Commit Graph

6 Commits

Author SHA1 Message Date
tjuhasz
82e2db5a23 Fix for CVE-2026-42246.
Fix Net::IMAP STARTTLS stripping vulnerability.

Advisory: https://github.com/advisories/GHSA-vcgp-9326-pqcp

Sourced from:
  - https://github.com/ruby/net-imap/commit/62eea6ff
  - https://github.com/ruby/net-imap/commit/24d5c773

Resolves: RHEL-181753
2026-07-10 10:07:59 +02:00
tjuhasz
67dadce237 Fix for CVE-2026-42245.
Fix Net::IMAP ResponseReader quadratic complexity vulnerability.

Advisory: https://github.com/advisories/GHSA-q2mw-fvj9-vvcw

Sourced from:
 - https://github.com/ruby/net-imap/commit/341ab628
 - https://github.com/ruby/net-imap/commit/49c516d6
 - https://github.com/ruby/net-imap/commit/6f82e28f
Resolves: RHEL-181680
2026-07-10 10:07:21 +02:00
tjuhasz
cf93f74ea2 Include patch for ruby JSON (CVE-2026-33210).
Fix JSON: Denial of Service or Information Disclosure via format string injection

Patch created by cherry-picking 393b41c3e5\#diff-128577053eab7333382a3f656b2a2e3eb136be8eda67c5b6d656b9b3d7c15982R406
 within ruby-v4.0.3 branch.

Advisory: https://github.com/ruby/json/security/advisories/GHSA-3m6g-2423-7cp3

Resolves: RHEL-169964
2026-05-26 20:55:09 +02:00
tjuhasz
745dd99857 Upgrade to Ruby 4.0.3.
Fix ERB: Arbitrary code execution via deserialization bypass (CVE-2026-41316)

Resolves: RHEL-170911
Resolves: RHEL-170933
2026-05-26 20:43:46 +02:00
Jarek Prokop
a04fe22d88 Initial commit on c10s.
Resolves: RHEL-133550
2026-02-13 10:54:40 +01:00
Release Configuration Management
f0dddfd226 New branch setup 2026-02-04 06:29:46 -05:00