From 85fd60643dcfdcc871af86aaeac45d158466af26 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 23 Mar 2020 22:14:43 -0500 Subject: system/ruby: patch CVE-2020-8130 --- system/ruby/APKBUILD | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/ruby/APKBUILD') diff --git a/system/ruby/APKBUILD b/system/ruby/APKBUILD index 537c1010a..0cb185852 100644 --- a/system/ruby/APKBUILD +++ b/system/ruby/APKBUILD @@ -38,11 +38,13 @@ # - CVE-2019-16201 # - CVE-2019-16254 # - CVE-2019-16255 +# 2.5.7-r1: +# - CVE-2020-8130 # pkgname=ruby pkgver=2.5.7 _abiver="${pkgver%.*}.0" -pkgrel=0 +pkgrel=1 pkgdesc="An object-oriented language for quick and easy programming" url="https://www.ruby-lang.org/" arch="all" @@ -76,6 +78,7 @@ source="https://cache.ruby-lang.org/pub/ruby/${pkgver%.*}/$pkgname-$pkgver.tar.x test_insns-lower-recursion-depth.patch fix-get_main_stack.patch libedit-compat.patch + CVE-2020-8130.patch " replaces="ruby-etc ruby-gems" @@ -318,4 +321,5 @@ sha512sums="63b7c75fab44cd1bd22f22ddec00c740cf379ac7240da0dfafcec54347766695faef 20e7e5ee9936a93872fe1ad836dd1fde001fe4a0e7ed54c26727ad83da3ceb0e6247681d9dd4f98a69e1b0250703ed8fc682d44075780d5f47faa1d5f58d2bdb rubygems-avoid-platform-specific-gems.patch 814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch e99b36940fa8fdd445d82738c70b8fc042cab042a4662cab156578aad2dac9673a96da22b6676aa36beac08070e92a7798c60d6f36eeb169216c4c51864ce2fe fix-get_main_stack.patch -6b88fccce164db1d8beb16adeffdd7effd077e9842b7f61deddebeb39afcf9b839192b68a43ce66a1ff0c9aeaacc4f13a0ee56184c22e822cd8b10a07a1c87b2 libedit-compat.patch" +6b88fccce164db1d8beb16adeffdd7effd077e9842b7f61deddebeb39afcf9b839192b68a43ce66a1ff0c9aeaacc4f13a0ee56184c22e822cd8b10a07a1c87b2 libedit-compat.patch +50b3a2aca1c0d7a7b557e030fbf57049512730cd6516cb6b26624855c25a20e84eef7f84ec9eafb94200de067ec67790e5fe0902e69681ac4de9195240b318dc CVE-2020-8130.patch" -- cgit v1.2.3-70-g09d2