From: Raspbian forward pporter <root@raspbian.org>
Date: Sun, 4 Nov 2018 11:39:59 +0000 (+0000)
Subject: Merge version 2.3.3-1+deb9u3+rpi1 and 2.3.3-1+deb9u4 to produce 2.3.3-1+deb9u4+rpi1
X-Git-Tag: archive/raspbian/2.3.3-1+deb9u4+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=a9b60ea921f3bb1668afed6b7d6ab17576f1b42b;p=ruby2.3.git

Merge version 2.3.3-1+deb9u3+rpi1 and 2.3.3-1+deb9u4 to produce 2.3.3-1+deb9u4+rpi1
---

f9e86636793853c67db0f73baca1937df4eae3dd
diff --cc debian/changelog
index ed5495d,cb2d07d..7647e77
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,13 +1,20 @@@
- ruby2.3 (2.3.3-1+deb9u3+rpi1) stretch-staging; urgency=medium
++ruby2.3 (2.3.3-1+deb9u4+rpi1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 2.3.3-1+deb9u1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 21 Oct 2017 22:40:37 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Wed, 17 Oct 2018 11:05:04 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 04 Nov 2018 11:39:59 +0000
++
+ ruby2.3 (2.3.3-1+deb9u4) stretch-security; urgency=high
+ 
+   * Non-maintainer upload by the Security Team.
+   * OpenSSL::X509::Name equality check does not work correctly
+     (CVE-2018-16395)
+   * pack.c: avoid returning uninitialized String
+   * Tainted flags are not propagated in Array#pack and String#unpack with some
+     directives (CVE-2018-16396)
+ 
+  -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 28 Oct 2018 21:49:57 +0100
  
  ruby2.3 (2.3.3-1+deb9u3) stretch-security; urgency=medium