From: Raspbian automatic forward porter <root@raspbian.org>
Date: Thu, 18 Apr 2019 11:04:43 +0000 (+0100)
Subject: Merge version 2.3.3-1+deb9u3+rpi1 and 2.3.3-1+deb9u6 to produce 2.3.3-1+deb9u6+rpi1
X-Git-Tag: archive/raspbian/2.3.3-1+deb9u6+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f45fd9d61757021e44c89dffe093e7a682636d6e;p=ruby2.3.git

Merge version 2.3.3-1+deb9u3+rpi1 and 2.3.3-1+deb9u6 to produce 2.3.3-1+deb9u6+rpi1
---

f45fd9d61757021e44c89dffe093e7a682636d6e
diff --cc debian/changelog
index ed5495d,269ae8a..df33648
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,31 +1,38 @@@
- ruby2.3 (2.3.3-1+deb9u3+rpi1) stretch-staging; urgency=medium
++ruby2.3 (2.3.3-1+deb9u6+rpi1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 2.3.3-1+deb9u1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 21 Oct 2017 22:40:37 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Wed, 17 Oct 2018 11:05:04 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 18 Apr 2019 11:04:43 +0000
++
+ ruby2.3 (2.3.3-1+deb9u6) stretch-security; urgency=medium
+ 
+   * CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324
+   * CVE-2019-8325
+ 
+  -- Moritz Mühlenhoff <jmm@debian.org>  Fri, 12 Apr 2019 20:28:46 +0200
+ 
+ ruby2.3 (2.3.3-1+deb9u5) stretch; urgency=medium
+ 
+   * Backport upstream patches to fix FTBFS due to expired SSL certificate and
+     timezone changes (Closes: #919999)
+     - imap: update test certificate
+     - timezone changes for Japan and Kiritimati
+   * test/ruby/test_gc.rb: skip entirely; some tests in there can fail
+     unpredictably on buildds (Closes: #912740)
+ 
+  -- Antonio Terceiro <terceiro@debian.org>  Sat, 23 Feb 2019 18:31:45 -0300
+ 
+ ruby2.3 (2.3.3-1+deb9u4) stretch-security; urgency=high
+ 
+   * Non-maintainer upload by the Security Team.
+   * OpenSSL::X509::Name equality check does not work correctly
+     (CVE-2018-16395)
+   * pack.c: avoid returning uninitialized String
+   * Tainted flags are not propagated in Array#pack and String#unpack with some
+     directives (CVE-2018-16396)
+ 
+  -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 28 Oct 2018 21:49:57 +0100
  
  ruby2.3 (2.3.3-1+deb9u3) stretch-security; urgency=medium