mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-05 21:37:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/ruby: security upgrade to 2.5.1

Browse Source 
CVE-2017-17742: HTTP response splitting in WEBrick

CVE-2018-6914: Unintentional file and directory creation with directory
               traversal in tempfile and tmpdir

CVE-2018-8777: DoS by large request in WEBrick

CVE-2018-8778: Buffer under-read in String#unpack

CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
               UNIXServer and UNIXSocket

CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in
               Dir

ref #8747
This commit is contained in:
Natanael Copa 2018-03-29 14:13:19 +00:00
parent 56f7223fa0
commit 8e71f2e5fd
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
main/ruby/APKBUILD
View File

@ -3,6 +3,13 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
# 2.5.1-r0:
# - CVE-2017-17742
# - CVE-2018-6914
# - CVE-2018-8777
# - CVE-2018-8778
# - CVE-2018-8779
# - CVE-2018-8780
# 2.4.2-r0:
# - CVE-2017-0898
# - CVE-2017-10784
@ -16,9 +23,9 @@
# - CVE-2017-17405
#
pkgname=ruby
pkgver=2.5.0
pkgver=2.5.1
_abiver="${pkgver%.*}.0"
pkgrel=1
pkgrel=0
pkgdesc="An object-oriented language for quick and easy programming"
url="http://www.ruby-lang.org/en/"
arch="all"
@ -324,7 +331,7 @@ _mvgem() {
done
}
sha512sums="8f6fdf6708e7470f55bc009db2567cd8d4e633ad0678d83a015441ecf5b5d88bd7da8fb8533a42157ff83b74d00b6dc617d39bbb17fc2c6c12287a1d8eaa0f2c ruby-2.5.0.tar.bz2
sha512sums="82e799ecf7257a9f5fe8691c50a478b0f91bd4bdca50341c839634b0da5cd76c5556965cb9437264b66438434c94210c949fe9dab88cbc5b3b7fa34b5382659b ruby-2.5.1.tar.bz2
cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538 rubygems-avoid-platform-specific-gems.patch
814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch
8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch"