diff options
author | Remco van 't Veer <remco@remworks.net> | 2023-05-19 13:09:17 +0200 |
---|---|---|
committer | Andreas Enge <andreas@enge.fr> | 2023-05-23 16:37:04 +0200 |
commit | cb193c0dd1deb89f9d7db4d065e3dc66d1168c1c (patch) | |
tree | a19dfb078719fecd13af2f7b7832a2fed5b5a7cd /gnu/packages | |
parent | 8927b20ba105bec8dbf43d00313ab90d6a418ab5 (diff) | |
download | guix-cb193c0dd1deb89f9d7db4d065e3dc66d1168c1c.tar.gz guix-cb193c0dd1deb89f9d7db4d065e3dc66d1168c1c.zip |
gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}]
Fixes: CVE-2023-28755 (ReDoS vulnerability in URI), and
CVE-2023-28756 (ReDoS vulnerability in Time).
* gnu/packages/ruby.scm (ruby-2.7-fixed): Update to 2.7.8.
(ruby-2.7)[replacement]: Graft.
Signed-off-by: Andreas Enge <andreas@enge.fr>
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/ruby.scm | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index dbd4127343..eb84367d15 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -163,6 +163,7 @@ a focus on simplicity and productivity.") (package (inherit ruby-2.6) (version "2.7.6") + (replacement ruby-2.7-fixed) ; security fixes (source (origin (inherit (package-source ruby-2.6)) @@ -200,7 +201,7 @@ a focus on simplicity and productivity.") (define ruby-2.7-fixed (package (inherit ruby-2.7) - (version "2.7.7") + (version "2.7.8") (source (origin (inherit (package-source ruby-2.7)) @@ -209,7 +210,7 @@ a focus on simplicity and productivity.") "/ruby-" version ".tar.gz")) (sha256 (base32 - "143vih5jzmrd2r5h94pa3qzml0ldii0qzs6g09jg6zqxd7djf0g1")))))) + "182vni66djmiqagwzfsd0za7x9k3zag43b88c590aalgphybdnn2")))))) (define-public ruby-3.0 (package |