diff options
author | Joe Slater <jslater@windriver.com> | 2017-08-18 10:43:44 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-11 22:15:58 +0100 |
commit | c63480c9605a22b3000dc4f0e9198e67365832e9 (patch) | |
tree | 06f61b7391e60f35eba0675e96ce225776e1a242 /meta/recipes-devtools/ruby/ruby_2.4.0.bb | |
parent | 62e244d71354f20e8680606e015565690f1bd4f5 (diff) | |
download | poky-c63480c9605a22b3000dc4f0e9198e67365832e9.tar.gz |
ruby: fix CVE-2017-922{6-9}
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)
(From OE-Core rev: 4077e088b6e750c4143a59c5d89258ab682ed96b)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby_2.4.0.bb')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_2.4.0.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby_2.4.0.bb b/meta/recipes-devtools/ruby/ruby_2.4.0.bb index 47e521db84..f1bd8289b6 100644 --- a/meta/recipes-devtools/ruby/ruby_2.4.0.bb +++ b/meta/recipes-devtools/ruby/ruby_2.4.0.bb | |||
@@ -2,6 +2,10 @@ require ruby.inc | |||
2 | 2 | ||
3 | SRC_URI += " \ | 3 | SRC_URI += " \ |
4 | file://ruby-CVE-2017-9224.patch \ | 4 | file://ruby-CVE-2017-9224.patch \ |
5 | file://ruby-CVE-2017-9226.patch \ | ||
6 | file://ruby-CVE-2017-9227.patch \ | ||
7 | file://ruby-CVE-2017-9228.patch \ | ||
8 | file://ruby-CVE-2017-9229.patch \ | ||
5 | " | 9 | " |
6 | 10 | ||
7 | SRC_URI[md5sum] = "7e9485dcdb86ff52662728de2003e625" | 11 | SRC_URI[md5sum] = "7e9485dcdb86ff52662728de2003e625" |