ruby: fix CVE-2017-922{6-9}

CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value

(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)

(From OE-Core rev: 4077e088b6e750c4143a59c5d89258ab682ed96b)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 4 insertions, 0 deletions

diff --git a/meta/recipes-devtools/ruby/ruby_2.4.0.bb b/meta/recipes-devtools/ruby/ruby_2.4.0.bb
index 47e521db84..f1bd8289b6 100644
--- a/meta/recipes-devtools/ruby/ruby_2.4.0.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.4.0.bb
@@ -2,6 +2,10 @@ require ruby.inc
 
 SRC_URI += " \
            file://ruby-CVE-2017-9224.patch \
+           file://ruby-CVE-2017-9226.patch \
+           file://ruby-CVE-2017-9227.patch \
+           file://ruby-CVE-2017-9228.patch \
+           file://ruby-CVE-2017-9229.patch \
            "
 
 SRC_URI[md5sum] = "7e9485dcdb86ff52662728de2003e625"