[PATCH] gnu: ruby: Replace with 2.3.2 [fixes CVE-2015-3900].

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Ben Woodcroft <donttrustben@gmail.com>
To: guix-devel@gnu.org
Subject: [PATCH] gnu: ruby: Replace with 2.3.2 [fixes CVE-2015-3900].
Date: Sat, 19 Nov 2016 09:32:09 +1000	[thread overview]
Message-ID: <20161118233209.28746-2-donttrustben@gmail.com> (raw)
In-Reply-To: <20161118233209.28746-1-donttrustben@gmail.com>

* gnu/packages/ruby.scm (ruby)[replacement]: New field.
(ruby-2.3.2): New variable.
---
 gnu/packages/ruby.scm | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index e4c1ef0..f2b5de9 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -47,6 +47,7 @@
 (define-public ruby
   (package
     (name "ruby")
+    (replacement ruby-2.3.2)
     (version "2.3.1")
     (source
      (origin
@@ -101,6 +102,25 @@ a focus on simplicity and productivity.")
     (home-page "https://ruby-lang.org")
     (license license:ruby)))
 
+(define ruby-2.3.2
+  (package
+    (inherit ruby)
+    (version "2.3.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "http://cache.ruby-lang.org/pub/ruby/"
+                           (version-major+minor version)
+                           "/ruby-" version ".tar.xz"))
+       (sha256
+        (base32
+         "031g76zxb2wp6988dmrpbqd98i17xi6l8q1115h83r2w0h8z6y2w"))
+       (modules '((guix build utils)))
+       (snippet `(begin
+                   ;; Remove bundled libffi
+                   (delete-file-recursively "ext/fiddle/libffi-3.2.1")
+                   #t))))))
+
 (define-public ruby-2.2
   (package (inherit ruby)
     (version "2.2.6")
-- 
2.10.0

next prev parent reply	other threads:[~2016-11-18 23:34 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-18 23:32 [PATCH 0/1]: Replace ruby with ruby-2.3.2 Ben Woodcroft
2016-11-18 23:32 ` Ben Woodcroft [this message]
2016-11-19 15:28   ` [PATCH] gnu: ruby: Replace with 2.3.2 [fixes CVE-2015-3900] Leo Famulari
2016-11-20  7:00     ` Ben Woodcroft
2016-11-20 15:28       ` Leo Famulari

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e4c1ef0 dfblob:f2b5de9 )
 OR (
bs:"[PATCH] gnu: ruby: Replace with 2.3.2 [fixes CVE-2015-3900]." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161118233209.28746-2-donttrustben@gmail.com \
    --to=donttrustben@gmail.com \
    --cc=guix-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.