-
Fri Apr 12 2019 Jun Aruga <jaruga@redhat.com> - 2.3.8-70
- Refresh expired certificates.
- Prohibit arbitrary code execution when installing a malicious gem.
Resolves: CVE-2019-8324
-
Thu Nov 22 2018 Pavel Valena <pvalena@redhat.com> - 2.3.8-69
- Rebuild with correct remote branch
Related: rhbz#1650591
-
Mon Nov 05 2018 Pavel Valena <pvalena@redhat.com> - 2.3.8-68
- Upgrade to Ruby 2.3.8.
Resolves: CVE-2018-16395
Resolves: CVE-2018-16396
Resolves: rhbz#1563078
Removed Patch11: ruby-2.5.0-Disable-Tokyo-TZ-tests.patch; subsumed
- Properly harden package using -fstack-protector-strong.
- Fix: return default path with nonexistent home dir(rhbz#1602880)
-
Mon Mar 12 2018 Pavel Valena <pvalena@redhat.com> - 2.3.6-67
- Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code
execution(CVE-2017-17790).
* ruby-2.5.0-Fixed-command-Injection.patch
Related: rhbz#1549649
-
Tue Feb 13 2018 Pavel Valena <pvalena@redhat.com> - 2.3.6-66
- Upgrade to Ruby 2.3.6.
Resolves: rhbz#1549649
Resolves: CVE-2017-17405
-
Wed Oct 26 2016 Pavel Valena <pvalena@redhat.com> - 2.3.1-64
- Fix: do not fail in operating_system.rb when X_SCLS is empty
Resolves: rhbz#1387139
-
Mon Oct 17 2016 Pavel Valena <pvalena@redhat.com> - 2.3.1-63
- Support in no_proxy for domain names with whitespaces and leading dots
Resolves: rhbz#1384810
-
Fri Aug 12 2016 Pavel Valena <pvalena@redhat.com> - 2.3.1-62
- Fix support for dependent^2 SCLs
- Update to Ruby 2.3.1
* Remove Patch8:
ruby-2.3.0-undef-BUILTIN_CHOOSE_EXPR_CONSTANT_P.patch; subsumed
* Remove Patch10:
ruby-2.3.1-remove-tests-depending-on-europe-moscow.patch; subsumed
also removed "UTC=TZ " tests prefix
-
Mon Jul 25 2016 Pavel Valena <pvalena@redhat.com> - 2.3.0-61
- Add %{scl}-runtime to Requires in libs subpackage
-
Tue Jul 19 2016 Pavel Valena <pvalena@redhat.com> - 2.3.0-60
- Fix and enhance systemtap tests
- Remove tests depending on Europe/Moscow to avoid failures due to tzdata change