d83966b8b8
Upgrade to ruby 3.0.4.
...
Sync branch with Fedora upstream (commit: 9209761).
This rebase also fixes following CVEs:
Double free in Regexp compilation.
See <https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/ >
for details.
Buffer overrun in String-to-Float conversion.
See <https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/ >
for details.
Remove ruby-3.1.0-Fix-stack-buffer-overflow.patch.
The patch was backported and is now present in Ruby 3.0.4.
Resolves: rhbz#2096347
Resolves: CVE-2022-28738
Resolves: CVE-2022-28739
2022-08-02 11:42:55 +02:00
89603e3d2f
Upgrade to Ruby 3.0.3.
...
Resolves: rhbz#2049693
2022-02-11 13:52:42 +01:00
772e294b42
Upgrade to Ruby 3.0.2.
...
- Fix command injection vulnerability in RDoc.
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
- Fix StartTLS stripping vulnerability in Net::IMAP
- Fix dependencies of gems with explicit source installed from a
different source.
Resolves: CVE-2021-31810
Resolves: CVE-2021-32066
Resolves: CVE-2021-31799
Resolves: CVE-2020-36327
2021-08-19 16:24:35 +02:00
6d8853eef8
Sync with Rawhide.
...
Related: rhbz#1952925
2021-06-03 16:07:32 +02:00
800f406961
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/ruby.git#9a03f61609a0da52a3292d03203ad1befdb1ef6b
2021-01-08 15:41:21 +00:00
17f011b0ca
RHEL 9.0.0 Alpha bootstrap
...
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/ruby#be9961f6d007f12e7ac37b59800127a9d735c257
2020-10-14 21:55:41 -07:00
Jarek Prokop
Vít Ondruch
Pavel Valena
DistroBaker
Troy Dawson