Hitendra Prajapati
|
91feb9b975
|
ruby/cgi-gem: CVE-2021-33621 HTTP response splitting in CGI
Upstream-Status: Backport from 64c5045c0a
(From OE-Core rev: dfe4a2b601e094e2922b671f6cf73ff6a91f061f)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
2023-08-16 03:55:12 -10:00 |
|
Hitendra Prajapati
|
bcb3c107d3
|
ruby: CVE-2023-28756 ReDoS vulnerability in Time
Upstream-Status: Backport from 957bb7cb81
(From OE-Core rev: 52d26edffdd0444588ecad56b40a65e225889a01)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
2023-04-19 04:32:59 -10:00 |
|
Ranjitsinh Rathod
|
d6941efc0b
|
ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
As per below debian link, CVE-2021-28966 affects Windows only
Link: https://security-tracker.debian.org/tracker/CVE-2021-28966
(From OE-Core rev: df6242b72b0477fb61c7dc18ad52a1f147ec7d07)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2022-06-04 12:16:58 +01:00 |
|
Ranjitsinh Rathod
|
df1129b022
|
ruby: Upgrade ruby to 2.7.6 for security fix
Upgrade ruby to 2.7.6
Link: https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/
This includes CVE-2022-28739 security fix
(From OE-Core rev: 4514b1b8cacb92b1790b636b111c071190b2e4b2)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
2022-06-04 12:16:58 +01:00 |
|