[PATCH] gnu: ruby-sanitize: Update to 4.6.3.

  • Done
  • quality assurance status badge
Details
2 participants
  • Thompson, David
  • Kei Kebreau
Owner
unassigned
Submitted by
Kei Kebreau
Severity
normal

Debbugs page

Kei Kebreau wrote 7 years ago
(address . guix-patches@gnu.org)(name . Kei Kebreau)(address . kkebreau@posteo.net)
20180320140907.27847-1-kkebreau@posteo.net
This fixes CVE-2018-3740.

* gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
---
gnu/packages/ruby.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (24 lines)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index dcf4cda26..010dedde2 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
(define-public ruby-sanitize
(package
(name "ruby-sanitize")
- (version "4.0.0")
+ (version "4.6.3")
(source (origin
(method url-fetch)
;; The gem does not include the Rakefile, so we download the
@@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
+ "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
(build-system ruby-build-system)
(propagated-inputs
`(("ruby-crass" ,ruby-crass)
--
2.16.2
Thompson, David wrote 7 years ago
(name . Kei Kebreau)(address . kkebreau@posteo.net)(address . 30876@debbugs.gnu.org)
CAJ=Rwfa-35BJfsjnO1chh-dNJJ2g8pnbCRPb5Mv+79XKKaEC7w@mail.gmail.com
On Tue, Mar 20, 2018 at 10:09 AM, Kei Kebreau <kkebreau@posteo.net> wrote:
Toggle quote (32 lines)
> This fixes CVE-2018-3740.
>
> * gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
> ---
> gnu/packages/ruby.scm | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
> index dcf4cda26..010dedde2 100644
> --- a/gnu/packages/ruby.scm
> +++ b/gnu/packages/ruby.scm
> @@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
> (define-public ruby-sanitize
> (package
> (name "ruby-sanitize")
> - (version "4.0.0")
> + (version "4.6.3")
> (source (origin
> (method url-fetch)
> ;; The gem does not include the Rakefile, so we download the
> @@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
> (file-name (string-append name "-" version ".tar.gz"))
> (sha256
> (base32
> - "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
> + "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
> (build-system ruby-build-system)
> (propagated-inputs
> `(("ruby-crass" ,ruby-crass)
> --
> 2.16.2

Looks good, thanks!

- Dave
Kei Kebreau wrote 7 years ago
(name . Thompson, David)(address . dthompson2@worcester.edu)(address . 30876-done@debbugs.gnu.org)
87d0zykc23.fsf@posteo.net
"Thompson, David" <dthompson2@worcester.edu> writes:

Toggle quote (37 lines)
> On Tue, Mar 20, 2018 at 10:09 AM, Kei Kebreau <kkebreau@posteo.net> wrote:
>> This fixes CVE-2018-3740.
>>
>> * gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
>> ---
>> gnu/packages/ruby.scm | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
>> index dcf4cda26..010dedde2 100644
>> --- a/gnu/packages/ruby.scm
>> +++ b/gnu/packages/ruby.scm
>> @@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
>> (define-public ruby-sanitize
>> (package
>> (name "ruby-sanitize")
>> - (version "4.0.0")
>> + (version "4.6.3")
>> (source (origin
>> (method url-fetch)
>> ;; The gem does not include the Rakefile, so we download the
>> @@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
>> (file-name (string-append name "-" version ".tar.gz"))
>> (sha256
>> (base32
>> - "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
>> + "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
>> (build-system ruby-build-system)
>> (propagated-inputs
>> `(("ruby-crass" ,ruby-crass)
>> --
>> 2.16.2
>
> Looks good, thanks!
>
> - Dave

Thanks for reviewing! Pushed to master.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEg7ZwOtzKO2lLzi2m5qXuPBlGeg0FAlqxJvQACgkQ5qXuPBlG
eg0saQ/9Gu7lmyVSeRQMIei2auFRvL0VfDwecGMDxNvC+z25wluFFziobPIKL4MT
guy6s1S7Qk/pUpguIs9JlBH8fdMxSMgoJm8pCXfF5A8g4DR8EoBR7oTtvFyZCIs2
yM+P1ZvRsqPgiifR8oRht4AuugCt9bSBXvhezvdUBDYY1ctKUmpc19n174a3jh/t
RBmLXT+d4GIcBw5BbtUUGg8Ym9FCPd2kDA/SZJkJ6+ka+jwA5H8y7uXiPzxWIJFT
t5svHrnzLZQnwbdSf1Zt5o8Pr4AwggeZC8IIgRb5GH5FsYZ3Ztg6x8uencP3O0Op
LbcKiBwUUaE3MaJdPrmDrvO1HINyRSRUlUPE3FBqVE0FALoiPzBIlSwvoemf/jOZ
BcSpiICg6+v6dwSYspjwnWFC9r31EQ96nEOpURtq4mh59pp1w4BaLfF02DC6S+e4
iJH4/BkgBJlbuMvKd/EyhD/qJZQmeclWGRmiz/Buz3bAnZnlEVMAu7cvfsQlFCxP
Kh99wvK/eJUIuIt9ZDQnImZn4dOweh69Pls03kvai5wZWtPf0FQBrY3VHcpwiYOm
BBVaE3PI5Q84pHdFUfBfI2OrT6SZ5LsygAPhLvmBND9eLiEDmfeeEOCIfJmLiBLj
VHpW3hx1eYAbkoLpfrVIr4BS4kmmCUrKwrKcRKPkpsXHomYX9xA=
=p3ZM
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 30876@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 30876
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help