Hello again, Phillip. I made a mistake while triaging this bug last week because I mistakenly thought that ruby-zip was in main. It turns out that ruby-zip is in universe and, therefore, it is community supported. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.
I'm in the process of syncing the Debian security update for libzip-ruby in 12.04 and for ruby-zip in Zesty (soon to be 17.04). There are no syncs available for 16.04 or 16.10 so it'd be much appreciated if you could provide debdiffs for those releases.
Hello again, Phillip. I made a mistake while triaging this bug last week because I mistakenly thought that ruby-zip was in main. It turns out that ruby-zip is in universe and, therefore, it is community supported. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res.
I'm in the process of syncing the Debian security update for libzip-ruby in 12.04 and for ruby-zip in Zesty (soon to be 17.04). There are no syncs available for 16.04 or 16.10 so it'd be much appreciated if you could provide debdiffs for those releases.