poky/ruby at 6639c7b29502bed5ce1bfb0abcfd4dc09b3e1da6 - poky

CaROS/poky

mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00

History

Divya Chellam 6639c7b295 ruby: fix CVE-2024-41123 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-41123 Upstream-patches: `2c39c91a65` `4444a04ece` `ebc3e85bfa` `6cac15d458` `e2546e6eca` (From OE-Core rev: 6b2a2e689a69deef6098f6c266542234e46fb24b) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-12-01 06:50:49 -08:00
..
ruby	ruby: fix CVE-2024-41123	2025-12-01 06:50:49 -08:00
ruby_3.1.3.bb	ruby: fix CVE-2024-41123	2025-12-01 06:50:49 -08:00

Divya Chellam 6639c7b295 ruby: fix CVE-2024-41123

REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS
vulnerabilities when it parses an XML that has many specific characters
such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later
include the patches to fix these vulnerabilities.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-41123

Upstream-patches:
2c39c91a65
4444a04ece
ebc3e85bfa
6cac15d458
e2546e6eca

(From OE-Core rev: 6b2a2e689a69deef6098f6c266542234e46fb24b)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-12-01 06:50:49 -08:00

ruby ruby: fix CVE-2024-41123 2025-12-01 06:50:49 -08:00

ruby_3.1.3.bb ruby: fix CVE-2024-41123 2025-12-01 06:50:49 -08:00