sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
generic-poky/meta/recipes-devtools/ruby
History
Armin Kuster 90068771dd ruby: Update to 2.4.4 
The dot releases are maint only.

2.4.4 included:
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir

2.4.3 includes:
CVE-2017-17405: Command injection vulnerability in Net::FTP

(From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 		2018-05-07 15:57:44 +01:00
..
ruby ruby: Security fix for CVE-2017-14064 2017-11-05 22:39:49 +00:00
ruby.inc ruby: remove spurious db build dependency 2018-05-07 15:57:44 +01:00
ruby_2.4.4.bb ruby: Update to 2.4.4 2018-05-07 15:57:44 +01:00