[Buildroot] [PATCH] package/ruby: security bump to version 3.0.2
Peter Korsgaard
peter at korsgaard.com
Mon Aug 9 18:08:48 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
>> Fixes the following security issues:
>> - CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
>> - CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
>> - CVE-2021-31799: A command injection vulnerability in RDoc
>> For more details, see the announcement:
>> https://www.ruby-lang.org/en/news/2021/07/07/ruby-3-0-2-released/
>> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> Committed, thanks.
Committed to 2021.05.x, thanks.
For 2021.02.x I have instead bumped to 2.7.4, which contains the same
fixes.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list