From 2bca463f44d9173ec85a225d482bb2f3a634bf95 Mon Sep 17 00:00:00 2001
From: Thiruvadi Rajaraman <trajaraman@mvista.com>
Date: Sat, 4 Nov 2017 10:30:06 -0700
Subject: ruby: Security fix for CVE-2016-7798

affectes ruby < 2.3.1

Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit 6af2319008dc16c61092f71ff227c285aac51288)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta/recipes-devtools/ruby/ruby_2.2.5.bb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-devtools/ruby/ruby_2.2.5.bb')

diff --git a/meta/recipes-devtools/ruby/ruby_2.2.5.bb b/meta/recipes-devtools/ruby/ruby_2.2.5.bb
index 9238199fcf..bae1697cc4 100644
--- a/meta/recipes-devtools/ruby/ruby_2.2.5.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.2.5.bb
@@ -3,7 +3,9 @@ require ruby.inc
 SRC_URI[md5sum] = "bd8e349d4fb2c75d90817649674f94be"
 SRC_URI[sha256sum] = "30c4b31697a4ca4ea0c8db8ad30cf45e6690a0f09687e5d483c933c03ca335e3"
 
-SRC_URI += "file://prevent-gc.patch"
+SRC_URI += "file://prevent-gc.patch \
+            file://CVE-2016-7798.patch \
+"
 
 # it's unknown to configure script, but then passed to extconf.rb
 # maybe it's not really needed as we're hardcoding the result with
-- 
cgit 1.2.3-korg