diff options
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2018-1000073.patch | 34 | ||||
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_2.5.3.bb | 1 |
2 files changed, 0 insertions, 35 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2018-1000073.patch b/meta/recipes-devtools/ruby/ruby/CVE-2018-1000073.patch deleted file mode 100644 index 22fa1b5f4d..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2018-1000073.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 1b931fc03b819b9a0214be3eaca844ef534175e2 Mon Sep 17 00:00:00 2001 -From: Jonathan Claudius <jclaudius@mozilla.com> -Date: Wed, 7 Feb 2018 23:54:52 -0500 -Subject: [PATCH] Non-working patch for deducing symlinked base-dirs - ---- -CVE: CVE-2018-1000073 - -Fixed in ruby 2.7.6. - -Upstream-Status: Backport [github.com/rubygems/rubygems/commit/1b931fc...] - -Signed-off-by: Joe Slater <joe.slater@windriver.com> - ---- - lib/rubygems/package.rb | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb -index dede959..cb9c74a 100644 ---- a/lib/rubygems/package.rb -+++ b/lib/rubygems/package.rb -@@ -421,6 +421,8 @@ EOM - destination_dir = File.expand_path destination_dir - - destination = File.join destination_dir, filename -+ destination = File.realpath destination if -+ File.respond_to? :realpath - destination = File.expand_path destination - - raise Gem::Package::PathError.new(destination, destination_dir) unless --- -1.7.9.5 - diff --git a/meta/recipes-devtools/ruby/ruby_2.5.3.bb b/meta/recipes-devtools/ruby/ruby_2.5.3.bb index e9f0453788..3fb427e90e 100644 --- a/meta/recipes-devtools/ruby/ruby_2.5.3.bb +++ b/meta/recipes-devtools/ruby/ruby_2.5.3.bb @@ -3,7 +3,6 @@ require ruby.inc SRC_URI += " \ file://ruby-CVE-2017-9226.patch \ file://ruby-CVE-2017-9228.patch \ - file://CVE-2018-1000073.patch \ " SRC_URI[md5sum] = "20c85b67846d49622ef3b24230803fef" |