rpms/ruby - ruby - AlmaLinux OS Git server

rpms

ruby

Fork 0

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Jun Aruga	9ad4115fe3	Upgrade to Ruby 3.0.7. * Upgrade to Ruby 3.0.7. Resolves: RHEL-36189 The released Ruby 3.0.5 includes the following fix. * Fix HTTP response splitting in CGI. Resolves: RHEL-36193 The released Ruby 3.0.6 includes the following fixes. * Fix ReDoS vulnerability in URI. Resolves: RHEL-36196 * Fix ReDoS vulnerability in Time. Resolves: RHEL-36205 The released Ruby 3.0.7 includes the following fixes. * Fix buffer overread vulnerability in StringIO. Resolves: RHEL-36198 * Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-36200 * Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-36203 Added the following patch. * Fix net-http test errors due to expired certificate. The patch ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch was copied from the part on the Fedora rawhide <`05a6c9c8f3`>.	2024-05-13 22:16:53 +02:00

Jun Aruga

9ad4115fe3

Upgrade to Ruby 3.0.7.

* Upgrade to Ruby 3.0.7.
  Resolves: RHEL-36189

The released Ruby 3.0.5 includes the following fix.

* Fix HTTP response splitting in CGI.
  Resolves: RHEL-36193

The released Ruby 3.0.6 includes the following fixes.

* Fix ReDoS vulnerability in URI.
  Resolves: RHEL-36196
* Fix ReDoS vulnerability in Time.
  Resolves: RHEL-36205

The released Ruby 3.0.7 includes the following fixes.

* Fix buffer overread vulnerability in StringIO.
  Resolves: RHEL-36198
* Fix RCE vulnerability with .rdoc_options in RDoc.
  Resolves: RHEL-36200
* Fix arbitrary memory address read vulnerability with Regex search.
  Resolves: RHEL-36203

Added the following patch.
* Fix net-http test errors due to expired certificate.
  The patch ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch was copied
  from the part on the Fedora rawhide
  <05a6c9c8f3>.

2024-05-13 22:16:53 +02:00

1 Commits