[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-
From: |
guix-commits |
Subject: |
branch master updated: gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}] |
Date: |
Tue, 23 May 2023 11:07:31 -0400 |
This is an automated email from the git hooks/post-receive script.
andreas pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new cb193c0dd1 gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes
CVE-2023-{28755, 28756}]
cb193c0dd1 is described below
commit cb193c0dd1deb89f9d7db4d065e3dc66d1168c1c
Author: Remco van 't Veer <remco@remworks.net>
AuthorDate: Fri May 19 13:09:17 2023 +0200
gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}]
Fixes: CVE-2023-28755 (ReDoS vulnerability in URI), and
CVE-2023-28756 (ReDoS vulnerability in Time).
* gnu/packages/ruby.scm (ruby-2.7-fixed): Update to 2.7.8.
(ruby-2.7)[replacement]: Graft.
Signed-off-by: Andreas Enge <andreas@enge.fr>
---
gnu/packages/ruby.scm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index dbd4127343..eb84367d15 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -163,6 +163,7 @@ a focus on simplicity and productivity.")
(package
(inherit ruby-2.6)
(version "2.7.6")
+ (replacement ruby-2.7-fixed) ; security fixes
(source
(origin
(inherit (package-source ruby-2.6))
@@ -200,7 +201,7 @@ a focus on simplicity and productivity.")
(define ruby-2.7-fixed
(package
(inherit ruby-2.7)
- (version "2.7.7")
+ (version "2.7.8")
(source
(origin
(inherit (package-source ruby-2.7))
@@ -209,7 +210,7 @@ a focus on simplicity and productivity.")
"/ruby-" version ".tar.gz"))
(sha256
(base32
- "143vih5jzmrd2r5h94pa3qzml0ldii0qzs6g09jg6zqxd7djf0g1"))))))
+ "182vni66djmiqagwzfsd0za7x9k3zag43b88c590aalgphybdnn2"))))))
(define-public ruby-3.0
(package
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}],
guix-commits <=