rpms/ruby
5
0
Fork 0
Code Issues Pull Requests Releases Activity
An interpreter of object-oriented scripting language
18 Commits 46 Branches 89 Tags 1.8 MiB
Ruby 100%
2ccd553898
Go to file
Jarek Prokop 2ccd553898 Fix REXML ReDoS vulnerability. (CVE-2024-49761) 
Tests not included in the patch, this Ruby version does not include
the specific rexml unit test file in the released tarball.

As opposed to branches for Ruby 3.1 and 3.0, this Ruby version does not
need to enter the directory prior to patch application, as
the directory for patch application required is in the correct place.

Resolves: RHEL-68515
2024-11-27 12:10:29 +01:00
.gitignore Fix import. 2023-06-07 11:58:34 +02:00
abrt_prelude.rb Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
libruby.stp Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
macros.ruby Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
macros.rubygems Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
operating_system.rb Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-1.9.3-mkmf-verbose.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.1.0-always-use-i386.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.1.0-custom-rubygems-location.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.1.0-Enable-configuration-of-archlibdir.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.2.3-Generate-preludes-using-miniruby.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.3.0-ruby_version.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.5.0-Add-Gem.operating_system_defaults.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.5.1-Avoid-need-of-C++-compiler-to-pass-the-test-suite.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.5.9-revert-stop-the-error-due-to-openssl-1-1-1h.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-config-support-include-directive.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-configure-fstack-protector-strong.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-library-options-to-MAINLIBS.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-rdoc-6.0.2-check-nil-text-token.patch Fix rdoc parsing of nil text tokens. 2023-06-07 11:58:34 +02:00
ruby-2.6.0-rdoc-6.0.2-fix-different-js-gz-pages-across-multilib.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.0-use-larger-keys-for-SSL-tests.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.3-fiddle-1.0.0-ffi-closure-alloc-default.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.8-net-ftp-pasv-can-connect-to-arbitrary-host.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.8-net-imap-startls-stripping-vulnerability.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.8-rdoc-6.1.2.1-command-injection-vulnerability.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.9-cgi-0.1.1-cookie-parse-not-decode-names.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.9-date-2.0.1-parse-length-limit.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-2.6.10-Fix-CVE-2022-28739-Buffer-overrun-in-str2float.patch Fix buffer overrun in String-to-Float conversion. 2023-06-26 13:41:10 +02:00
ruby-2.7.7-Fix-CVE-2021-33621-HTTP-response-splitting-in-CGI.patch Fix HTTP response splitting in CGI. 2023-06-22 15:19:31 +02:00
ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch Fix ReDoS vulnerability in URI. 2023-06-26 13:41:10 +02:00
ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch Fix ReDoS vulnerability in Time. 2023-06-26 13:41:10 +02:00
ruby-3.0.0-Convert-ip-addresses-to-canonical-form.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby-3.0.7-Fix-CVE-2023-36617-Upstreams-incomplete-fix-for-CVE-2023-28755.patch Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. 2024-06-17 19:29:34 +02:00
ruby-3.0.7-Fix-CVE-2024-27280-Buffer-overread-in-StringIO.patch Fix Buffer overread vulnerability in StringIO (CVE-2024-27280). 2024-06-17 19:30:01 +02:00
ruby-3.0.7-Fix-CVE-2024-27281-RCE-vulnerability-with-rdoc_options.patch Fix RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281). 2024-06-24 19:39:15 +02:00
ruby-3.0.7-Fix-CVE-2024-27282-Memory-address-read-with-Regex.patch Fix Arbitrary memory address read vulnerability with Regex search (CVE-2024-27282). 2024-06-24 19:39:21 +02:00
ruby-3.1.3-Fix-for-tzdata-2022g.patch Fix Ruby test failures regarding tzdata and git. 2023-06-22 15:18:50 +02:00
ruby-3.2.0-git-2.38.1-fix-rubygems-test.patch Fix Ruby test failures regarding tzdata and git. 2023-06-22 15:18:50 +02:00
ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch Renew test certificates for net-http tests. 2024-06-17 19:28:51 +02:00
ruby-exercise.stp Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
ruby.spec Fix REXML ReDoS vulnerability. (CVE-2024-49761) 2024-11-27 12:10:29 +01:00
rubygem-cgi-0.3.6-Loosen-the-domain-regex-to-accept-dot.patch Let cookies use leading dot in the domain to retain compatibility. 2023-06-26 13:40:21 +02:00
rubygem-rexml-3.2.9-Fix-CVE-2024-35176-DoS-in-REXML.patch Fix REXML DoS parsing an XML with many <s in an attribute value (CVE-2024-35176). 2024-06-25 10:26:27 +02:00
rubygem-rexml-3.3.9-Fix-ReDoS-CVE-2024-49761.patch Fix REXML ReDoS vulnerability. (CVE-2024-49761) 2024-11-27 12:10:29 +01:00
rubygem-strscan-1.0.2-Accept-String-as-a-pattern.patch Fix REXML DoS parsing an XML with many <s in an attribute value (CVE-2024-35176). 2024-06-25 10:26:27 +02:00
rubygems.attr Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
rubygems.con Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
rubygems.prov Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
rubygems.req Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
sources Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-23 23:50:08 -05:00
test_abrt.rb Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00
test_systemtap.rb Import rpm: 6a79cc8230d437ba4c0e950842723d4d37ce3c11 2023-02-20 02:13:04 -05:00