ruby: update to 2.4.3 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Armin Kuster <akuster808@gmail.com>	2018-02-19 13:06:35 -0800
committer	Armin Kuster <akuster808@gmail.com>	2018-02-22 11:11:47 -0800
commit	88d4ad63f651ff1227a58f6d226d66a0b35289a7 (patch)
tree	88f7984d29953c6167bdfed00926e142b9d471b1 /meta/recipes-extended/tzdata/tzdata_2016i.bb
parent	159e006ae73c039a2e9054d337b310fd3fac53ba (diff)
download	openembedded-core-contrib-88d4ad63f651ff1227a58f6d226d66a0b35289a7.tar.gz

ruby: update to 2.4.3

This fixes a segfault in arm64 multilib. Drop CVE-2017-14064.patch Additional CVE included are 2.4.3: CVE-2017-17405: Command injection vulnerability in Net::FTP Additional CVE included are 2.4.2: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode CVE-2017-14064: Heap exposure in generating JSON Ruby Gems: DNS request hijacking vulnerability. (CVE-2017-0902) ANSI escape sequence vulnerability. (CVE-2017-0899) DoS vulnerability in the query command. (CVE-2017-0900) vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 4ba60ef149da41b1adc48f7a6c0aa1a14905a4e3) Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta/recipes-extended/tzdata/tzdata_2016i.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: