ruby: security bump to version 2.4.5
Fixes the following security issues:
- CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
- CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/
Update hash of LEGAL as it had a few (wayback machine) URLs added/changed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
projects / buildroot.git / commit