Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
PUBLIC_REPOS
/
buildroot
-ын хуулбар git://git.buildroot.net/buildroot
2
1
Салаа 0
Файлууд
Эх сурвалжийг харах

package/ruby: security bump to version 2.4.6

Fixes the following security issues:

- CVE-2019-8320: Delete directory using symlink when decompressing tar
- CVE-2019-8321: Escape sequence injection vulnerability in verbose
- CVE-2019-8322: Escape sequence injection vulnerability in gem owner
- CVE-2019-8323: Escape sequence injection vulnerability in API response handling
- CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
- CVE-2019-8325: Escape sequence injection vulnerability in errors

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Peter Korsgaard 6 жил өмнө
parent
097ce6b3a8
commit
9009823137
2 өөрчлөгдсөн 3 нэмэгдсэн , 3 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 2 2
      package/ruby/ruby.hash
  2. 1 1
      package/ruby/ruby.mk

+ 2 - 2
package/ruby/ruby.hash
Файл харах 

@@ -1,5 +1,5 @@
 
-# https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/
 
-sha256 2f0cdcce9989f63ef7c2939bdb17b1ef244c4f384d85b8531d60e73d8cc31eeb  ruby-2.4.5.tar.xz
 
+# https://www.ruby-lang.org/en/news/2019/04/01/ruby-2-4-6-released/
 
+sha256 25da31b9815bfa9bba9f9b793c055a40a35c43c6adfb1fdbd81a09099f9b529c  ruby-2.4.6.tar.xz
 
 # License files, Locally calculated
 
 sha256 609292a6d848ab223073944fc2d844449391a5ba2055a8b5baf1726bc13b39cb  LEGAL
 
 sha256 f5eb1b2956d5f7a67b2e5722a3749bc2fe86f9c580f2e3f5a08519cf073b5864  COPYING

+ 1 - 1
package/ruby/ruby.mk
Файл харах 

@@ -5,7 +5,7 @@
 
 ################################################################################
 
 
 RUBY_VERSION_MAJOR = 2.4
 
-RUBY_VERSION = $(RUBY_VERSION_MAJOR).5
 
+RUBY_VERSION = $(RUBY_VERSION_MAJOR).6
 
 RUBY_VERSION_EXT = 2.4.0
 
 RUBY_SITE = http://cache.ruby-lang.org/pub/ruby/$(RUBY_VERSION_MAJOR)
 
 RUBY_SOURCE = ruby-$(RUBY_VERSION).tar.xz