main/ruby: security upgrade to 2.4.4

CVE-2017-17742: HTTP response splitting in WEBrick

CVE-2018-6914: Unintentional file and directory creation with directory
               traversal in tempfile and tmpdir

CVE-2018-8777: DoS by large request in WEBrick

CVE-2018-8778: Buffer under-read in String#unpack

CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
               UNIXServer and UNIXSocket

CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in
               Dir

fixes #8747

1 files changed, 9 insertions, 2 deletions

diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD
index 383548b958..5b736a9d85 100644
--- a/main/ruby/APKBUILD
+++ b/main/ruby/APKBUILD
@@ -3,6 +3,13 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 #
 # secfixes:
+#   2.4.4-r0:
+#     - CVE-2017-17742
+#     - CVE-2018-6914
+#     - CVE-2018-8777
+#     - CVE-2018-8778
+#     - CVE-2018-8779
+#     - CVE-2018-8780
 #   2.4.2-r0:
 #     - CVE-2017-0898
 #     - CVE-2017-10784
@@ -16,7 +23,7 @@
 #     - CVE-2017-17405
 #
 pkgname=ruby
-pkgver=2.4.3
+pkgver=2.4.4
 _abiver="${pkgver%.*}.0"
 pkgrel=0
 pkgdesc="An object-oriented language for quick and easy programming"
@@ -243,5 +250,5 @@ _mvgem() {
 	done
 }
 
-sha512sums="fb4339e30c04d03b1422b6c32ede45902e072cd26325b36f3fc05c341d42eea6431d88718242dcc9ce24d9cad26f3d26772f2e806bd7d93f40be50268c318409  ruby-2.4.3.tar.bz2
+sha512sums="ae632852a5f413561d8134e9ef3bb82adb37317696dd293ef92cb76709ecd45718f14116ecce35b12f1c2dd53ccae8dabc7a924a270072b697512d11f4922347  ruby-2.4.4.tar.bz2
 cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538  rubygems-avoid-platform-specific-gems.patch"