[Buildroot] [PATCH 1/1] package/ruby: security bump to version 3.0.1
Peter Korsgaard
peter at korsgaard.com
Mon May 10 09:23:10 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> This release includes security fixes:
> - CVE-2021-28965: XML round-trip vulnerability in REXML
> - CVE-2021-28966: Path traversal in Tempfile on Windows
> https://www.ruby-lang.org/en/news/2021/04/05/ruby-3-0-1-released/
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
For 2021.02.x I have instead bumped to 2.7.3, which includes the same
security fixes.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list