Update Ruby to version 2.4.4 (#6964) (f464f98f) · Commits · liberty / host / Smilodon

Commit f464f98f authored 6 years ago by Yamagishi Kazutoshi Committed by Eugen Rochko 6 years ago

Update Ruby to version 2.4.4 (#6964)

https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems

parent 6a895e1a

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 3 additions and 3 deletions

Please register or to comment

Admin message

Admin message

Update Ruby to version 2.4.4 (#6964)