diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-03-29 14:13:19 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-03-29 14:19:52 +0000 |
| commit | 8e71f2e5fdb9d522368ddca664bf4a3f68864028 (patch) | |
| tree | 582d5ff637c75fcd210433e43a9245d76280cbbe | |
| parent | 56f7223fa0f34b764b51fb8a843bd102586aec11 (diff) | |
| download | aports-8e71f2e5fdb9d522368ddca664bf4a3f68864028.tar.bz2 aports-8e71f2e5fdb9d522368ddca664bf4a3f68864028.tar.xz | |
main/ruby: security upgrade to 2.5.1
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in
Dir
ref #8747
| -rw-r--r-- | main/ruby/APKBUILD | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD index 446cb411b5..d56f092b78 100644 --- a/main/ruby/APKBUILD +++ b/main/ruby/APKBUILD @@ -3,6 +3,13 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> # # secfixes: +# 2.5.1-r0: +# - CVE-2017-17742 +# - CVE-2018-6914 +# - CVE-2018-8777 +# - CVE-2018-8778 +# - CVE-2018-8779 +# - CVE-2018-8780 # 2.4.2-r0: # - CVE-2017-0898 # - CVE-2017-10784 @@ -16,9 +23,9 @@ # - CVE-2017-17405 # pkgname=ruby -pkgver=2.5.0 +pkgver=2.5.1 _abiver="${pkgver%.*}.0" -pkgrel=1 +pkgrel=0 pkgdesc="An object-oriented language for quick and easy programming" url="http://www.ruby-lang.org/en/" arch="all" @@ -324,7 +331,7 @@ _mvgem() { done } -sha512sums="8f6fdf6708e7470f55bc009db2567cd8d4e633ad0678d83a015441ecf5b5d88bd7da8fb8533a42157ff83b74d00b6dc617d39bbb17fc2c6c12287a1d8eaa0f2c ruby-2.5.0.tar.bz2 +sha512sums="82e799ecf7257a9f5fe8691c50a478b0f91bd4bdca50341c839634b0da5cd76c5556965cb9437264b66438434c94210c949fe9dab88cbc5b3b7fa34b5382659b ruby-2.5.1.tar.bz2 cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538 rubygems-avoid-platform-specific-gems.patch 814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch 8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch" |