Bug 1280296 - Rebase to the latest Ruby 2.2 point release
Rebase to the latest Ruby 2.2 point release
Status: ASSIGNED
Product: Red Hat Software Collections
Classification: Red Hat
Component: ruby (Show other bugs)
rh-ruby22
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 3.1
Assigned To: Vít Ondruch
BaseOS QE - Apps
: FutureFeature, Rebase
Depends On:
Blocks: 1432980
  Show dependency treegraph
 
Reported: 2015-11-11 07:32 EST by Vít Ondruch
Modified: 2017-09-15 12:31 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of:
: 1395796 (view as bug list)
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vít Ondruch 2015-11-11 07:32:55 EST
New Ruby 2.2 release is available. We should consider rebase.

https://www.ruby-lang.org/en/news/2015/08/18/ruby-2-2-3-released/
Comment 1 Scott Merrill 2016-03-14 10:12:37 EDT
I'd like to see this rebase occur, too.

https://bugzilla.redhat.com/show_bug.cgi?id=1317076
Comment 3 Vít Ondruch 2016-05-02 09:16:16 EDT
Please note that 2.2.5 is already released:

https://www.ruby-lang.org/en/news/2016/04/26/ruby-2-2-5-released/
Comment 7 Vít Ondruch 2017-03-29 04:01:03 EDT
https://www.ruby-lang.org/en/news/2017/03/28/ruby-2-2-7-released/

This is the last regular maintenance release of Ruby 2.2. After this, only security releases will be provided for one additional year.
Comment 11 Pavel Valena 2017-09-15 12:31:20 EDT
Latest Ruby 2.2 release:
https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/

Contains fixes for:
 - Bug CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
 - Bug CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
 - Bug CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
 - Bug CVE-2017-14064: Heap exposure in generating JSON
 - Multiple vulnerabilities in RubyGems

Note You need to log in before you can comment on or make changes to this bug.