GNU bug report logs -
#30876
[PATCH] gnu: ruby-sanitize: Update to 4.6.3.
Previous Next
Reported by: Kei Kebreau <kkebreau <at> posteo.net>
Date: Tue, 20 Mar 2018 14:10:02 UTC
Severity: normal
Tags: patch
Done: Kei Kebreau <kkebreau <at> posteo.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 30876 in the body.
You can then email your comments to 30876 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#30876; Package
guix-patches.
(Tue, 20 Mar 2018 14:10:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Kei Kebreau <kkebreau <at> posteo.net>:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Tue, 20 Mar 2018 14:10:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
This fixes CVE-2018-3740.
* gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
---
gnu/packages/ruby.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index dcf4cda26..010dedde2 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
(define-public ruby-sanitize
(package
(name "ruby-sanitize")
- (version "4.0.0")
+ (version "4.6.3")
(source (origin
(method url-fetch)
;; The gem does not include the Rakefile, so we download the
@@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
+ "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
(build-system ruby-build-system)
(propagated-inputs
`(("ruby-crass" ,ruby-crass)
--
2.16.2
Information forwarded
to
guix-patches <at> gnu.org:
bug#30876; Package
guix-patches.
(Tue, 20 Mar 2018 14:51:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 30876 <at> debbugs.gnu.org (full text, mbox):
On Tue, Mar 20, 2018 at 10:09 AM, Kei Kebreau <kkebreau <at> posteo.net> wrote:
> This fixes CVE-2018-3740.
>
> * gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
> ---
> gnu/packages/ruby.scm | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
> index dcf4cda26..010dedde2 100644
> --- a/gnu/packages/ruby.scm
> +++ b/gnu/packages/ruby.scm
> @@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
> (define-public ruby-sanitize
> (package
> (name "ruby-sanitize")
> - (version "4.0.0")
> + (version "4.6.3")
> (source (origin
> (method url-fetch)
> ;; The gem does not include the Rakefile, so we download the
> @@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
> (file-name (string-append name "-" version ".tar.gz"))
> (sha256
> (base32
> - "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
> + "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
> (build-system ruby-build-system)
> (propagated-inputs
> `(("ruby-crass" ,ruby-crass)
> --
> 2.16.2
Looks good, thanks!
- Dave
Reply sent
to
Kei Kebreau <kkebreau <at> posteo.net>:
You have taken responsibility.
(Tue, 20 Mar 2018 15:22:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Kei Kebreau <kkebreau <at> posteo.net>:
bug acknowledged by developer.
(Tue, 20 Mar 2018 15:22:03 GMT)
Full text and
rfc822 format available.
Message #13 received at 30876-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
"Thompson, David" <dthompson2 <at> worcester.edu> writes:
> On Tue, Mar 20, 2018 at 10:09 AM, Kei Kebreau <kkebreau <at> posteo.net> wrote:
>> This fixes CVE-2018-3740.
>>
>> * gnu/packages/ruby.scm (ruby-sanitize): Update to 4.6.3.
>> ---
>> gnu/packages/ruby.scm | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
>> index dcf4cda26..010dedde2 100644
>> --- a/gnu/packages/ruby.scm
>> +++ b/gnu/packages/ruby.scm
>> @@ -3082,7 +3082,7 @@ access the result as a Nokogiri parsed document.")
>> (define-public ruby-sanitize
>> (package
>> (name "ruby-sanitize")
>> - (version "4.0.0")
>> + (version "4.6.3")
>> (source (origin
>> (method url-fetch)
>> ;; The gem does not include the Rakefile, so we download the
>> @@ -3092,7 +3092,7 @@ access the result as a Nokogiri parsed document.")
>> (file-name (string-append name "-" version ".tar.gz"))
>> (sha256
>> (base32
>> - "055xnj38l60gxnnng76kpy2l2jbrp0byjdyq17jw79w7l4b40znr"))))
>> + "1fmqppwif3cm8h79006jfzkdnlxxzlry9kzk03psk0d5xpg55ycc"))))
>> (build-system ruby-build-system)
>> (propagated-inputs
>> `(("ruby-crass" ,ruby-crass)
>> --
>> 2.16.2
>
> Looks good, thanks!
>
> - Dave
Thanks for reviewing! Pushed to master.
[signature.asc (application/pgp-signature, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Wed, 18 Apr 2018 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 7 years and 106 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.