Comment 2 for bug 1669894

Hello again, Phillip. I made a mistake while triaging this bug last week because I mistakenly thought that ruby-zip was in main. It turns out that ruby-zip is in universe and, therefore, it is community supported. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.

I'm in the process of syncing the Debian security update for libzip-ruby in 12.04 and for ruby-zip in Zesty (soon to be 17.04). There are no syncs available for 16.04 or 16.10 so it'd be much appreciated if you could provide debdiffs for those releases.