mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-25 05:48:07 -05:00
gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}]
Fixes: CVE-2023-28755 (ReDoS vulnerability in URI), and CVE-2023-28756 (ReDoS vulnerability in Time). * gnu/packages/ruby.scm (ruby-2.7-fixed): Update to 2.7.8. (ruby-2.7)[replacement]: Graft. Signed-off-by: Andreas Enge <andreas@enge.fr>
This commit is contained in:
parent
8927b20ba1
commit
cb193c0dd1
1 changed files with 3 additions and 2 deletions
|
@ -163,6 +163,7 @@ (define-public ruby-2.7
|
|||
(package
|
||||
(inherit ruby-2.6)
|
||||
(version "2.7.6")
|
||||
(replacement ruby-2.7-fixed) ; security fixes
|
||||
(source
|
||||
(origin
|
||||
(inherit (package-source ruby-2.6))
|
||||
|
@ -200,7 +201,7 @@ (define-public ruby-2.7
|
|||
(define ruby-2.7-fixed
|
||||
(package
|
||||
(inherit ruby-2.7)
|
||||
(version "2.7.7")
|
||||
(version "2.7.8")
|
||||
(source
|
||||
(origin
|
||||
(inherit (package-source ruby-2.7))
|
||||
|
@ -209,7 +210,7 @@ (define ruby-2.7-fixed
|
|||
"/ruby-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"143vih5jzmrd2r5h94pa3qzml0ldii0qzs6g09jg6zqxd7djf0g1"))))))
|
||||
"182vni66djmiqagwzfsd0za7x9k3zag43b88c590aalgphybdnn2"))))))
|
||||
|
||||
(define-public ruby-3.0
|
||||
(package
|
||||
|
|
Loading…
Reference in a new issue