Page MenuHomeSolus

Update ruby to 3.0.4 (security fixes)
ClosedPublic

Authored by biqqles on Apr 21 2022, 8:24 PM.

Details

Summary

Release notes

  • CVE-2022-28738: Double free in Regexp compilation
  • CVE-2022-28739: Buffer overrun in String-to-Float conversion
Test Plan

Ran a minitest test suite.

Diff Detail

Repository
R2832 ruby
Branch
master
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 3751
Build 3751: arc lint + arc unit

Event Timeline

biqqles created this revision.Apr 21 2022, 8:24 PM
biqqles requested review of this revision.Apr 21 2022, 8:24 PM
biqqles added a comment.EditedApr 21 2022, 8:39 PM

Not sure why the docs for OptionParser/TSort were included then nuked, but ri TSort --no-standard-docs --system still resolves.

biqqles retitled this revision from Update ruby to 3.0.4 to Update ruby to 3.0.4 (security fixes).Apr 22 2022, 12:27 PM
Girtablulu accepted this revision.Apr 22 2022, 1:07 PM
Girtablulu added a subscriber: Girtablulu.

LGTM, thx

This revision is now accepted and ready to land.Apr 22 2022, 1:07 PM
This revision was automatically updated to reflect the committed changes.