Name: | rubygem-rexml |
---|---|
Version: | 3.3.6 |
Release: | 3.module+el8.10.0+90405+574abbbb |
Architecture: | noarch |
Module: | ruby:3.3:8100020240906074654:489197e6 |
Group: | Unspecified |
Size: | 464085 |
License: | BSD-2-Clause |
RPM: | rubygem-rexml-3.3.6-3.module+el8.10.0+90405+574abbbb.noarch.rpm |
Source RPM: | ruby-3.3.5-3.module+el8.10.0+90405+574abbbb.src.rpm |
Build Date: | Thu Sep 19 2024 |
Build Host: | build-ol8-x86_64.oracle.com |
Vendor: | Oracle America |
URL: | https://github.com/ruby/rexml |
Summary: | An XML toolkit for Ruby |
Description: | REXML was inspired by the Electric XML library for Java, which features an easy-to-use API, small size, and speed. Hopefully, REXML, designed with the same philosophy, has these same features. I've tried to keep the API as intuitive as possible, and have followed the Ruby methodology for method naming and code flow, rather than mirroring the Java API. REXML supports both tree and stream document parsing. Stream parsing is faster (about 1.5 times as fast). However, with stream parsing, you don't get access to features such as XPath. |
- Upgrade to Ruby 3.3.5 Resolves: RHEL-55409 - Fix DoS vulnerability in rexml. (CVE-2024-39908) (CVE-2024-41946) (CVE-2024-43398) Resolves: RHEL-57049 Resolves: RHEL-57054 Resolves: RHEL-57069 - Fix REXML DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>. (CVE-2024-41123) Resolves: RHEL-52783
- Upgrade to Ruby 3.3.1. Resolves: RHEL-37446 - Fix buffer overread vulnerability in StringIO. (CVE-2024-27280) Resolves: RHEL-37448 - Fix RCE vulnerability with .rdoc_options in RDoc. (CVE-2024-27281) Resolves: RHEL-37449 - Fix Arbitrary memory address read vulnerability with Regex search. (CVE-2024-27282) Resolves: RHEL-37447
- Upgrade to Ruby 3.3.0. Resolves: RHEL-17090
- Upgrade to Ruby 3.1.2. Resolves: rhbz#2063772
- Fix rubygem-irb upgrade not working due to directory -> symlink conversion. Resolves: rhbz#2010949
- Upgrade to Ruby 3.0.2. Related: rhbz#1938942 - Fix command injection vulnerability in RDoc. (CVE-2021-31799) - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. (CVE-2021-31810) - Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066) - Fix dependencies of gems with explicit source installed from a different source. (CVE-2020-36327) - Pass ldflags to gem install via CONFIGURE_ARGS. The same comment on the changelog 3.0.1-138 was wrong.
- Upgrade to Ruby 3.0.1 by merging Fedora rawhide branch (commit: 6b2ff68). * Add missing `rubygem-` prefix for bundled provide of 'connection_pool'. * Pass ldflags to gem install via CONFIGURE_ARGS * Remove IRB dependency from rubygem-rdoc. * Fix flaky excon test suite. * Properly support DWARF5 debug information. Related: rhbz#1920533 * Bundle OpenSSL into StdLib. * Fix SEGFAULT in rubygem-shoulda-matchers test suite. * Provide `gem.build_complete` file for binary gems. * Re-enable test suite. * ruby-default-gems have to depend on rubygem(io-console) due to reline. * Fix SEGFAULT preventing rubygem-unicode to build on armv7hl. * Add support for reworked RubyGems plugins. * Use proper path for plugin wrappers. * Extract RSS and REXML into separate subpackages, because they were moved from default gems to bundled gems. * Drop Net::Telnet and XMLRPC packages, because they were dropped from Ruby. Resolves: rhbz#1938942 - Fix FTBFS due to an incompatible load directive.
- Upgrade to Ruby 2.7.3. Resolves: rhbz#1947938 - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero Resolves: rhbz#1944227
- Upgrade to Ruby 2.7.2. - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add.
- Fix `require` behavior allowing to load libraries multiple times. Resolves: rhbz#1842989 - Add ruby-default-gems dependency on irb.