[PATCH] gnu: ruby-3.0: Update to 3.1.3. [security fixes].

  • Done
  • quality assurance status badge
Details
2 participants
  • Christopher Baines
  • Remco van 't Veer
Owner
unassigned
Submitted by
Remco van 't Veer
Severity
normal
R
R
Remco van 't Veer wrote on 25 Nov 2022 20:40
(address . guix-patches@gnu.org)(name . Remco van 't Veer)(address . remco@remworks.net)
20221125194052.30265-1-remco@remworks.net
Fixes: CVE-2021-33621: HTTP response splitting in CGI.

* gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3.
---
gnu/packages/ruby.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (24 lines)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index b53aa02ef3..375b09fd72 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -225,7 +225,7 @@ (define-public ruby-3.0
(define-public ruby-3.1
(package
(inherit ruby-3.0)
- (version "3.1.2")
+ (version "3.1.3")
(source
(origin
(method url-fetch)
@@ -234,7 +234,7 @@ (define-public ruby-3.1
"/ruby-" version ".tar.xz"))
(sha256
(base32
- "0amzqczgvr51ilcqfgw0n41hrfanzi0wh8k6am3x5dm1z0bx046a"))))))
+ "06ipqz45qcs0y1273gk2gwslxwd7jgighz3mzbddzg16k29n3qaf"))))))
(define-public ruby ruby-2.7)
--
2.38.1
R
R
Remco van 't Veer wrote on 25 Nov 2022 21:36
[PATCH v2] gnu: ruby-3.1: Update to 3.1.3. [security fixes].
(address . 59585@debbugs.gnu.org)(name . Remco van 't Veer)(address . remco@remworks.net)
20221125203647.22237-1-remco@remworks.net
Fixes: CVE-2021-33621: HTTP response splitting in CGI.

* gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3.
---

Oeps, sorry. Copy paste error in commit message.

gnu/packages/ruby.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (24 lines)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index b53aa02ef3..375b09fd72 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -225,7 +225,7 @@ (define-public ruby-3.0
(define-public ruby-3.1
(package
(inherit ruby-3.0)
- (version "3.1.2")
+ (version "3.1.3")
(source
(origin
(method url-fetch)
@@ -234,7 +234,7 @@ (define-public ruby-3.1
"/ruby-" version ".tar.xz"))
(sha256
(base32
- "0amzqczgvr51ilcqfgw0n41hrfanzi0wh8k6am3x5dm1z0bx046a"))))))
+ "06ipqz45qcs0y1273gk2gwslxwd7jgighz3mzbddzg16k29n3qaf"))))))
(define-public ruby ruby-2.7)
--
2.38.1
C
C
Christopher Baines wrote on 6 Dec 2022 12:35
(name . Remco van 't Veer)(address . remco@remworks.net)
87sfhslq7c.fsf@cbaines.net
Remco van 't Veer <remco@remworks.net> writes:

Toggle quote (10 lines)
> Fixes: CVE-2021-33621: HTTP response splitting in CGI.
>
> * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3.
> ---
>
> Oeps, sorry. Copy paste error in commit message.
>
> gnu/packages/ruby.scm | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)

Awesome, I've pushed this to master as
b573af1165081fa8be6afa15a5f54e148125c8f2.

Thanks,

Chris
-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmOPKRdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9Xdibg/+Jq0vkG8OTKgEkFDUSSlGAE8pf3RC3XEd
GflIG3mjVmqsm6BCDsvmXqlhtTflcQmB51KmJmKF6doGJVuCYOQl7z2TSWaPiWGd
JbBAeyBsPVZU++Y0/v82k1c6ciLsHaiSAcavbdSPnF4G3ZK/ZzQaJuknB2rIQUvi
37FS/QxmqbAYG2CFtFtHh1e8jZ+gXe2rjdv0gz3tFk8Ns9S9G5IcVR7pIQO7vAfV
lo491eaKC4cBv0QKpZAqlIDfD6jLh0XHzvNr+2z+7vipwl1OMIlU2ibfBGxL1rx5
rz6ev54aH6bAbLUZKILLcfepNC7OX+LNIZDu+hd/9pa2AdDaFYZqJSOUisU2cP0i
pDw+7vcBlN4mvNn9dYhDjdwUChwIgKVLpb5icBUGe1PxPbgkkmHSyTIbIn1A3aAQ
dC/NaW/TFcGqbj0BF3T2VcBUQh46cQkaMrN7sQGnUZ7gjd55LYEO45KKM//OZaIP
YSfFizl2fyoBidNBxAsHPHUzeAPX59XN7iBQdBFepSfrVwANRevYNS4gf1M7QktI
mQr3DfmoPDXKqgTNC471a2tjE70HmDTB2+HXfGb0wMivd9gnz/snG5VflgLuU25e
9tz0V2Zv4sOHGJ8gr08QSbywxBOWn4F8CL4UhH3qHTJKuDy4pQ1fnOu6Emd5F9bV
gXma3aJ7rO0=
=mh/8
-----END PGP SIGNATURE-----

Closed
?