Request 543851: Submit ruby2.4 - openSUSE Build Service

This request supersedes: request 540224 (Show diff)

Overview

Request 543851 accepted

- disable jemalloc again because of: (boo#1068883)
https://github.com/jemalloc/jemalloc/issues/937

- Add conflicts to libruby to make sure ruby and ruby-stdlib are
also updated when libruby is updated (bsc#1048072.)

- devel package needs to require jemalloc-devel when building with
it

- only use jemalloc on opensuse and sle >= 15

- update to 2.4.2
- CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
(boo#1058755)
- CVE-2017-10784: Escape sequence injection vulnerability in the
Basic authentication of WEBrick (boo#1058754)
- CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1
decode (boo#1058757)
- CVE-2017-14064: Heap exposure in generating JSON
(boo#1056782)
- Multiple vulnerabilities in RubyGems (boo#1056286)
CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902
- Update bundled libyaml to version 0.1.7.
- There are also many bug-fixes. For more details see:
https://github.com/ruby/ruby/compare/v2_4_1...v2_4_2
- added https://bugs.ruby-lang.org/attachments/download/6735/configure-2.4.2.diff
to allow building with libgmp and libjemalloc again

- provide a ruby-default symbol and conflict with other providers
of that symbol so we can uninstall older default ruby versions

Created by darix over 6 years ago
In state accepted
Supersedes 540224

Submit ruby2.4

Comments for request 543851 0
Comments for request 540224 1

Login required, please login in order to comment

Dominique Leuenberger (dimstar_suse) - over 6 years ago

reviewer target maintainer

Breaks plenty of YaST modules; backlog

Login required, please login in order to comment

Request History

darix created request over 6 years ago

- disable jemalloc again because of: (boo#1068883)
https://github.com/jemalloc/jemalloc/issues/937

- Add conflicts to libruby to make sure ruby and ruby-stdlib are
also updated when libruby is updated (bsc#1048072.)

- devel package needs to require jemalloc-devel when building with
it

- only use jemalloc on opensuse and sle >= 15

- update to 2.4.2
- CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
(boo#1058755)
- CVE-2017-10784: Escape sequence injection vulnerability in the
Basic authentication of WEBrick (boo#1058754)
- CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1
decode (boo#1058757)
- CVE-2017-14064: Heap exposure in generating JSON
(boo#1056782)
- Multiple vulnerabilities in RubyGems (boo#1056286)
CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902
- Update bundled libyaml to version 0.1.7.
- There are also many bug-fixes. For more details see:
https://github.com/ruby/ruby/compare/v2_4_1...v2_4_2
- added https://bugs.ruby-lang.org/attachments/download/6735/configure-2.4.2.diff
to allow building with libgmp and libjemalloc again

- provide a ruby-default symbol and conflict with other providers
of that symbol so we can uninstall older default ruby versions

factory-auto added opensuse-review-team as a reviewer over 6 years ago

Please review sources

factory-auto added repo-checker as a reviewer over 6 years ago

Please review build success

factory-auto accepted review over 6 years ago

Check script succeeded

Output of check script (non-fatal):
Unknown license 'BSD-2-Clause or Ruby'
Unknown license 'BSD-2-Clause or Ruby'

licensedigger accepted review over 6 years ago

ok

staging-bot set openSUSE:Factory:Staging:F as a staging project over 6 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:F"

staging-bot accepted review over 6 years ago

Picked openSUSE:Factory:Staging:F

repo-checker accepted review over 6 years ago

cycle and install check passed

dimstar accepted review over 6 years ago

dimstar_suse accepted review over 6 years ago

ready to accept

dimstar_suse approved review over 6 years ago

ready to accept

dimstar_suse accepted request over 6 years ago

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by