Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-02-12 | ruby: remove CVE-2018-1000073.patch as already fixed | Grandbois, Brett | |
rubygems 2.7.6 which is in ruby 2.5.3 has this fix and as currently applied all gem extraction fails as the realpath check is done against the full path including the file to be extracted which will always fail as the file hasnt been extracted yet Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | |||
2018-07-26 | ruby: security fix CVE 2018-1000073 | Joe Slater | |
Directory traversal vulnerability as described by https://nvd.nist.gov/vuln/detail/CVE-2018-1000073. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> |