CVS: cvs.openbsd.org: ports

Jeremy Evans Fri, 26 Apr 2024 11:13:36 -0700

CVSROOT:        /cvs
Module name:    ports
Changes by:     jer...@cvs.openbsd.org  2024/04/26 12:13:28


Modified files:
        lang/ruby/3.1  : Tag: OPENBSD_7_5 Makefile distinfo 
        lang/ruby/3.1/patches: Tag: OPENBSD_7_5 patch-compile_c 
                               patch-configure 
                               patch-coroutine_amd64_Context_S 
        lang/ruby/3.1/pkg: Tag: OPENBSD_7_5 PLIST-main PLIST-ri_docs 
Added files:
        lang/ruby/3.1/patches: Tag: OPENBSD_7_5 
                               patch-ext_fiddle_closure_c 

Log message:
Update to Ruby 3.1.5

Fixes:

CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
CVE-2024-27280: Buffer overread vulnerability in StringIO

Fix a bad backport in the fiddle extension that breaks compilation.

OK tb@

CVS: cvs.openbsd.org: ports

Reply via email to