security update in Fedora 28 for ruby

Status: stable a year ago
  • Rebase to Ruby 2.5.1.
  • Several CVE fixes.
  • Conflict requirement needs to generate dependency.
  • Stop using --with-setjmp-type=setjmp on aarch64.

Comments 8

This update has been submitted for testing by vondruch.

This update has been pushed to testing.

looks good

karma: +1


karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 10

00 #1545239 miniruby crashing when compiled with -O2 or -O1 on aarch64
00 #1561487 Requires generator does not handle correctly dependencies such as "cookiejar != 0.3.1"
00 #1561817 ruby-2.5.1 is available
00 #1561947 CVE-2018-6914 ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
00 #1561948 CVE-2018-8779 ruby: Unintentional socket creation by poisoned NULL byte in UNIXServer and UNIXSocket
00 #1561949 CVE-2018-8780 ruby: Unintentional directory traversal by poisoned NULL byte in Dir
00 #1561950 CVE-2018-8777 ruby: DoS by large request in WEBrick
00 #1561952 CVE-2017-17742 ruby: HTTP response splitting in WEBrick
00 #1561953 CVE-2018-8778 ruby: Buffer under-read in String#unpack
00 #1561957 CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 ruby: various flaws [fedora-all]

Automated Test Results