-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Jan 2025 07:26:33 +0530
Source: puma
Binary: puma puma-dbgsym
Architecture: ppc64el
Version: 5.6.5-3+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
 puma       - threaded HTTP 1.1 server for Ruby/Rack applications
Closes: 1050079 1060345 1082379
Changes:
 puma (5.6.5-3+deb12u1) bookworm; urgency=medium
 .
   * Team upload
   * d/patches/
    + CVE-2023-40175.patch: Fix CVE-2023-40175, incorrect behavior when
      parsing chunked transfer encoding bodies and zero-length
      Content-Length headers in a way that allowed HTTP request
      smuggling. (Closes: #1050079)
 .
    + CVE-2024-21647.patch: Fix CVE-2024-21647 by limiting the size of
      chunk extensions. (Closes: #1060345)
 .
    + CVE-2024-45614.patch: Fix CVE-2024-45614, clients could clobber
      values set by intermediate proxies (such as X-Forwarded-For) by
      providing a underscore version of the same header.
      (Closes: #1082379)
Checksums-Sha1:
 998a79f2e6ecd1e3cedb54545f3338ca662a62a4 38060 puma-dbgsym_5.6.5-3+deb12u1_ppc64el.deb
 08793e001fc1fe4293eaa5d8aad43d93c8ad15b1 9835 puma_5.6.5-3+deb12u1_ppc64el-buildd.buildinfo
 da3176921d138b64160c888fe689aab41a6f959d 156724 puma_5.6.5-3+deb12u1_ppc64el.deb
Checksums-Sha256:
 bf376d0269dcebd1d83d118ddfc1e1704674062eaa5ce6a85b38b87fcf42a19d 38060 puma-dbgsym_5.6.5-3+deb12u1_ppc64el.deb
 3203d256497ab3ce4e93d243afdb2f036a6cb57fa21e398579c8451d97a2c466 9835 puma_5.6.5-3+deb12u1_ppc64el-buildd.buildinfo
 77a8e54077c7b613942d25aa8f898a2c2f85fad8c1100f2f36a7e65da0609d58 156724 puma_5.6.5-3+deb12u1_ppc64el.deb
Files:
 2b8381cb819e60a41d3cfaa93d760b2c 38060 debug optional puma-dbgsym_5.6.5-3+deb12u1_ppc64el.deb
 76aef874c1b79d5a7b836e6a6d6b6f53 9835 web optional puma_5.6.5-3+deb12u1_ppc64el-buildd.buildinfo
 7fdceb4f45e55ec3990c9b5dcc06648d 156724 web optional puma_5.6.5-3+deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5v3ycPFoB5xoBEprvMjydu+xvRMFAmeenuoACgkQvMjydu+x
vROEXBAAqNOBq0pk1Gdw/0z3p6Avm602APuXogn2sg/6mjbWk5RN48aIQMhfrqYU
7n6/45t8z+RrUtyBd9DdfjMUfiagLp1OQYMCYPZdb65RRojOspjfgF12haNKC22N
rxaLOq4OtmxCoIi1fhjgGKmkO0hQsZWBYnaxtJO8fi0pBVO4m9RUhClNU4PHYFWM
z9BPNLn2RO+l4dxDRMhxa+mkOESPHtd4Q8LVXh1vOm2iB7m/wDNCiWBvq8hqBaa8
US6QAsI6g9bBl2xKfJklhNUr7/MmpHfyZbFZb1lw8y+74IlnHRSVwn7cSUIirF0g
5R0/UTOg8+kwejPmjY2ROEh/P8GREWQnVDsRnsUYOtgZwsuOjCoVBeczP4y4lHdk
nUM2Ub77fGZMqyo5VYRUuPf+rOc4ruz0WUZN+fgiKmrlX2h5KwbL8tRgVd6pfy1j
G+T3OoI8ko2HSrUQCw4lhVoZcSF8JxiY7BLFUFE6svP3tz7VHKQcDZ/yMBXOAUSn
Cm96Il21xQh4EEhq3VormsE2toI4E35Dv42jyAxv8jH2mR1+8R6nzIDa48h0k6ME
gcd0f1fhWqFaNF0D+ERhrt2g1rqQGZSA63AIEJa6WbPszh5c7rDQBfuvQYds0hHx
Oy4PERUdZ75bbsygighkC2J2ll/YTXEeNUqnhmLEaCk1P2A4X9I=
=tKou
-----END PGP SIGNATURE-----