mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-22 01:19:41 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Divya Chellam	ba85fa8c93	ruby: fix CVE-2025-27220 In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. Reference: https://security-tracker.debian.org/tracker/CVE-2025-27220 Upstream-patch: `cd1eb08076` (From OE-Core rev: 8c31f8e142894f103409ee10deccc22fdeea897c) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-04-01 09:08:42 -07:00

Divya Chellam

ba85fa8c93

ruby: fix CVE-2025-27220

In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial
of Service (ReDoS) vulnerability exists in the Util#escapeElement method.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-27220

Upstream-patch:
cd1eb08076

(From OE-Core rev: 8c31f8e142894f103409ee10deccc22fdeea897c)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-04-01 09:08:42 -07:00

1 Commits