summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/ruby
Commit message (Collapse)AuthorAgeFilesLines
* ruby: update to 2.4.3Armin Kuster2018-03-042-356/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a segfault in arm64 multilib. Drop CVE-2017-14064.patch Additional CVE included are 2.4.3: CVE-2017-17405: Command injection vulnerability in Net::FTP Additional CVE included are 2.4.2: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode CVE-2017-14064: Heap exposure in generating JSON Ruby Gems: DNS request hijacking vulnerability. (CVE-2017-0902) ANSI escape sequence vulnerability. (CVE-2017-0899) DoS vulnerability in the query command. (CVE-2017-0900) vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) (From OE-Core rev: 5bf664ba85c06d17c6e8c200301e42bc5fdab75e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: update to 2.4.0Alexander Kanavin2018-01-1415-437/+516
| | | | | | | | | | | | | | | | | Existing version of ruby-native (2.2.5) was crashing on my machine (and others' too), yet a functional ruby is necessary to upgrade webkit to a version that less vulnerable to Spectre. I've performed the update by copying the ruby recipe directory over from the current pyro tree; if you want to see the list of specific commits, issue this command: git log 99656fecf4fa6e24ba49ecb7f26f893e733818a0 meta/recipes-devtools/ruby (up to commit e593d3aeb2ea5f08d6e0753133fe89e345b339e8) (From OE-Core rev: 4734a4b41898e3df252b6234ed1270a915fd1f68) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-14064Rajkumar Veer2017-11-212-0/+80
| | | | | | | | | | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 (From OE-Core rev: 8d53b03e8fa1bc20c0d77d6cd7869bd7f7325987) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-14033Rajkumar Veer2017-11-212-0/+90
| | | | | | | | | | affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 (From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9229Thiruvadi Rajaraman2017-11-212-0/+37
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Secruity fix for CVE-2017-9226Thiruvadi Rajaraman2017-11-212-0/+34
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9228Thiruvadi Rajaraman2017-11-212-0/+27
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9227Thiruvadi Rajaraman2017-11-212-0/+25
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2016-7798Thiruvadi Rajaraman2017-11-212-1/+167
| | | | | | | | | | affectes ruby < 2.3.1 (From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix build of ruby-native with gcc7Joshua Lock2017-11-212-0/+34
| | | | | | | | | | | | | | | Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change fix in Ruby SVN r57410 to apply to ruby 2.2.5: https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410 Fixes [YOCTO #12271] (From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: obey LDFLAGS for the link of librubyChristopher Larson2016-05-142-1/+30
| | | | | | | (From OE-Core rev: 8da33111c924be0bef8e175c53dbd3a439dc9788) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Upgrade to 2.2.5Khem Raj2016-05-131-6/+2
| | | | | | | | | | This is latest in 2.2 series, helps with compile using clang (From OE-Core rev: 9f1a8cc84105b077cb5896997b220f1f583075b5) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: break out ri-docs and rdoc into separate packagesIoan-Adrian Ratiu2016-02-191-2/+11
| | | | | | | | | | | | | | | | | The ri (Ruby Interactive) documentation for the Ruby standard library consumes a significant amount of space on disk. It is useful to developers, but is usually not necessary for users who just want to run applications written in Ruby. Break it out into a separate package so Ruby can be installed without it. Also break out the rdoc documentation generator in its own package. (From OE-Core rev: adc53d40932151b4822ce2ac74cb31306684ba95) Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: more removals of redunant FILES_${PN}-dbgRoss Burton2015-12-161-5/+0
| | | | | | | | | | In some recipes overly-split -dbg packages were merged into PN-dbg. Unless there's a very good reason, recipes should have a single -dev and -dbg package. (From OE-Core rev: a3b000643898d7402b9e57c02e8d10e677cc9722) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby-native: Depend on openssl-nativeKhem Raj2015-12-011-1/+1
| | | | | | | | | | | | | | | | | This dependency is floating otherwise, It races against openssl-native and when openssl config does not match with openssl on build host the build fails occasionally x86_64-linux/usr/include/openssl/ripemd.h:70:4: error: #error RIPEMD is disabled. # error RIPEMD is disabled. Change-Id: I5ff6d8f058ff99c64ad4dc7c0377724071003ae6 (From OE-Core rev: d0c8d98077622a700d92384f676770cb4d6d4f46) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: add a recipe from meta-rubyAlexander Kanavin2015-09-123-0/+93
Ruby is required to build webkit. Use trim_version() to build the major release, and remove redundant S assignment (RB). (From OE-Core rev: 10fd3b41449d1af15ac9432bc1a7fe26c6f1dae1) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-27 10:56:14 +0000