.3-1+deb9u11 to produce 2.3.3-1+deb9u11...

author Raspbian automatic forward porter <root@raspbian.org>

Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)

committer Raspbian automatic forward porter <root@raspbian.org>

Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)
author Raspbian automatic forward porter <root@raspbian.org>
Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)
committer Raspbian automatic forward porter <root@raspbian.org>
Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)
diff --cc debian/changelog

index ddffe83b320c204e4f99dfd8b81888c37666abca,a5a14c865b8a98d2fea7497af6f745c44f4cefc8..c5ec87d1034dfee6b931bb8648b054badb5ebd6e
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,11 +1,18 @@@
- ruby2.3 (2.3.3-1+deb9u10+rpi1) stretch-staging; urgency=medium
++ruby2.3 (2.3.3-1+deb9u11+rpi1) stretch-staging; urgency=medium
+ +
+ +  [changes brought forward from 2.3.3-1+deb9u1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 21 Oct 2017 22:40:37 +0000]
+ +  * Disable testsuite.
+ +
-  -- Raspbian forward porter <root@raspbian.org>  Wed, 13 Oct 2021 14:59:02 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Mon, 27 Dec 2021 09:34:42 +0000
++
+ ruby2.3 (2.3.3-1+deb9u11) stretch-security; urgency=high
+ 
+   * Add length limit option for methods that parses
+     date strings. (Fixes: CVE-2021-41817)
+   * When parsing cookies, only decode the values.
+     (Fixes: CVE-2021-41819)
+ 
+  -- Utkarsh Gupta <utkarsh@debian.org>  Mon, 06 Dec 2021 05:25:44 +0530
   
   ruby2.3 (2.3.3-1+deb9u10) stretch-security; urgency=high
author	Raspbian automatic forward porter <root@raspbian.org>
	Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)
committer	Raspbian automatic forward porter <root@raspbian.org>
	Mon, 27 Dec 2021 09:34:42 +0000 (09:34 +0000)