Overview
Request 792686 revoked
- Update 2.6.6 (boo#1167244 boo#1168938)
- CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON
(Additional fix)
- CVE-2020-10933: Heap exposure vulnerability in the socket
library
https://github.com/ruby/ruby/compare/v2_6_5...v2_6_6
- drop CVE-2020-8130.patch and rake-12.3.2.gem again: fix included
- Fix CVE-2020-8130 (boo# 1164804) for the intree copy of rake:
- add CVE-2020-8130.patch and rake-12.3.2.gem
- Created by darix
- In state revoked
- Open review for backports-reviewers
- Open review for devel:languages:ruby / ruby2.6
Request History
darix created request
- Update 2.6.6 (boo#1167244 boo#1168938)
- CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON
(Additional fix)
- CVE-2020-10933: Heap exposure vulnerability in the socket
library
https://github.com/ruby/ruby/compare/v2_6_5...v2_6_6
- drop CVE-2020-8130.patch and rake-12.3.2.gem again: fix included
- Fix CVE-2020-8130 (boo# 1164804) for the intree copy of rake:
- add CVE-2020-8130.patch and rake-12.3.2.gem
leaper added as a reviewer
submitter not devel maintainer
leaper accepted review
ok
bigironman declined request
Rejecting because ruby2.6 will be synced automatically once it is accepted in openSUSE:Leap:15.2. So no need to submit it to Backports at the moment.
Thanks!
bigironman declined request
The target package 'ruby2.6' has been removed
darix revoked request
The source package 'ruby2.6' has been removed
devel:languages:ruby/ruby2.6@dde75b6e06acfb71a2008a61cafc5292 -> openSUSE:Backports:SLE-15-SP2/ruby2.6
sr#792507 review by openSUSE:Factory:Staging:B ok
perfect. the submitted sources are in or accepted for Factory