Bug 1395796
Summary: | Rebase to the latest Ruby 2.3 point release | |||
---|---|---|---|---|
Product: | Red Hat Software Collections | Reporter: | Vít Ondruch <vondruch> | |
Component: | ruby | Assignee: | Pavel Valena <pvalena> | |
Status: | CLOSED CURRENTRELEASE | QA Contact: | BaseOS QE - Apps <qe-baseos-apps> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | rh-ruby23 | CC: | bgollahe, dkochuka, hhorak, jorton, pvalena, qe-baseos-apps, skippy | |
Target Milestone: | --- | Keywords: | FutureFeature, Rebase | |
Target Release: | 3.1 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Rebase: Bug Fixes and Enhancements | ||
Doc Text: |
Rebase package(s) to version: 2.3.6
Highlights, important fixes, or notable enhancements:
Upgrade to rubygems 2.5.2.2
Upgrade to molinillo 0.4.1
Upgrade to json 1.8.3.1
Upgrade to minitest 5.8.5
Upgrade to psych 2.1.0.1
|
Story Points: | --- | |
Clone Of: | 1280296 | |||
: | 1549649 (view as bug list) | Environment: | ||
Last Closed: | 2019-06-19 11:02:04 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1549649 |
Description
Vít Ondruch
2016-11-16 17:09:06 UTC
Latest Ruby 2.3 release: https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/ Contains fixes for: - CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf - CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick - CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode - CVE-2017-14064: Heap exposure in generating JSON - Multiple vulnerabilities in RubyGems Ruby 2.3.6 is available: https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-3-6-released/ |