rpms/ruby - ruby - AlmaLinux OS Foundation Git Server

rpms/ruby

Fork 0

Commit Graph

Author	SHA1	Message	Date
Jarek Prokop	d83966b8b8	Upgrade to ruby 3.0.4. Sync branch with Fedora upstream (commit: 9209761). This rebase also fixes following CVEs: Double free in Regexp compilation. See <https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/> for details. Buffer overrun in String-to-Float conversion. See <https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/> for details. Remove ruby-3.1.0-Fix-stack-buffer-overflow.patch. The patch was backported and is now present in Ruby 3.0.4. Resolves: rhbz#2096347 Resolves: CVE-2022-28738 Resolves: CVE-2022-28739	2022-08-02 11:42:55 +02:00

Author

SHA1

Message

Date

Jarek Prokop

d83966b8b8

Upgrade to ruby 3.0.4.

Sync branch with Fedora upstream (commit: 9209761).

This rebase also fixes following CVEs:
Double free in Regexp compilation.
See <https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/>
for details.

Buffer overrun in String-to-Float conversion.
See <https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/>
for details.

Remove ruby-3.1.0-Fix-stack-buffer-overflow.patch.
The patch was backported and is now present in Ruby 3.0.4.

Resolves: rhbz#2096347
Resolves: CVE-2022-28738
Resolves: CVE-2022-28739

2022-08-02 11:42:55 +02:00

1 Commits