-
Fri Jul 08 2022 Jun Aruga <jaruga@redhat.com> - 2.5.9-110
- Fix FTBFS due to an incompatible load directive.
- Fix a fiddle import test on an optimized glibc on Power 9.
- Fix by adding length limit option for methods that parses date strings.
Resolves: CVE-2021-41817
- CGI::Cookie.parse no longer decodes cookie names to prevent spoofing security
prefixes in cookie names.
Resolves: CVE-2021-41819
-
Wed Feb 16 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-109
- Properly fix command injection vulnerability in Rdoc.
Related: CVE-2021-31799
-
Wed Feb 09 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-108
- Fix command injection vulnerability in RDoc.
Resolves: CVE-2021-31799
- Fix StartTLS stripping vulnerability in Net::IMAP
Resolves: CVE-2021-32066
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
Resolves: CVE-2021-31810
-
Mon Apr 19 2021 Pavel Valena <pvalena@redhat.com> - 2.5.9-107
- Update to Ruby 2.5.9.
* Remove Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch; subsumed
Resolves: rhbz#1757844
- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
contains leading zero
Resolves: rhbz#1950308
-
Mon Jun 22 2020 Pavel Valena <pvalena@redhat.com> - 2.5.5-106
- Remove file with non-commercial license from did_you_mean gem.
Resolves: rhbz#1846113
-
Thu Jul 04 2019 Jun Aruga <jaruga@redhat.com> - 2.5.5-105
- Use ffi_closure_alloc to avoid segmentation fault by libffi on aarch64.
Resolves: rhbz#1727832
- Properly support %prerelease in %gemspec_ macros.
Related: rhbz#1688758
- Fix rdoc gzipped javascript pages are not the same across multilib.
Resolves: rhbz#1719647
-
Wed Apr 17 2019 Vít Ondruch <vondruch@redhat.com> - 2.5.5-104
- Update to Ruby 2.5.5.
* Remove Patch25: ruby-2.6.0-Update-for-tzdata-2018f.patch; subsumed
* Remove Patch11: ruby-2.6.0-Try-to-update-cert.patch; subsumed
* Remove Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with
-TLS-1.3.patch; subsumed
Resolves: rhbz#1688758
- Don't ship .stp files when SystemTap support is disabled.
Related: rhbz#1657915
- Fix CovScan issues.
Resolves: rhbz#1628592
-
Fri Jan 11 2019 Jun Aruga <jaruga@redhat.com> - 2.5.3-103
- Refresh expired certificates to fix FTBFS.
-
Tue Nov 13 2018 Vít Ondruch <vondruch@redhat.com> - 2.5.3-102
- Fix Tokyo TZ tests.
-
Fri Oct 19 2018 Jun Aruga <jaruga@redhat.com> - 2.5.3-101
- Update to Ruby 2.5.3.
Resolves: rhbz#1643092