From unknown Sat Sep 06 03:53:12 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#59585] [PATCH] gnu: ruby-3.0: Update to 3.1.3. [security fixes]. Resent-From: Remco van 't Veer Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 25 Nov 2022 19:42:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 59585 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 59585@debbugs.gnu.org Cc: Remco van 't Veer X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16694052675278 (code B ref -1); Fri, 25 Nov 2022 19:42:01 +0000 Received: (at submit) by debbugs.gnu.org; 25 Nov 2022 19:41:07 +0000 Received: from localhost ([127.0.0.1]:37223 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyeZL-0001N1-Mk for submit@debbugs.gnu.org; Fri, 25 Nov 2022 14:41:07 -0500 Received: from lists.gnu.org ([209.51.188.17]:48920) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyeZK-0001Ms-0H for submit@debbugs.gnu.org; Fri, 25 Nov 2022 14:41:02 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oyeZJ-0005GO-HP for guix-patches@gnu.org; Fri, 25 Nov 2022 14:41:01 -0500 Received: from wout1-smtp.messagingengine.com ([64.147.123.24]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oyeZH-0002Ol-EI for guix-patches@gnu.org; Fri, 25 Nov 2022 14:41:01 -0500 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 88E543200437; Fri, 25 Nov 2022 14:40:57 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Fri, 25 Nov 2022 14:40:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=remworks.net; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t=1669405257; x=1669491657; bh=hqJx1Zr98ZmQcGGfrkVjbVP4d 7zCCbHquLUX0U710FE=; b=ryHAH2h8bk20up0wDBtOwf8A7W38dX7FeGopeyOum C5bBntAXfu/+6ouo03NgPUl9b4UdchvxnDkD5dfkPnWSZrBkqwR1C/zAPQIg9Kpo UtIX3vihZyQlpRaTIqkgM+FB/k55IWQaCf7Ziqpd/6OWIsgjih5GrowRbQx/2YLD jku5uXOTRgygEVRgoXe8EGgCaSnPDpFYMAbnNuIPD5/+huwwv4ikGfHIWbPSFJ// o5opIc+tQfQGrbrVF/qtjgPn1XzpLHs84UynOAZ+E27IwfhVOTWJjSfSeyrQWWK/ DPvBefp+mvQaswE+X07qQKRgnE+bdXgUdJRdtPVXGoOQQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1669405257; x=1669491657; bh=hqJx1Zr98ZmQcGGfrkVjbVP4d7zCCbHquLU X0U710FE=; b=kQKrKj6set/n9EZhyNUJ1btTC5ml1l1CaFDaK2ftDkUjGBOAi6O xzcr9CSCNUmuFgxnYcKDuE/WwYuNXXChRatnb96mlqcrkeQf4IfVFgKvIKsDpySE dVGIVKWoYrpUTp6Wo/Ejl/QovZ36BghQ4Vrs+QztsgGU0z1ndJbCVZD7R9pw4WtL 4DFum6OgM1m2CFr8mim5URByTKCIE/CE4Q5TZ66Km16QC1VsnmVOlRtWolC5NYif 6rsIacfoDhkQ6/DKZd35rp5AvvQm6dEFVvMj5cIBhn/0eDwpUAvtS306ciRRjwpd DwK5qOYNHzdYvkNWEPqbHEy0poZtgMdREkg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvgedrieehgdduvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeftvghmtghouchvrghnucdkthcugggvvghruceorhgvmhgtohes rhgvmhifohhrkhhsrdhnvghtqeenucggtffrrghtthgvrhhnpeegueeggfdtheffhedtie ejuddugffgtddvueeftedtuefhtdffjeelgeefvdetieenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehrfihvsehfrghsthhmrghilhdrtghomh X-ME-Proxy: Feedback-ID: i568842cc:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 25 Nov 2022 14:40:56 -0500 (EST) From: Remco van 't Veer Date: Fri, 25 Nov 2022 20:40:52 +0100 Message-Id: <20221125194052.30265-1-remco@remworks.net> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=64.147.123.24; envelope-from=rwv@fastmail.com; helo=wout1-smtp.messagingengine.com X-Spam_score_int: -21 X-Spam_score: -2.2 X-Spam_bar: -- X-Spam_report: (-2.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.243, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.1 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.0 (---) Fixes: CVE-2021-33621: HTTP response splitting in CGI. * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3. --- gnu/packages/ruby.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index b53aa02ef3..375b09fd72 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -225,7 +225,7 @@ (define-public ruby-3.0 (define-public ruby-3.1 (package (inherit ruby-3.0) - (version "3.1.2") + (version "3.1.3") (source (origin (method url-fetch) @@ -234,7 +234,7 @@ (define-public ruby-3.1 "/ruby-" version ".tar.xz")) (sha256 (base32 - "0amzqczgvr51ilcqfgw0n41hrfanzi0wh8k6am3x5dm1z0bx046a")))))) + "06ipqz45qcs0y1273gk2gwslxwd7jgighz3mzbddzg16k29n3qaf")))))) (define-public ruby ruby-2.7) -- 2.38.1 From unknown Sat Sep 06 03:53:12 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#59585] [PATCH v2] gnu: ruby-3.1: Update to 3.1.3. [security fixes]. References: <20221125194052.30265-1-remco@remworks.net> In-Reply-To: <20221125194052.30265-1-remco@remworks.net> Resent-From: Remco van 't Veer Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 25 Nov 2022 20:37:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 59585 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 59585@debbugs.gnu.org Cc: Remco van 't Veer Received: via spool by 59585-submit@debbugs.gnu.org id=B59585.166940861910579 (code B ref 59585); Fri, 25 Nov 2022 20:37:01 +0000 Received: (at 59585) by debbugs.gnu.org; 25 Nov 2022 20:36:59 +0000 Received: from localhost ([127.0.0.1]:37291 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyfRT-0002kZ-Ao for submit@debbugs.gnu.org; Fri, 25 Nov 2022 15:36:59 -0500 Received: from wout4-smtp.messagingengine.com ([64.147.123.20]:52293) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyfRR-0002kM-Ch for 59585@debbugs.gnu.org; Fri, 25 Nov 2022 15:36:57 -0500 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 8917C32009DB; Fri, 25 Nov 2022 15:36:51 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Fri, 25 Nov 2022 15:36:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=remworks.net; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t=1669408611; x=1669495011; bh=RFlYq5Q50F6yspmbs8P80lv9+ 6OwzT3noNFCbWQ6DuI=; b=IG3vsjIfoOJh06oNN/73alXpX08wbyZ/YMOTkDFIW ZhXRauOYeC7Zjasz6J/9FZ7vJj47EEytq2tP6ngudbt0c1oDf+UKGBFg5yaluETA zRg5ZVaMzFL14S+iCNa4TyG2s00+ncFABt0c+SstjwY2enX5ddl+UaxhpDFIcI3G jjKSJwTkndDiVbj9OCwhKm4w+MtP8smmvxosMV4qN2lVEgYgKZfEDVaR0041NvmB RTXacvEAP+Y2UoCF2iPiIlAmg+sFM2JfNciNkgPGCuFy1QDCBIUTLnqEZOPiJTQ7 040x3ABA2dNFU/uXiB4cuZmF7aROKCbNAYBa+7BK3Vk0w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1669408611; x=1669495011; bh=RFlYq5Q50F6yspmbs8P80lv9+6OwzT3noNF CbWQ6DuI=; b=v1v8w5hYjpWZD1SJNrEF6rjmtaNzcJRtx6HJpE67yOyqxOxaURE bnXG+x+8D7AwqQ4FhBAwk+eVyjXSuQNAG0CZzkz5YEmyeTggRSkG7gLDwa7O6LFz ufkcDeghSrRBwsOHpWjqqTIban0Gl7cBW8jMIEQLHqfYO6VZufr1xIgLc94zBe9w B9XfCXVrCy1qSNd8fYHlzqL4VqpxyJJ9m2HBwlOfDmAdVhX+16/ayTe/FfZS0pGo P5JIe9bgO+wjEmLMzalvbCs6VPeEdI9TywxGg/nMLCf+we5GyYCe4tSfyOTMztrR N1OQmImd19GpezXjjMqnmsXBOFvk4Np+zfg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvgedrieehgddugedtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeftvghmtghouchvrghnucdkthcugggvvghruceorhgvmhgtohes rhgvmhifohhrkhhsrdhnvghtqeenucggtffrrghtthgvrhhnpeegueeggfdtheffhedtie ejuddugffgtddvueeftedtuefhtdffjeelgeefvdetieenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehrfihvsehfrghsthhmrghilhdrtghomh X-ME-Proxy: Feedback-ID: i568842cc:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 25 Nov 2022 15:36:50 -0500 (EST) From: Remco van 't Veer Date: Fri, 25 Nov 2022 21:36:47 +0100 Message-Id: <20221125203647.22237-1-remco@remworks.net> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.5 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.4 (-) Fixes: CVE-2021-33621: HTTP response splitting in CGI. * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3. --- Oeps, sorry. Copy paste error in commit message. gnu/packages/ruby.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index b53aa02ef3..375b09fd72 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -225,7 +225,7 @@ (define-public ruby-3.0 (define-public ruby-3.1 (package (inherit ruby-3.0) - (version "3.1.2") + (version "3.1.3") (source (origin (method url-fetch) @@ -234,7 +234,7 @@ (define-public ruby-3.1 "/ruby-" version ".tar.xz")) (sha256 (base32 - "0amzqczgvr51ilcqfgw0n41hrfanzi0wh8k6am3x5dm1z0bx046a")))))) + "06ipqz45qcs0y1273gk2gwslxwd7jgighz3mzbddzg16k29n3qaf")))))) (define-public ruby ruby-2.7) -- 2.38.1 From unknown Sat Sep 06 03:53:12 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Remco van 't Veer Subject: bug#59585: closed (Re: [bug#59585] [PATCH v2] gnu: ruby-3.1: Update to 3.1.3. [security fixes].) Message-ID: References: <87sfhslq7c.fsf@cbaines.net> <20221125194052.30265-1-remco@remworks.net> X-Gnu-PR-Message: they-closed 59585 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 59585@debbugs.gnu.org Date: Tue, 06 Dec 2022 11:36:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1670326562-24812-1" This is a multi-part message in MIME format... ------------=_1670326562-24812-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #59585: [PATCH] gnu: ruby-3.0: Update to 3.1.3. [security fixes]. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 59585@debbugs.gnu.org. --=20 59585: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D59585 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1670326562-24812-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 59585-done) by debbugs.gnu.org; 6 Dec 2022 11:35:53 +0000 Received: from localhost ([127.0.0.1]:42381 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1p2WEr-0006Rz-9k for submit@debbugs.gnu.org; Tue, 06 Dec 2022 06:35:53 -0500 Received: from mira.cbaines.net ([212.71.252.8]:42018) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1p2WEq-0006Rt-0k for 59585-done@debbugs.gnu.org; Tue, 06 Dec 2022 06:35:52 -0500 Received: from localhost (unknown [IPv6:2a02:8010:68c1:0:3a91:a0a4:ecee:f157]) by mira.cbaines.net (Postfix) with ESMTPSA id 975E427BBE9; Tue, 6 Dec 2022 11:35:51 +0000 (GMT) Received: from felis (localhost [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id c7d01860; Tue, 6 Dec 2022 11:35:51 +0000 (UTC) References: <20221125194052.30265-1-remco@remworks.net> <20221125203647.22237-1-remco@remworks.net> User-agent: mu4e 1.8.11; emacs 28.2 From: Christopher Baines To: Remco van 't Veer Subject: Re: [bug#59585] [PATCH v2] gnu: ruby-3.1: Update to 3.1.3. [security fixes]. Date: Tue, 06 Dec 2022 11:35:25 +0000 In-reply-to: <20221125203647.22237-1-remco@remworks.net> Message-ID: <87sfhslq7c.fsf@cbaines.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 59585-done Cc: guix-patches@gnu.org, 59585-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain Remco van 't Veer writes: > Fixes: CVE-2021-33621: HTTP response splitting in CGI. > > * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3. > --- > > Oeps, sorry. Copy paste error in commit message. > > gnu/packages/ruby.scm | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Awesome, I've pushed this to master as b573af1165081fa8be6afa15a5f54e148125c8f2. Thanks, Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmOPKRdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh aW5lcy5uZXQACgkQXiijOwuE9Xdibg/+Jq0vkG8OTKgEkFDUSSlGAE8pf3RC3XEd GflIG3mjVmqsm6BCDsvmXqlhtTflcQmB51KmJmKF6doGJVuCYOQl7z2TSWaPiWGd JbBAeyBsPVZU++Y0/v82k1c6ciLsHaiSAcavbdSPnF4G3ZK/ZzQaJuknB2rIQUvi 37FS/QxmqbAYG2CFtFtHh1e8jZ+gXe2rjdv0gz3tFk8Ns9S9G5IcVR7pIQO7vAfV lo491eaKC4cBv0QKpZAqlIDfD6jLh0XHzvNr+2z+7vipwl1OMIlU2ibfBGxL1rx5 rz6ev54aH6bAbLUZKILLcfepNC7OX+LNIZDu+hd/9pa2AdDaFYZqJSOUisU2cP0i pDw+7vcBlN4mvNn9dYhDjdwUChwIgKVLpb5icBUGe1PxPbgkkmHSyTIbIn1A3aAQ dC/NaW/TFcGqbj0BF3T2VcBUQh46cQkaMrN7sQGnUZ7gjd55LYEO45KKM//OZaIP YSfFizl2fyoBidNBxAsHPHUzeAPX59XN7iBQdBFepSfrVwANRevYNS4gf1M7QktI mQr3DfmoPDXKqgTNC471a2tjE70HmDTB2+HXfGb0wMivd9gnz/snG5VflgLuU25e 9tz0V2Zv4sOHGJ8gr08QSbywxBOWn4F8CL4UhH3qHTJKuDy4pQ1fnOu6Emd5F9bV gXma3aJ7rO0= =mh/8 -----END PGP SIGNATURE----- --=-=-=-- ------------=_1670326562-24812-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 25 Nov 2022 19:41:07 +0000 Received: from localhost ([127.0.0.1]:37223 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyeZL-0001N1-Mk for submit@debbugs.gnu.org; Fri, 25 Nov 2022 14:41:07 -0500 Received: from lists.gnu.org ([209.51.188.17]:48920) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oyeZK-0001Ms-0H for submit@debbugs.gnu.org; Fri, 25 Nov 2022 14:41:02 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oyeZJ-0005GO-HP for guix-patches@gnu.org; Fri, 25 Nov 2022 14:41:01 -0500 Received: from wout1-smtp.messagingengine.com ([64.147.123.24]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oyeZH-0002Ol-EI for guix-patches@gnu.org; Fri, 25 Nov 2022 14:41:01 -0500 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 88E543200437; Fri, 25 Nov 2022 14:40:57 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Fri, 25 Nov 2022 14:40:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=remworks.net; h= cc:cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=fm3; t=1669405257; x=1669491657; bh=hqJx1Zr98ZmQcGGfrkVjbVP4d 7zCCbHquLUX0U710FE=; b=ryHAH2h8bk20up0wDBtOwf8A7W38dX7FeGopeyOum C5bBntAXfu/+6ouo03NgPUl9b4UdchvxnDkD5dfkPnWSZrBkqwR1C/zAPQIg9Kpo UtIX3vihZyQlpRaTIqkgM+FB/k55IWQaCf7Ziqpd/6OWIsgjih5GrowRbQx/2YLD jku5uXOTRgygEVRgoXe8EGgCaSnPDpFYMAbnNuIPD5/+huwwv4ikGfHIWbPSFJ// o5opIc+tQfQGrbrVF/qtjgPn1XzpLHs84UynOAZ+E27IwfhVOTWJjSfSeyrQWWK/ DPvBefp+mvQaswE+X07qQKRgnE+bdXgUdJRdtPVXGoOQQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1669405257; x=1669491657; bh=hqJx1Zr98ZmQcGGfrkVjbVP4d7zCCbHquLU X0U710FE=; b=kQKrKj6set/n9EZhyNUJ1btTC5ml1l1CaFDaK2ftDkUjGBOAi6O xzcr9CSCNUmuFgxnYcKDuE/WwYuNXXChRatnb96mlqcrkeQf4IfVFgKvIKsDpySE dVGIVKWoYrpUTp6Wo/Ejl/QovZ36BghQ4Vrs+QztsgGU0z1ndJbCVZD7R9pw4WtL 4DFum6OgM1m2CFr8mim5URByTKCIE/CE4Q5TZ66Km16QC1VsnmVOlRtWolC5NYif 6rsIacfoDhkQ6/DKZd35rp5AvvQm6dEFVvMj5cIBhn/0eDwpUAvtS306ciRRjwpd DwK5qOYNHzdYvkNWEPqbHEy0poZtgMdREkg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvgedrieehgdduvdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvfevufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpeftvghmtghouchvrghnucdkthcugggvvghruceorhgvmhgtohes rhgvmhifohhrkhhsrdhnvghtqeenucggtffrrghtthgvrhhnpeegueeggfdtheffhedtie ejuddugffgtddvueeftedtuefhtdffjeelgeefvdetieenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehrfihvsehfrghsthhmrghilhdrtghomh X-ME-Proxy: Feedback-ID: i568842cc:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 25 Nov 2022 14:40:56 -0500 (EST) From: Remco van 't Veer To: guix-patches@gnu.org Subject: [PATCH] gnu: ruby-3.0: Update to 3.1.3. [security fixes]. Date: Fri, 25 Nov 2022 20:40:52 +0100 Message-Id: <20221125194052.30265-1-remco@remworks.net> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=64.147.123.24; envelope-from=rwv@fastmail.com; helo=wout1-smtp.messagingengine.com X-Spam_score_int: -21 X-Spam_score: -2.2 X-Spam_bar: -- X-Spam_report: (-2.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.243, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.1 (-) X-Debbugs-Envelope-To: submit Cc: Remco van 't Veer X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.0 (---) Fixes: CVE-2021-33621: HTTP response splitting in CGI. * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3. --- gnu/packages/ruby.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index b53aa02ef3..375b09fd72 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -225,7 +225,7 @@ (define-public ruby-3.0 (define-public ruby-3.1 (package (inherit ruby-3.0) - (version "3.1.2") + (version "3.1.3") (source (origin (method url-fetch) @@ -234,7 +234,7 @@ (define-public ruby-3.1 "/ruby-" version ".tar.xz")) (sha256 (base32 - "0amzqczgvr51ilcqfgw0n41hrfanzi0wh8k6am3x5dm1z0bx046a")))))) + "06ipqz45qcs0y1273gk2gwslxwd7jgighz3mzbddzg16k29n3qaf")))))) (define-public ruby ruby-2.7) -- 2.38.1 ------------=_1670326562-24812-1-- From unknown Sat Sep 06 03:53:12 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#59585] [PATCH v2] gnu: ruby-3.1: Update to 3.1.3. [security fixes]. Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 06 Dec 2022 11:37:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 59585 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Remco van 't Veer Cc: 59585@debbugs.gnu.org, 59585-done@debbugs.gnu.org X-Debbugs-Original-Cc: guix-patches@gnu.org, 59585-done@debbugs.gnu.org Received: via spool by submit@debbugs.gnu.org id=B.167032656624862 (code B ref -1); Tue, 06 Dec 2022 11:37:01 +0000 Received: (at submit) by debbugs.gnu.org; 6 Dec 2022 11:36:06 +0000 Received: from localhost ([127.0.0.1]:42389 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1p2WF4-0006Sw-Io for submit@debbugs.gnu.org; Tue, 06 Dec 2022 06:36:06 -0500 Received: from lists.gnu.org ([209.51.188.17]:33730) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1p2WF3-0006Sq-8d for submit@debbugs.gnu.org; Tue, 06 Dec 2022 06:36:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p2WEz-0004E6-Vj for guix-patches@gnu.org; Tue, 06 Dec 2022 06:36:05 -0500 Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1p2WEt-0006xl-Gg for guix-patches@gnu.org; Tue, 06 Dec 2022 06:36:01 -0500 Received: from localhost (unknown [IPv6:2a02:8010:68c1:0:3a91:a0a4:ecee:f157]) by mira.cbaines.net (Postfix) with ESMTPSA id 975E427BBE9; Tue, 6 Dec 2022 11:35:51 +0000 (GMT) Received: from felis (localhost [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id c7d01860; Tue, 6 Dec 2022 11:35:51 +0000 (UTC) References: <20221125194052.30265-1-remco@remworks.net> <20221125203647.22237-1-remco@remworks.net> User-agent: mu4e 1.8.11; emacs 28.2 From: Christopher Baines Date: Tue, 06 Dec 2022 11:35:25 +0000 In-reply-to: <20221125203647.22237-1-remco@remworks.net> Message-ID: <87sfhslq7c.fsf@cbaines.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27; envelope-from=mail@cbaines.net; helo=mira.cbaines.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) --=-=-= Content-Type: text/plain Remco van 't Veer writes: > Fixes: CVE-2021-33621: HTTP response splitting in CGI. > > * gnu/packages/ruby.scm (ruby-3.1): Update to 3.1.3. > --- > > Oeps, sorry. Copy paste error in commit message. > > gnu/packages/ruby.scm | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Awesome, I've pushed this to master as b573af1165081fa8be6afa15a5f54e148125c8f2. Thanks, Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmOPKRdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh aW5lcy5uZXQACgkQXiijOwuE9Xdibg/+Jq0vkG8OTKgEkFDUSSlGAE8pf3RC3XEd GflIG3mjVmqsm6BCDsvmXqlhtTflcQmB51KmJmKF6doGJVuCYOQl7z2TSWaPiWGd JbBAeyBsPVZU++Y0/v82k1c6ciLsHaiSAcavbdSPnF4G3ZK/ZzQaJuknB2rIQUvi 37FS/QxmqbAYG2CFtFtHh1e8jZ+gXe2rjdv0gz3tFk8Ns9S9G5IcVR7pIQO7vAfV lo491eaKC4cBv0QKpZAqlIDfD6jLh0XHzvNr+2z+7vipwl1OMIlU2ibfBGxL1rx5 rz6ev54aH6bAbLUZKILLcfepNC7OX+LNIZDu+hd/9pa2AdDaFYZqJSOUisU2cP0i pDw+7vcBlN4mvNn9dYhDjdwUChwIgKVLpb5icBUGe1PxPbgkkmHSyTIbIn1A3aAQ dC/NaW/TFcGqbj0BF3T2VcBUQh46cQkaMrN7sQGnUZ7gjd55LYEO45KKM//OZaIP YSfFizl2fyoBidNBxAsHPHUzeAPX59XN7iBQdBFepSfrVwANRevYNS4gf1M7QktI mQr3DfmoPDXKqgTNC471a2tjE70HmDTB2+HXfGb0wMivd9gnz/snG5VflgLuU25e 9tz0V2Zv4sOHGJ8gr08QSbywxBOWn4F8CL4UhH3qHTJKuDy4pQ1fnOu6Emd5F9bV gXma3aJ7rO0= =mh/8 -----END PGP SIGNATURE----- --=-=-=--