sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
46,062 Commits 8 Branches 0 Tags 142 MiB
Commit Graph

19 Commits

Author SHA1 Message Date
Armin Kuster 90068771dd ruby: Update to 2.4.4 
The dot releases are maint only.

2.4.4 included:
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir

2.4.3 includes:
CVE-2017-17405: Command injection vulnerability in Net::FTP

(From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-05-07 15:57:44 +01:00
Andre McCurdy da6716b70c ruby: fix typo in gmp PACKAGECONFIG option 
(From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761)

(From OE-Core rev: a9b55cbec9f5ff11f92f50c529049e83ac898043)

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-05-07 15:57:44 +01:00
Ross Burton f24ffeefb1 ruby: remove spurious db build dependency 
The dbm module uses gdbm by default which is also a build dependency.

(From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9)

(From OE-Core rev: 20d9821e9131c3d715ed629ad38eed802f737056)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-05-07 15:57:44 +01:00
Leonardo Sandoval 82528b2f84 ruby: upgrade to 2.4.2 
The CVE-2017-14064 patch is already at 2.4.2 as explained on
project's commit, so removing from the recipe & repo.

    commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153
    Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
    Date:   Wed Apr 12 00:21:18 2017 +0000

        Merge json-2.0.4.

          * https://github.com/flori/json/releases/tag/v2.0.4
          * 09fabeb03e/CHANGES.md (2017-03-23-204)

        git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

(From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438)

(From OE-Core rev: 4562790471c7e3f3e393cd3e8b77d28ed4196452)

Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fixup for pyro context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-05-07 15:57:44 +01:00
Leonardo Sandoval 5c9e4bbba7 ruby: upgrade to 2.4.1 
(From OE-Core rev: 3ff2d0bc7a8e7a7e8c8e953dc0ccf84d891688ef)

(From OE-Core rev: b102521a146197749dc1493307f222cbf0292921)

Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fixup for pyro context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-05-07 15:57:44 +01:00
Armin Kuster 99656fecf4 ruby: Security fix for CVE-2017-14064 
affects ruby < 2.4.1

(From OE-Core rev: 2db9d0854239bca9d5c4efde808a1931c4c0ca0e)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-11-05 22:39:49 +00:00
Joe Slater c63480c960 ruby: fix CVE-2017-922{6-9} 
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value

(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)

(From OE-Core rev: 4077e088b6e750c4143a59c5d89258ab682ed96b)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-09-11 22:15:58 +01:00
Joe Slater 62e244d713 ruby: fix CVE-2017-9224 
Use DATA_ENSURE(1) before access.

(From OE-Core rev: 9db907a0bd331c47c4882b82f9f1d2a7ef1f6d1f)

(From OE-Core rev: 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Fixed up to get to apply

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-09-11 22:15:58 +01:00
Leonardo Sandoval db9b183d5c ruby: upgrade 2.3.3 -> 2.4.0 
Two LIC_FILES_CHKSUM checksums changed (COPYING and LEGAL) but LICENSE remains
the same.

(From OE-Core rev: 2bbad067b6b928d4615df938d0e41fa84e451c15)

Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-03-01 23:27:11 +00:00
Alexander Kanavin 922bfed3f6 ruby: fix upstream version check 
(From OE-Core rev: 0299731f9c11fda2e0a17600f758e0d7ff31fbbe)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-03-01 23:27:08 +00:00
Peter Kjellerstedt 254bfb1071 recipes: Make use of the new bb.utils.filter() function 
(From OE-Core rev: 0a1427bf9aeeda6bee2cc0af8da4ea5fd90aef6f)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-03-01 11:17:45 +00:00
Edwin Plauchu 0dd8aeb884 ruby: upgrade to 2.3.3 
(From OE-Core rev: 99000d8bc30fe1eed60499140efa3a4cf0360478)

Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-12-22 08:50:16 +00:00
Edwin Plauchu 1d0c124cdf ruby: upgrade to 2.3.1 
(From OE-Core rev: 11063a01d4511b2688ea7ba2d7359e4e07328c66)

Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-11-30 15:48:09 +00:00
Christopher Larson e593d3aeb2 ruby: obey LDFLAGS for the link of libruby 
(From OE-Core rev: 8da33111c924be0bef8e175c53dbd3a439dc9788)

Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-05-14 23:05:11 +01:00
Khem Raj 0dcc42c9ab ruby: Upgrade to 2.2.5 
This is latest in 2.2 series, helps with compile
using clang

(From OE-Core rev: 9f1a8cc84105b077cb5896997b220f1f583075b5)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-05-13 13:41:31 +01:00
Ioan-Adrian Ratiu af7e516640 ruby: break out ri-docs and rdoc into separate packages 
The ri (Ruby Interactive) documentation for the Ruby standard library
consumes a significant amount of space on disk. It is useful to
developers, but is usually not necessary for users who just want to run
applications written in Ruby.  Break it out into a separate package so
Ruby can be installed without it.

Also break out the rdoc documentation generator in its own package.

(From OE-Core rev: adc53d40932151b4822ce2ac74cb31306684ba95)

Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-02-19 01:01:25 +00:00
Ross Burton 455ff32426 meta: more removals of redunant FILES_${PN}-dbg 
In some recipes overly-split -dbg packages were merged into PN-dbg.  Unless
there's a very good reason, recipes should have a single -dev and -dbg package.

(From OE-Core rev: a3b000643898d7402b9e57c02e8d10e677cc9722)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2015-12-16 11:56:30 +00:00
Khem Raj e677c25729 ruby-native: Depend on openssl-native 
This dependency is floating otherwise, It races against openssl-native
and when openssl config does not match with openssl on build host the
build fails occasionally

x86_64-linux/usr/include/openssl/ripemd.h:70:4: error: #error RIPEMD is
disabled.
 #  error RIPEMD is disabled.

Change-Id: I5ff6d8f058ff99c64ad4dc7c0377724071003ae6
(From OE-Core rev: d0c8d98077622a700d92384f676770cb4d6d4f46)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2015-12-01 21:32:07 +00:00
Alexander Kanavin 206049f609 ruby: add a recipe from meta-ruby 
Ruby is required to build webkit.

Use trim_version() to build the major release, and remove redundant S assignment
(RB).

(From OE-Core rev: 10fd3b41449d1af15ac9432bc1a7fe26c6f1dae1)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2015-09-12 22:48:26 +01:00