mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-12 03:33:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e9cf2ef27033f3dce214ffdf244375411eb8fe13
poky/meta/recipes-devtools/ruby/ruby
History
Divya Chellam 7ad1d26688 ruby: fix CVE-2025-27221 
In the URI gem before 1.0.3 for Ruby, the URI handling methods
(URI.join, URI#merge, URI#+) have an inadvertent leakage of
authentication credentials because userinfo is retained even
after changing the host.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-27221

Upstream-patches:
3675494839
2789182478

(From OE-Core rev: 421d7011269f4750f5942b815d68f77fa4559d69)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-06-02 07:12:34 -07:00
..
0001-extmk-fix-cross-compilation-of-external-gems.patch
ruby: update to v2.6.4
2019-10-23 16:30:36 +01:00
0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch
ruby: Fix build on riscv/musl
2022-02-03 09:05:14 +00:00
0003-rdoc-build-reproducible-documentation.patch
ruby: fix the reproducibility issue
2021-10-01 14:51:45 +01:00
0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch
ruby: fix the reproducibility issue
2021-10-01 14:51:45 +01:00
0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
ruby: upgrade 3.2.2 -> 3.3.5
2024-10-18 06:04:40 -07:00
0006-Make-gemspecs-reproducible.patch
ruby: upgrade 3.2.2 -> 3.3.5
2024-10-18 06:04:40 -07:00
CVE-2025-27219.patch
ruby: Fix CVE-2025-27219
2025-03-15 06:40:07 -07:00
CVE-2025-27220.patch
ruby: fix CVE-2025-27220
2025-04-01 09:08:42 -07:00
CVE-2025-27221-0001.patch
ruby: fix CVE-2025-27221
2025-06-02 07:12:34 -07:00
CVE-2025-27221-0002.patch
ruby: fix CVE-2025-27221
2025-06-02 07:12:34 -07:00
run-ptest
ruby: add ptest
2019-04-12 09:29:06 +01:00