diff options
author | Joe Slater <jslater@windriver.com> | 2017-08-18 10:43:44 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-11 22:15:51 +0100 |
commit | 4077e088b6e750c4143a59c5d89258ab682ed96b (patch) | |
tree | 4f1d2784a7c00d8aaaf077443294f9e347ed766b /meta/recipes-devtools/ruby/ruby_2.4.0.bb | |
parent | 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0 (diff) | |
download | openembedded-core-4077e088b6e750c4143a59c5d89258ab682ed96b.tar.gz |
ruby: fix CVE-2017-922{6-9}
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby_2.4.0.bb')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_2.4.0.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby_2.4.0.bb b/meta/recipes-devtools/ruby/ruby_2.4.0.bb index 47e521db84..f1bd8289b6 100644 --- a/meta/recipes-devtools/ruby/ruby_2.4.0.bb +++ b/meta/recipes-devtools/ruby/ruby_2.4.0.bb @@ -2,6 +2,10 @@ require ruby.inc SRC_URI += " \ file://ruby-CVE-2017-9224.patch \ + file://ruby-CVE-2017-9226.patch \ + file://ruby-CVE-2017-9227.patch \ + file://ruby-CVE-2017-9228.patch \ + file://ruby-CVE-2017-9229.patch \ " SRC_URI[md5sum] = "7e9485dcdb86ff52662728de2003e625" |