ruby: update to 2.4.3 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Armin Kuster <akuster808@gmail.com>	2018-02-19 13:06:35 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-03-04 11:12:12 +0000
commit	c323026d9ca3f57628dca4114ed394a279637427 (patch)
tree	9152e5fcddf83c40946b79c0e75f43caf8c4b2f4 /meta/recipes-support/p11-kit/p11-kit_0.22.1.bb
parent	3c735b01da4ddcf81b426b9f032e8f8494401fae (diff)
download	poky-c323026d9ca3f57628dca4114ed394a279637427.tar.gz

ruby: update to 2.4.3

This fixes a segfault in arm64 multilib. Drop CVE-2017-14064.patch Additional CVE included are 2.4.3: CVE-2017-17405: Command injection vulnerability in Net::FTP Additional CVE included are 2.4.2: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode CVE-2017-14064: Heap exposure in generating JSON Ruby Gems: DNS request hijacking vulnerability. (CVE-2017-0902) ANSI escape sequence vulnerability. (CVE-2017-0899) DoS vulnerability in the query command. (CVE-2017-0900) vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) (From OE-Core rev: 5bf664ba85c06d17c6e8c200301e42bc5fdab75e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-support/p11-kit/p11-kit_0.22.1.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: