Comment 8 for bug 1100188

This should now be triaged for our packages based on Debian's https://security-tracker.debian.org/tracker/CVE-2013-0155. As Marc said, since the packages referred to in this bug is in universe or multiverse, it is community maintained. When a debdiffs are available, members of the security team will review them and publish the packages. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.

Since I added so many tasks, I went ahead and assigned Christian to ruby-activerecord-3.2 on Quantal since that is what the supplied debdiff was for.