ruby: fix CVE-2017-922{6-9}

CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value (From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Joe Slater <jslater@windriver.com> 2017-08-18 10:43:44 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-09-11 22:15:51 +0100
commit: 4077e088b6e750c4143a59c5d89258ab682ed96b (patch)
tree: 4f1d2784a7c00d8aaaf077443294f9e347ed766b /meta/recipes-devtools/ruby/ruby_2.4.0.bb
parent: 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0 (diff)
download: openembedded-core-4077e088b6e750c4143a59c5d89258ab682ed96b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby_2.4.0.bb b/meta/recipes-devtools/ruby/ruby_2.4.0.bb
index 47e521db84..f1bd8289b6 100644
--- a/meta/recipes-devtools/ruby/ruby_2.4.0.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.4.0.bb
@@ -2,6 +2,10 @@ require ruby.inc
 
 SRC_URI += " \
            file://ruby-CVE-2017-9224.patch \
+           file://ruby-CVE-2017-9226.patch \
+           file://ruby-CVE-2017-9227.patch \
+           file://ruby-CVE-2017-9228.patch \
+           file://ruby-CVE-2017-9229.patch \
            "
 
 SRC_URI[md5sum] = "7e9485dcdb86ff52662728de2003e625"
author	Joe Slater <jslater@windriver.com>	2017-08-18 10:43:44 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 22:15:51 +0100
commit	4077e088b6e750c4143a59c5d89258ab682ed96b (patch)
tree	4f1d2784a7c00d8aaaf077443294f9e347ed766b /meta/recipes-devtools/ruby/ruby_2.4.0.bb
parent	7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0 (diff)
download	openembedded-core-4077e088b6e750c4143a59c5d89258ab682ed96b.tar.gz