[Buildroot] [PATCH] ruby: security bump to version 2.4.5
Peter Korsgaard
peter at korsgaard.com
Tue Oct 30 20:05:31 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2018-16396: Tainted flags are not propagated in Array#pack and
> String#unpack with some directives
> https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
> - CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
> https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/
> Update hash of LEGAL as it had a few (wayback machine) URLs added/changed.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list