-
Fri Jul 08 2022 Jarek Prokop <jprokop@redhat.com> - 3.0.4-160
- Upgrade to Ruby 3.0.4.
Resolves: rhbz#2109428
- OpenSSL test suite fixes due to disabled SHA1.
Related: rbhz#2109428
- Fix double free in Regexp compilation.
Resolves: CVE-2022-28738
- Fix buffer overrun in String-to-Float conversion.
Resolves: CVE-2022-28739
-
Thu Feb 10 2022 Vít Ondruch <vondruch@redhat.com> - 3.0.3-159
- Prevent segfaults running with SystemTap.
Resolves: rhbz#2015441
-
Tue Jan 25 2022 Vít Ondruch <vondruch@redhat.com> - 3.0.3-159
- Update OpenSSL 3 compatibility patches.
Resolves: rhbz#1952925
-
Thu Jan 20 2022 Vít Ondruch <vondruch@redhat.com> - 3.0.3-157
- Fix segfault in `TestArray#test_sample` on s390x.
Related: rhbz#2049693
-
Tue Jan 11 2022 Jun Aruga <jaruga@redhat.com> - 3.0.3-157
- Remove the patch applied to pass the test/fiddle/test_import.rb on PPC.
Related: rhbz#2049693
-
Thu Nov 25 2021 Vít Ondruch <vondruch@redhat.com> - 3.0.2-156
- Upgrade to Ruby 3.0.3.
Resolves: rhbz#2049693
-
Wed Aug 25 2021 Vít Ondruch <vondruch@redhat.com> - 3.0.2-156
- Enable LTO.
Resolves: rhbz#1990108
-
Wed Aug 25 2021 Carlos O'Donell <codonell@redhat.com> - 3.0.1-155
- Rebuilt for libffi 3.4.2 SONAME transition (second attempt).
Related: rhbz#1891914
-
Fri Aug 20 2021 Pavel Valena <pvalena@redhat.com> - 3.0.1-154
- Upgrade to Ruby 3.0.2.
- Fix command injection vulnerability in RDoc.
Resolves: CVE-2021-31799
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
Resolves: CVE-2021-31810
- Fix StartTLS stripping vulnerability in Net::IMAP
Resolves: CVE-2021-32066
- Fix dependencies of gems with explicit source installed from a
different source.
Resolves: CVE-2020-36327
- Pass ldflags to gem install via CONFIGURE_ARGS.
-
Thu Aug 19 2021 Carlos O'Donell <codonell@redhat.com> - 3.0.1-153
- Rebuilt for libffi 3.4.2 SONAME transition.
Related: rhbz#1891914