diff options
author | Armin Kuster <akuster808@gmail.com> | 2018-05-03 09:00:59 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-05-07 15:57:44 +0100 |
commit | 90068771dd6fbd0f90a133b9c1c95c71d7cf035f (patch) | |
tree | e2c45e3a0629c4259a6530c22be29da278e6b3e1 /meta/recipes-devtools | |
parent | da6716b70c07fe0432116d626d9f4340609b9ed5 (diff) | |
download | poky-90068771dd6fbd0f90a133b9c1c95c71d7cf035f.tar.gz |
ruby: Update to 2.4.4
The dot releases are maint only.
2.4.4 included:
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
2.4.3 includes:
CVE-2017-17405: Command injection vulnerability in Net::FTP
(From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_2.4.4.bb (renamed from meta/recipes-devtools/ruby/ruby_2.4.2.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-devtools/ruby/ruby_2.4.2.bb b/meta/recipes-devtools/ruby/ruby_2.4.4.bb index 239d775f14..61fcedbf82 100644 --- a/meta/recipes-devtools/ruby/ruby_2.4.2.bb +++ b/meta/recipes-devtools/ruby/ruby_2.4.4.bb | |||
@@ -8,8 +8,8 @@ SRC_URI += " \ | |||
8 | file://ruby-CVE-2017-9229.patch \ | 8 | file://ruby-CVE-2017-9229.patch \ |
9 | " | 9 | " |
10 | 10 | ||
11 | SRC_URI[md5sum] = "fe106eed9738c4e03813ab904f8d891c" | 11 | SRC_URI[md5sum] = "d50e00ccc1c9cf450f837b92d3ed3e88" |
12 | SRC_URI[sha256sum] = "93b9e75e00b262bc4def6b26b7ae8717efc252c47154abb7392e54357e6c8c9c" | 12 | SRC_URI[sha256sum] = "254f1c1a79e4cc814d1e7320bc5bdd995dc57e08727d30a767664619a9c8ae5a" |
13 | 13 | ||
14 | # it's unknown to configure script, but then passed to extconf.rb | 14 | # it's unknown to configure script, but then passed to extconf.rb |
15 | # maybe it's not really needed as we're hardcoding the result with | 15 | # maybe it's not really needed as we're hardcoding the result with |