Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ojkastl_buildservice:gitlab-runner
ruby2.7
ruby2.7.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ruby2.7.changes of Package ruby2.7
------------------------------------------------------------------- Thu Mar 30 14:05:54 UTC 2023 - Marcus Rueckert <mrueckert@suse.de> - update to 2.7.8 (boo#1209891 CVE-2023-28755 boo#1209967 CVE-2023-28756) https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ https://www.ruby-lang.org/en/news/2023/03/30/ruby-2-7-8-released/ - drop ruby-3.1.3-remove-timezone-test.patch solved differently upstream ------------------------------------------------------------------- Sun Dec 25 13:15:11 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - BuildRequire hostname for the testsuite ------------------------------------------------------------------- Sun Dec 25 12:26:20 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - Backport ruby-3.1.3-remove-timezone-test.patch ------------------------------------------------------------------- Sun Dec 25 10:13:43 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - Merge testing fixes from 3.1 to 2.7 to fix the testsuite flavor ------------------------------------------------------------------- Thu Nov 24 14:08:17 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - update to 2.7.7 (boo#1205726 CVE-2021-33621) https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/ https://www.ruby-lang.org/en/news/2022/11/24/ruby-2-7-7-released/ ------------------------------------------------------------------- Wed Apr 13 13:41:18 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - use rb_soname instead of hard coding the ruby package name ------------------------------------------------------------------- Wed Apr 13 10:09:28 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - add buildignore for ruby and ruby-common so we do not pull gem2rpm for the testsuite ------------------------------------------------------------------- Wed Apr 13 08:14:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - update to 2.7.6 (boo#1198441) https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/ CVE-2022-28739: Buffer overrun in String-to-Float conversion ------------------------------------------------------------------- Sun Feb 6 18:40:18 UTC 2022 - Marcus Rueckert <mrueckert@suse.de> - Build ruby with jemalloc for sle 15 up ------------------------------------------------------------------- Mon Dec 6 14:38:01 UTC 2021 - Dirk Müller <dmueller@suse.com> - explicitly build against openssl 1.x (not compatible with 3.x) ------------------------------------------------------------------- Thu Nov 25 11:45:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de> - update to 2.7.5 (boo#1193081 boo#1193080 boo#1193035) https://www.ruby-lang.org/en/news/2021/11/24/ruby-2-7-5-released/ - CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods - CVE-2021-41816: Buffer Overrun in CGI.escape_html - CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse ------------------------------------------------------------------- Wed Nov 10 17:04:01 UTC 2021 - Marcus Rueckert <mrueckert@suse.de> - Update to 2.7.4 https://www.ruby-lang.org/en/news/2021/07/07/ruby-2-7-4-released/ * CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP * CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP * CVE-2021-31799: A command injection vulnerability in RDoc ------------------------------------------------------------------- Mon Aug 30 15:02:49 UTC 2021 - Marcus Rueckert <mrueckert@suse.de> - use modern make_* macros ------------------------------------------------------------------- Fri Jul 9 13:16:57 UTC 2021 - Stephan Kulow <coolo@suse.com> - Expand the %ghost globs - otherwise they are not packaged correctly ------------------------------------------------------------------- Thu Jul 8 12:48:39 UTC 2021 - Stephan Kulow <coolo@suse.com> - Remove links in /etc/alternatives, they are %ghosts ------------------------------------------------------------------- Tue Apr 13 12:33:41 UTC 2021 - Marcus Rueckert <mrueckert@suse.de> - Update to 2.7.3 (boo#1184644) https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ - CVE-2021-28965: XML round-trip vulnerability in REXML Complete list of changes at https://github.com/ruby/ruby/compare/v2_7_2...v2_7_3 ------------------------------------------------------------------- Tue Oct 27 11:31:24 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - fix typo in ruby macros file ------------------------------------------------------------------- Sun Oct 25 18:07:56 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - fix typo in ruby2.7-default.macros which still referenced ruby 2.6 ------------------------------------------------------------------- Fri Oct 9 18:10:19 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - Update to 2.7.2 (boo#1177125) This release contains intentional incompatibility. Deprecation warnings are off by default on 2.7.2 and later. You can turn on deprecation warnings by specifying the -w or -W:deprecated option at the command-line. Please check the topics below for details. - Feature #17000 2.7.2 turns off deprecation warnings by default - Feature #16345 Don’t emit deprecation warnings by default. This release contains the new version of webrick with a security fix described in the article. - CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick Complete list of changes at https://github.com/ruby/ruby/compare/v2_7_1...v2_7_2 ------------------------------------------------------------------- Tue Apr 28 17:59:59 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - make sure that update-alternative weight for the default distribution is always greater than our normal weight ------------------------------------------------------------------- Tue Apr 28 17:18:35 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - make the update-alternative weight based on the ruby version ------------------------------------------------------------------- Tue Apr 14 07:47:25 UTC 2020 - Bernhard Wiedemann <bwiedemann@suse.com> - Add ruby2.7-drop-build-date.patch (boo#1047218) ------------------------------------------------------------------- Tue Apr 7 22:53:35 UTC 2020 - Marcus Rueckert <mrueckert@suse.de> - Update to 2.7.1 (boo#1167244 boo#1168938) - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix) - CVE-2020-10933: Heap exposure vulnerability in the socket library https://github.com/ruby/ruby/compare/v2_7_0...v2_7_1 ------------------------------------------------------------------- Tue Feb 18 13:54:37 UTC 2020 - Stefan Brüns <stefan.bruens@rwth-aachen.de> - Apply fixes/changes from ruby2.6 package lost in ruby2.7 switch: * Fix mangling of shebangs, do not replace shell invocations with ruby, correcly replace "/usr/bin/env ruby". (bnc#1156797) * Cleanup spec file: + Drop support for obsolete distro versions + use license macro, remove defattr * Use valgrind-client-headers instead of full valgrind-devel package where available, reducing build package footprint. * Remove unused libX11-devel BuildRequires. ------------------------------------------------------------------- Sat Dec 28 08:03:54 UTC 2019 - Marcus Rueckert <mrueckert@suse.de> - update to final release of 2.7.0 http://www.ruby-lang.org/en/news/2019/12/25/ruby-2-7-0-released/ - update the use-pie.patch to apply cleanly again ------------------------------------------------------------------- Tue Jul 9 14:16:36 UTC 2019 - Marcus Rueckert <mrueckert@suse.de> - fix running tests (boo#1140844) just passing the DISABLED_TESTS variable is wrong. probably a relict from calling the test scripts directly. use TESTOPTS now. ------------------------------------------------------------------- Sun Jun 23 02:59:03 UTC 2019 - Marcus Rueckert <mrueckert@suse.de> - add gmp to the buildrequires ------------------------------------------------------------------- Sat Jun 22 21:07:33 UTC 2019 - Marcus Rueckert <mrueckert@suse.de> - starting package with 2.7.0-preview1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor