1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 03:47:03 +00:00

4 Commits

Author SHA1 Message Date
Hitendra Prajapati 91feb9b975 ruby/cgi-gem: CVE-2021-33621 HTTP response splitting in CGI
Upstream-Status: Backport from https://github.com/ruby/cgi/commit/64c5045c0a6b84fdb938a8465a0890e5f7162708

(From OE-Core rev: dfe4a2b601e094e2922b671f6cf73ff6a91f061f)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-08-16 03:55:12 -10:00
Hitendra Prajapati bcb3c107d3 ruby: CVE-2023-28756 ReDoS vulnerability in Time
Upstream-Status: Backport from https://github.com/ruby/ruby/commit/957bb7cb81995f26c671afce0ee50a5c660e540e

(From OE-Core rev: 52d26edffdd0444588ecad56b40a65e225889a01)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-04-19 04:32:59 -10:00
Ranjitsinh Rathod d6941efc0b ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
As per below debian link, CVE-2021-28966 affects Windows only
Link: https://security-tracker.debian.org/tracker/CVE-2021-28966

(From OE-Core rev: df6242b72b0477fb61c7dc18ad52a1f147ec7d07)

Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-04 12:16:58 +01:00
Ranjitsinh Rathod df1129b022 ruby: Upgrade ruby to 2.7.6 for security fix
Upgrade ruby to 2.7.6
Link: https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/
This includes CVE-2022-28739 security fix

(From OE-Core rev: 4514b1b8cacb92b1790b636b111c071190b2e4b2)

Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-04 12:16:58 +01:00