| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial
of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-27220
Upstream-patch:
https://github.com/ruby/cgi/commit/cd1eb08076c8b8e310d4d553d427763f2577a1b6
(From OE-Core rev: 8c31f8e142894f103409ee10deccc22fdeea897c)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from [https://github.com/ruby/cgi/commit/9907b76dad0777ee300de236dad4b559e07596ab]
(From OE-Core rev: 7e0a96b5c0b7a5ca593df83861086d0980ea72e9)
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
Includes fix for CVE-2024-41123 & CVE-2024-41946
Release notes:
https://github.com/ruby/ruby/releases/tag/v3_3_5
Rebase:
0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
0006-Make-gemspecs-reproducible.patch
Drop:
0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch
0002-Obey-LDFLAGS-for-the-link-of-libruby.patch
CVE-2023-36617_1.patch
CVE-2023-36617_2.patch
CVE-2024-27281.patch
CVE-2024-27282.patch
(merged upstream)
0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch
0002-template-Makefile.in-filter-out-f-prefix-map.patch
remove_has_include_macros.patch
(code rewritten upstream)
License-Update: Updated LEGAL section
(From OE-Core rev: 69ffe5bc09260918fb32bfcb29586dcaa1958a5c)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
