Update to Ruby 3.3.1
Fixes:
CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
CVE-2024-27280: Buffer overread vulnerability in StringIO
Backport an upstream fix for ILP32 architectures.
Switch check to test-all as the test target, as the previous check
target fails before the main test suite runs due to a symbol
visibility that doesn't handle retguard.
Upstream fix identified by tb@
i386 testing by tb@
OK tb@
Update to Ruby 3.2.4
Fixes:
CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
CVE-2024-27280: Buffer overread vulnerability in StringIO
OK tb@
Update to Ruby 3.1.5
Fixes:
CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
CVE-2024-27280: Buffer overread vulnerability in StringIO
Fix a bad backport in the fiddle extension that breaks compilation.
OK tb@
Update to Ruby 3.3.1
Backport an upstream fix for ILP32 architectures.
Switch check to test-all as the test target, as the previous check
target fails before the main test suite runs due to a symbol
visibility that doesn't handle retguard.
Upstream fix identified by tb@
i386 testing by tb@
OK tb@