ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-12-28 23:32:24 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: ruby-3.0: Upgrade to 3.0.6 [fixes CVE-2023-{28755, 28756}].

Browse source 
Fixes: CVE-2023-28755 (ReDoS vulnerability in URI), and
CVE-2023-28756 (ReDoS vulnerability in Time).

* gnu/packages/ruby.scm (ruby-3.0): Update to 3.0.6.

Signed-off-by: Andreas Enge <andreas@enge.fr>
This commit is contained in:
Remco van 't Veer 2023-03-31 07:30:58 +02:00 committed by Andreas Enge
parent 26b6c913cd
commit cd0a8950e4
No known key found for this signature in database
GPG key ID: F7D5C9BF765C61E3
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
gnu/packages/ruby.scm
View file

@ -29,7 +29,7 @@
;;; Copyright © 2020 Tomás Ortín Fernández <tomasortin@mailbox.org>
;;; Copyright © 2021 Giovanni Biscuolo <g@xelera.eu>
;;; Copyright © 2022 Philip McGrath <philip@philipmcgrath.com>
;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;; Copyright © 2022, 2023 Remco van 't Veer <remco@remworks.net>
;;; Copyright © 2022 Taiju HIGASHI <higashi@taiju.info>
;;; Copyright © 2023 Yovan Naumovski <yovan@gorski.stream>
;;;
@ -214,7 +214,7 @@ (define ruby-2.7-fixed
(define-public ruby-3.0
(package
(inherit ruby-2.7)
(version "3.0.5")
(version "3.0.6")
(source
(origin
(method url-fetch)
@ -223,7 +223,7 @@ (define-public ruby-3.0
"/ruby-" version ".tar.xz"))
(sha256
(base32
"1pnxbdkkh2miq9nqfq2qscvh76nprzg0r620d9ckdzih42xbaz6g"))))
"1lfvgm6jbspmwmc3haww83l1l8vl1airzi08ljrcz19dws9yxjxm"))))
(inputs
(modify-inputs (package-inputs ruby-2.7)
(replace "openssl" openssl)))))