From: Peter Korsgaard Date: Sun, 8 Aug 2021 18:20:55 +0000 (+0200) Subject: package/ruby: security bump to version 3.0.2 X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=c91e82b25f8d8f2eb7985ed2acf9d5577b5f892a;p=buildroot.git package/ruby: security bump to version 3.0.2 Fixes the following security issues: - CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP - CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP - CVE-2021-31799: A command injection vulnerability in RDoc For more details, see the announcement: https://www.ruby-lang.org/en/news/2021/07/07/ruby-3-0-2-released/ Signed-off-by: Peter Korsgaard --- diff --git a/package/ruby/ruby.hash b/package/ruby/ruby.hash index b79596e57a..e3510cc97e 100644 --- a/package/ruby/ruby.hash +++ b/package/ruby/ruby.hash @@ -1,5 +1,5 @@ -# https://www.ruby-lang.org/en/news/2021/04/05/ruby-3-0-1-released/ -sha512 97d2e883656060846b304368d9d836e2f3ef39859c36171c9398a0573818e4ed75bfd7460f901a9553f7f53518c505327a66e74f83704a881469f5ac61fe13d7 ruby-3.0.1.tar.xz +# https://www.ruby-lang.org/en/news/2021/07/07/ruby-3-0-2-released/ +sha512 0f702e2d8ca1342a9d4284dbdd234a3588e057b92566353aa7c21835cf09a3932864b2acf459a976960a1704e9befa562155d36b98b7cda8bd99526e10a374c4 ruby-3.0.2.tar.xz # License files, Locally calculated sha256 274f8d7983052448e7fd691c81043465c92ee6fb7bd8ab3f20a7997862f2778e LEGAL sha256 967586d538a28955ec2541910cf63c5ac345fcdea94bfb1f1705a1f6eb36bcbb COPYING diff --git a/package/ruby/ruby.mk b/package/ruby/ruby.mk index a71ca3a8a2..7e0266c6df 100644 --- a/package/ruby/ruby.mk +++ b/package/ruby/ruby.mk @@ -5,8 +5,8 @@ ################################################################################ RUBY_VERSION_MAJOR = 3.0 -RUBY_VERSION = $(RUBY_VERSION_MAJOR).1 -RUBY_VERSION_EXT = 3.0.1 +RUBY_VERSION = $(RUBY_VERSION_MAJOR).2 +RUBY_VERSION_EXT = 3.0.2 RUBY_SITE = http://cache.ruby-lang.org/pub/ruby/$(RUBY_VERSION_MAJOR) RUBY_SOURCE = ruby-$(RUBY_VERSION).tar.xz RUBY_DEPENDENCIES = host-pkgconf host-ruby