Overview
Request 543851 accepted
- disable jemalloc again because of: (boo#1068883)
https://github.com/jemalloc/jemalloc/issues/937
- Add conflicts to libruby to make sure ruby and ruby-stdlib are
also updated when libruby is updated (bsc#1048072.)
- devel package needs to require jemalloc-devel when building with
it
- only use jemalloc on opensuse and sle >= 15
- update to 2.4.2
- CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
(boo#1058755)
- CVE-2017-10784: Escape sequence injection vulnerability in the
Basic authentication of WEBrick (boo#1058754)
- CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1
decode (boo#1058757)
- CVE-2017-14064: Heap exposure in generating JSON
(boo#1056782)
- Multiple vulnerabilities in RubyGems (boo#1056286)
CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902
- Update bundled libyaml to version 0.1.7.
- There are also many bug-fixes. For more details see:
https://github.com/ruby/ruby/compare/v2_4_1...v2_4_2
- added https://bugs.ruby-lang.org/attachments/download/6735/configure-2.4.2.diff
to allow building with libgmp and libjemalloc again
- provide a ruby-default symbol and conflict with other providers
of that symbol so we can uninstall older default ruby versions
Breaks plenty of YaST modules; backlog
Request History
darix created request
- disable jemalloc again because of: (boo#1068883)
https://github.com/jemalloc/jemalloc/issues/937
- Add conflicts to libruby to make sure ruby and ruby-stdlib are
also updated when libruby is updated (bsc#1048072.)
- devel package needs to require jemalloc-devel when building with
it
- only use jemalloc on opensuse and sle >= 15
- update to 2.4.2
- CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
(boo#1058755)
- CVE-2017-10784: Escape sequence injection vulnerability in the
Basic authentication of WEBrick (boo#1058754)
- CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1
decode (boo#1058757)
- CVE-2017-14064: Heap exposure in generating JSON
(boo#1056782)
- Multiple vulnerabilities in RubyGems (boo#1056286)
CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902
- Update bundled libyaml to version 0.1.7.
- There are also many bug-fixes. For more details see:
https://github.com/ruby/ruby/compare/v2_4_1...v2_4_2
- added https://bugs.ruby-lang.org/attachments/download/6735/configure-2.4.2.diff
to allow building with libgmp and libjemalloc again
- provide a ruby-default symbol and conflict with other providers
of that symbol so we can uninstall older default ruby versions
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
Output of check script (non-fatal):
Unknown license 'BSD-2-Clause or Ruby'
Unknown license 'BSD-2-Clause or Ruby'
licensedigger accepted review
ok
staging-bot set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
staging-bot accepted review
Picked openSUSE:Factory:Staging:F
repo-checker accepted review
cycle and install check passed
dimstar accepted review
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory