]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b52c596) | patch
ruby: Update to 2.4.4
authorArmin Kuster <akuster808@gmail.com>
Thu, 3 May 2018 16:00:59 +0000 (09:00 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 15 May 2018 10:00:31 +0000 (11:00 +0100)
commit43721cc12ce782603ecdc0aa3a514bc6c8d4f97f
treed8fb2d86a2e4568032820f702225d234bf6c79e4tree | snapshot
parentb52c5967c24c37c0da48984a45521206e17e4291commit | diff
ruby: Update to 2.4.4

The dot releases are maint only.

2.4.4 included:
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir

(From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fixup for Morty context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/ruby/ruby_2.4.4.bb [moved from meta/recipes-devtools/ruby/ruby_2.4.3.bb with 91% similarity] diff | blob | history
Mirror of the official openembedded-core repository