[ol8_appstream] rubygem-json-2.7.1-3.module+el8.10.0+90405+574abbbb.i686

This is a implementation of the JSON specification according to RFC 4627.
You can think of it as a low fat alternative to XML, if you want to store
data to disk or transmit it over a network rather than use a verbose
markup language.

Changelog (Show File list) (Show related packages)

• Wed Sep 04 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.5-3

  - Upgrade to Ruby 3.3.5
    Resolves: RHEL-55409
  - Fix DoS vulnerability in rexml.
    (CVE-2024-39908)
    (CVE-2024-41946)
    (CVE-2024-43398)
    Resolves: RHEL-57049
    Resolves: RHEL-57054
    Resolves: RHEL-57069
  - Fix REXML DoS when parsing an XML having many specific characters such as
    whitespace character, >] and ]>.
    (CVE-2024-41123)
    Resolves: RHEL-52783

• Mon May 20 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.1-2

  - Upgrade to Ruby 3.3.1.
    Resolves: RHEL-37446
  - Fix buffer overread vulnerability in StringIO.
    (CVE-2024-27280)
    Resolves: RHEL-37448
  - Fix RCE vulnerability with .rdoc_options in RDoc.
    (CVE-2024-27281)
    Resolves: RHEL-37449
  - Fix Arbitrary memory address read vulnerability with Regex search.
    (CVE-2024-27282)
    Resolves: RHEL-37447

• Thu Jan 18 2024 Jarek Prokop <jprokop@redhat.com> - 3.3.0-1

  - Upgrade to Ruby 3.3.0.
    Resolves: RHEL-17090

• Thu Apr 21 2022 Jarek Prokop <jprokop@redhat.com> - 3.1.2-141

  - Upgrade to Ruby 3.1.2.
    Resolves: rhbz#2063772

• Tue Oct 05 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-140

  - Fix rubygem-irb upgrade not working due to directory -> symlink conversion.
    Resolves: rhbz#2010949

• Tue Jul 13 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-139

  - Upgrade to Ruby 3.0.2.
    Related: rhbz#1938942
  - Fix command injection vulnerability in RDoc. (CVE-2021-31799)
  - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
    (CVE-2021-31810)
  - Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
  - Fix dependencies of gems with explicit source installed from a
    different source. (CVE-2020-36327)
  - Pass ldflags to gem install via CONFIGURE_ARGS.
    The same comment on the changelog 3.0.1-138 was wrong.

• Mon Jun 07 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.1-138

  - Upgrade to Ruby 3.0.1 by merging Fedora rawhide branch (commit: 6b2ff68).
    * Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
    * Pass ldflags to gem install via CONFIGURE_ARGS
    * Remove IRB dependency from rubygem-rdoc.
    * Fix flaky excon test suite.
    * Properly support DWARF5 debug information.
        Related: rhbz#1920533
    * Bundle OpenSSL into StdLib.
    * Fix SEGFAULT in rubygem-shoulda-matchers test suite.
    * Provide `gem.build_complete` file for binary gems.
    * Re-enable test suite.
    * ruby-default-gems have to depend on rubygem(io-console) due to reline.
    * Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
    * Add support for reworked RubyGems plugins.
    * Use proper path for plugin wrappers.
    * Extract RSS and REXML into separate subpackages, because they were moved from
       default gems to bundled gems.
    * Drop Net::Telnet and XMLRPC packages, because they were dropped from Ruby.
    Resolves: rhbz#1938942
  - Fix FTBFS due to an incompatible load directive.

• Wed Apr 07 2021 Pavel Valena <pvalena@redhat.com> - 2.7.3-136

  - Upgrade to Ruby 2.7.3.
    Resolves: rhbz#1947938
  - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
    contains leading zero
    Resolves: rhbz#1944227

• Tue Oct 13 2020 Vít Ondruch <vondruch@redhat.com> - 2.7.2-135

  - Upgrade to Ruby 2.7.2.
  - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add.

• Fri Jun 26 2020 Vít Ondruch <vondruch@redhat.com> - 2.7.1-133

  - Fix `require` behavior allowing to load libraries multiple times.
    Resolves: rhbz#1842989
  - Add ruby-default-gems dependency on irb.