mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-05 16:28:43 +01:00

Commit Graph

Author	SHA1	Message	Date
Richard Purdie	ec9fb6eaa5	ruby: Make docs generation deterministic The presence or lack of nroff on the host was changing the doc type. Set it explicitly to be deterministic and reproducible. (From OE-Core rev: f5053abb8957acf358b518ee3c76146dc5f4eb6c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2024-09-11 11:56:37 +01:00
Ross Burton	bea8a284b1	ruby: upgrade 3.3.0 -> 3.3.4 3.3.4: This release fixes a regression in Ruby 3.3.3 that dependencies are missing in the gemspec of some bundled gems: net-pop, net-ftp, net-imap, and prime [Bug like Heroku. If your bundle install runs correctly now, you may not have this issue. 3.3.3: This release includes: RubyGems 3.5.11 Bundler 2.5.11 REXML 3.2.8 strscan 3.0.9 --dump=prism_parsetree is replaced by --parser=prism --dump=parsetree Invalid encoding symbols raise SyntaxError instead of EncodingError Memory leak fix in Ripper parsing Bugfixes for YJIT, **{}, Ripper.tokenize, RubyVM::InstructionSequence#to_binary, --with-gmp, and some build environments 3.3.2: This release includes many bug-fixes. See the GitHub releases for further details. 3.3.1: This release includes security fixes. Please check the topics below for details. CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc CVE-2024-27280: Buffer overread vulnerability in StringIO (From OE-Core rev: 498ee932187b9c09d14892783eb92ae03fbfd533) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2024-07-21 11:08:11 +01:00

Author

SHA1

Message

Date

Richard Purdie

ec9fb6eaa5

ruby: Make docs generation deterministic

The presence or lack of nroff on the host was changing the doc type. Set it
explicitly to be deterministic and reproducible.

(From OE-Core rev: f5053abb8957acf358b518ee3c76146dc5f4eb6c)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2024-09-11 11:56:37 +01:00

Ross Burton

bea8a284b1

ruby: upgrade 3.3.0 -> 3.3.4

3.3.4:

This release fixes a regression in Ruby 3.3.3 that dependencies are missing in
the gemspec of some bundled gems: net-pop, net-ftp, net-imap, and prime [Bug
like Heroku. If your bundle install runs correctly now, you may not have this
issue.

3.3.3:

This release includes:

RubyGems 3.5.11
Bundler 2.5.11
REXML 3.2.8
strscan 3.0.9
--dump=prism_parsetree is replaced by --parser=prism --dump=parsetree
Invalid encoding symbols raise SyntaxError instead of EncodingError
Memory leak fix in Ripper parsing
Bugfixes for YJIT, **{}, Ripper.tokenize, RubyVM::InstructionSequence#to_binary,
--with-gmp, and some build environments

3.3.2:

This release includes many bug-fixes. See the GitHub releases for further details.

3.3.1:

This release includes security fixes. Please check the topics below for details.

CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
CVE-2024-27280: Buffer overread vulnerability in StringIO

(From OE-Core rev: 498ee932187b9c09d14892783eb92ae03fbfd533)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2024-07-21 11:08:11 +01:00

2 Commits