From: Luiz Angelo Daros de Luca Date: Mon, 18 Mar 2019 18:43:38 +0000 (-0300) Subject: ruby: update to 2.6.2 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=05cb8878f5ac21a2bb7d03449d87a63ef42572b2;p=feed%2Fpackages.git ruby: update to 2.6.2 Bug fixes and a security update of the bundled RubyGems: CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection vulnerability in gem owner CVE-2019-8323: Escape sequence injection vulnerability in API response handling CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution CVE-2019-8325: Escape sequence injection vulnerability in errors Signed-off-by: Luiz Angelo Daros de Luca --- diff --git a/lang/ruby/Makefile b/lang/ruby/Makefile index 969b68190e..f34c4ff293 100644 --- a/lang/ruby/Makefile +++ b/lang/ruby/Makefile @@ -11,7 +11,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ruby -PKG_VERSION:=2.6.1 +PKG_VERSION:=2.6.2 PKG_RELEASE:=1 # First two numbes @@ -19,7 +19,7 @@ PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/ -PKG_HASH:=47b629808e9fd44ce1f760cdf3ed14875fc9b19d4f334e82e2cf25cb2898f2f2 +PKG_HASH:=91fcde77eea8e6206d775a48ac58450afe4883af1a42e5b358320beb33a445fa PKG_MAINTAINER:=Luiz Angelo Daros de Luca PKG_LICENSE:=BSD-2-Clause PKG_LICENSE_FILES:=COPYING