diff options
author | Alexander Kanavin <alex.kanavin@gmail.com> | 2022-12-13 12:11:14 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-01-06 17:32:38 +0000 |
commit | 025bac703bc9682c67ded480226e6125226d5372 (patch) | |
tree | 3ea9e607d6595c4269e3a3e85f2314ac19b50d55 | |
parent | 171ecaea24d55552bde5cbd72abb55dfe6a7de64 (diff) | |
download | openembedded-core-025bac703bc9682c67ded480226e6125226d5372.tar.gz |
ruby: update 3.1.2 -> 3.1.3
This release includes security fixes. Please check the topics below for details.
CVE-2022-28738: Double free in Regexp compilation
CVE-2022-28739: Buffer overrun in String-to-Float conversion
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 402254a5f841520b132508c21465111d33b6eb1a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch | 36 | ||||
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_3.1.3.bb (renamed from meta/recipes-devtools/ruby/ruby_3.1.2.bb) | 3 |
2 files changed, 1 insertions, 38 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch b/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch deleted file mode 100644 index 5d0f8fcc09..0000000000 --- a/meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 222203297966f312109e8eaa2520f2cf2f59c09d Mon Sep 17 00:00:00 2001 -From: Alan Wu <XrXr@users.noreply.github.com> -Date: Thu, 31 Mar 2022 17:26:28 -0400 -Subject: [PATCH] Remove dependency on libcapstone - -We have received reports of build failures due to this configuration -check modifying compile flags. Since only YJIT devs use this library -we can remove it to make Ruby easier to build for users. - -See: https://github.com/rbenv/ruby-build/discussions/1933 - -Upstream-Status: Backport ---- - configure.ac | 9 --------- - 1 file changed, 9 deletions(-) - -Index: ruby-3.1.2/configure.ac -=================================================================== ---- ruby-3.1.2.orig/configure.ac -+++ ruby-3.1.2/configure.ac -@@ -1244,15 +1244,6 @@ AC_CHECK_LIB(dl, dlopen) # Dynamic linki - AC_CHECK_LIB(dld, shl_load) # Dynamic linking for HP-UX - AC_CHECK_LIB(socket, shutdown) # SunOS/Solaris - --if pkg-config --exists capstone; then -- CAPSTONE_CFLAGS=`pkg-config --cflags capstone` -- CAPSTONE_LIB_L=`pkg-config --libs-only-L capstone` -- LDFLAGS="$LDFLAGS $CAPSTONE_LIB_L" -- CFLAGS="$CFLAGS $CAPSTONE_CFLAGS" --fi -- --AC_CHECK_LIB(capstone, cs_open) # Capstone disassembler for debugging YJIT -- - dnl Checks for header files. - AC_HEADER_DIRENT - dnl AC_HEADER_STDC has been checked in AC_USE_SYSTEM_EXTENSIONS diff --git a/meta/recipes-devtools/ruby/ruby_3.1.2.bb b/meta/recipes-devtools/ruby/ruby_3.1.3.bb index 0115daf22a..c8454da3a9 100644 --- a/meta/recipes-devtools/ruby/ruby_3.1.2.bb +++ b/meta/recipes-devtools/ruby/ruby_3.1.3.bb @@ -29,7 +29,6 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ - file://0001-Remove-dependency-on-libcapstone.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" @@ -50,7 +49,7 @@ do_configure:prepend() { DEPENDS:append:libc-musl = " libucontext" -SRC_URI[sha256sum] = "61843112389f02b735428b53bb64cf988ad9fb81858b8248e22e57336f24a83e" +SRC_URI[sha256sum] = "5ea498a35f4cd15875200a52dde42b6eb179e1264e17d78732c3a57cd1c6ab9e" PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" |