GNU bug report logs - #59582
[PATCH] gnu: ruby: Update to 2.7.7. [security fixes].

Previous Next

Package: guix-patches;

Reported by: Remco van 't Veer <remco <at> remworks.net>

Date: Fri, 25 Nov 2022 19:24:02 UTC

Severity: normal

Tags: patch

Done: Efraim Flashner <efraim <at> flashner.co.il>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Efraim Flashner <efraim <at> flashner.co.il>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#59582: closed ([PATCH] gnu: ruby: Update to 2.7.7. [security
 fixes].)
Date: Sun, 27 Nov 2022 11:07:02 +0000

[Message part 1 (text/plain, inline)]
Your message dated Sun, 27 Nov 2022 13:02:37 +0200
with message-id <Y4NDzQM3Rzk9FS4E <at> 3900XT>
and subject line Re: [bug#59582] [PATCH] gnu: ruby: Update to 2.7.7. [security fixes].
has caused the debbugs.gnu.org bug report #59582,
regarding [PATCH] gnu: ruby: Update to 2.7.7. [security fixes].
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
59582: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=59582
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Remco van 't Veer <remco <at> remworks.net>
To: guix-patches <at> gnu.org
Cc: Remco van 't Veer <remco <at> remworks.net>
Subject: [PATCH] gnu: ruby: Update to 2.7.7. [security fixes].
Date: Fri, 25 Nov 2022 20:23:27 +0100

Fixes: CVE-2021-33621: HTTP response splitting in CGI.

* gnu/packages/ruby.scm (ruby-2.7-fixed): Update to 2.7.7.
---
 gnu/packages/ruby.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index b53aa02ef3..37d18061f8 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -194,7 +194,7 @@ (define-public ruby-2.7
 (define ruby-2.7-fixed
   (package
     (inherit ruby-2.7)
-    (version "2.7.6")
+    (version "2.7.7")
     (source
      (origin
        (inherit (package-source ruby-2.7))
@@ -203,7 +203,7 @@ (define ruby-2.7-fixed
                            "/ruby-" version ".tar.gz"))
        (sha256
         (base32
-         "042xrdk7hsv4072bayz3f8ffqh61i8zlhvck10nfshllq063n877"))))))
+         "143vih5jzmrd2r5h94pa3qzml0ldii0qzs6g09jg6zqxd7djf0g1"))))))
 
 (define-public ruby-3.0
   (package
-- 
2.38.1




[Message part 3 (message/rfc822, inline)]
From: Efraim Flashner <efraim <at> flashner.co.il>
To: Remco van 't Veer <remco <at> remworks.net>
Cc: 59582-done <at> debbugs.gnu.org
Subject: Re: [bug#59582] [PATCH] gnu: ruby: Update to 2.7.7. [security fixes].
Date: Sun, 27 Nov 2022 13:02:37 +0200

[Message part 4 (text/plain, inline)]
Thanks. Patch pushed!

-- 
Efraim Flashner   <efraim <at> flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 237 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.