[ol8_appstream] rubygem-power_assert-1.1.1-113.0.1.module+el8.10.0+90463+6f2d71f2.noarch

Name:	rubygem-power_assert
Version:	1.1.1
Release:	113.0.1.module+el8.10.0+90463+6f2d71f2
Architecture:	noarch
Module:	ruby:2.5:8100020241127152844:489197e6
Group:	Development/Libraries
Size:	35668
License:	Ruby or BSD
RPM:	rubygem-power_assert-1.1.1-113.0.1.module+el8.10.0+90463+6f2d71f2.noarch.rpm
Source RPM:	ruby-2.5.9-113.0.1.module+el8.10.0+90463+6f2d71f2.src.rpm
Build Date:	Mon Dec 09 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://ruby-lang.org/
Summary:	Power Assert for Ruby
Description:	Power Assert shows each value of variables and method calls in the expression. It is useful for testing, providing which value wasn't correct when the condition is not satisfied.

Changelog (Show File list) (Show related packages)

Mon Dec 09 2024 David Sloboda <david.x.sloboda@oracle.com> - 2.5.9-113.0.1
```
- Fix REXML ReDoS vulnerability CVE-2024-49761.
```

Tue May 21 2024 Jarek Prokop <jprokop@redhat.com> - 2.5.9-112

- Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755.
  (CVE-2023-36617)
  Resolves: RHEL-5614
- Fix Buffer overread vulnerability in StringIO.
  (CVE-2024-27280)
  Resolves: RHEL-34125
- Fix RCE vulnerability with .rdoc_options in RDoc.
  (CVE-2024-27281)
  Resolves: RHEL-34117
- Fix Arbitrary memory address read vulnerability with Regex search.
  (CVE-2024-27282)
  Resolves: RHEL-33867
- Fix REXML DoS parsing an XML with many `<`s in an attribute value.
  (CVE-2024-35176)
  Resolves: RHEL-37877

Mon Jun 12 2023 Jarek Prokop <jprokop@redhat.com> - 2.5.9-111

- Fix HTTP response splitting in CGI.
  Resolves: CVE-2021-33621
- Fix Buffer overrun in String-to-Float conversion.
  Resolves: CVE-2022-28739
- Fix ReDoS vulnerability in URI.
  Resolves: CVE-2023-28755
- Fix ReDoS vulnerability in Time.
  Resolves: CVE-2023-28756

Thu May 25 2023 Todd Zullinger <tmz@pobox.com> - 2.5.9-111

- Fix rdoc parsing of nil text tokens.
  Resolves: rhbz#2210326

Fri Jul 08 2022 Jun Aruga <jaruga@redhat.com> - 2.5.9-110

- Fix FTBFS due to an incompatible load directive.
- Fix a fiddle import test on an optimized glibc on Power 9.
- Fix by adding length limit option for methods that parses date strings.
  Resolves: CVE-2021-41817
- CGI::Cookie.parse no longer decodes cookie names to prevent spoofing security
  prefixes in cookie names.
  Resolves: CVE-2021-41819

Wed Feb 16 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-109

- Properly fix command injection vulnerability in Rdoc.
  Related: CVE-2021-31799

Wed Feb 09 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-108

- Fix command injection vulnerability in RDoc.
  Resolves: CVE-2021-31799
- Fix StartTLS stripping vulnerability in Net::IMAP
  Resolves: CVE-2021-32066
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
  Resolves: CVE-2021-31810

Mon Apr 19 2021 Pavel Valena <pvalena@redhat.com> - 2.5.9-107

- Update to Ruby 2.5.9.
  * Remove Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch; subsumed
  Resolves: rhbz#1757844
- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
  contains leading zero
  Resolves: rhbz#1950308

Mon Jun 22 2020 Pavel Valena <pvalena@redhat.com> - 2.5.5-106

- Remove file with non-commercial license from did_you_mean gem.
  Resolves: rhbz#1846113

Thu Jul 04 2019 Jun Aruga <jaruga@redhat.com> - 2.5.5-105

- Use ffi_closure_alloc to avoid segmentation fault by libffi on aarch64.
  Resolves: rhbz#1727832
- Properly support %prerelease in %gemspec_ macros.
  Related: rhbz#1688758
- Fix rdoc gzipped javascript pages are not the same across multilib.
  Resolves: rhbz#1719647