From: Remco van 't Veer <remco@remworks.net>
To: 56302@debbugs.gnu.org
Cc: Tobias Geerinckx-Rice <me@tobias.gr>,
Maxime Devos <maximedevos@telenet.be>,
Remco van 't Veer <remco@remworks.net>
Subject: [bug#56302] [PATCH v2] gnu: ruby: Update to 2.7.6 [security fixes].
Date: Wed, 29 Jun 2022 20:00:37 +0200 [thread overview]
Message-ID: <20220629180037.27919-1-remco@remworks.net> (raw)
In-Reply-To: <20220629155533.5224-1-remco@remworks.net>
Includes fixes for: CVE-2022-28739, CVE-2021-41816, and CVE-2021-41817.
* gnu/packages/ruby.scm (ruby-2.7-fixed): New variable.
(ruby-2.7)[replacement]: Graft.
---
gnu/packages/ruby.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index 68e5d8dfd6..0b6626bdf7 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -28,6 +28,7 @@
;;; Copyright © 2021 EuAndreh <eu@euandre.org>
;;; Copyright © 2020 Tomás Ortín Fernández <tomasortin@mailbox.org>
;;; Copyright © 2021 Giovanni Biscuolo <g@xelera.eu>
+;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -152,6 +153,7 @@ (define-public ruby-2.7
(package
(inherit ruby-2.6)
(version "2.7.4")
+ (replacement ruby-2.7-fixed) ; security fixes
(source
(origin
(inherit (package-source ruby-2.6))
@@ -186,6 +188,20 @@ (define-public ruby-2.7
(native-inputs
(list autoconf))))
+(define ruby-2.7-fixed
+ (package
+ (inherit ruby-2.7)
+ (version "2.7.6")
+ (source
+ (origin
+ (inherit (package-source ruby-2.7))
+ (uri (string-append "https://cache.ruby-lang.org/pub/ruby/"
+ (version-major+minor version)
+ "/ruby-" version ".tar.gz"))
+ (sha256
+ (base32
+ "042xrdk7hsv4072bayz3f8ffqh61i8zlhvck10nfshllq063n877"))))))
+
(define-public ruby-3.0
(package
(inherit ruby-2.7)
--
2.36.1
next prev parent reply other threads:[~2022-06-29 18:02 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-29 15:55 [bug#56302] [PATCH] gnu: ruby: Update to 2.7.6 [security fixes] Remco van 't Veer
[not found] ` <handler.56302.B.165651815228055.ack@debbugs.gnu.org>
2022-06-29 15:58 ` [bug#56302] Acknowledgement ([PATCH] gnu: ruby: Update to 2.7.6 [security fixes].) Remco van 't Veer
2022-06-29 16:04 ` Tobias Geerinckx-Rice via Guix-patches via
2022-06-29 16:04 ` Maxime Devos
2022-06-29 16:13 ` Remco van 't Veer
2022-06-29 18:18 ` Maxime Devos
2022-06-29 18:00 ` Remco van 't Veer [this message]
2022-08-29 14:48 ` bug#56302: [PATCH v2] gnu: ruby: Update to 2.7.6 [security fixes] Marius Bakke
2022-06-29 18:29 ` [bug#56302] [PATCH] " Maxime Devos
2022-06-29 18:57 ` Maxime Devos
2022-08-29 14:51 ` Marius Bakke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220629180037.27919-1-remco@remworks.net \
--to=remco@remworks.net \
--cc=56302@debbugs.gnu.org \
--cc=maximedevos@telenet.be \
--cc=me@tobias.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).