CVSROOT: /cvs Module name: ports Changes by: jer...@cvs.openbsd.org 2024/04/26 12:15:10
Modified files: lang/ruby/3.3 : Tag: OPENBSD_7_5 Makefile distinfo lang/ruby/3.3/patches: Tag: OPENBSD_7_5 patch-configure patch-ext_extmk_rb lang/ruby/3.3/pkg: Tag: OPENBSD_7_5 PLIST-main PLIST-ri_docs Log message: Update to Ruby 3.3.1 Fixes: CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc CVE-2024-27280: Buffer overread vulnerability in StringIO Backport an upstream fix for ILP32 architectures. Switch check to test-all as the test target, as the previous check target fails before the main test suite runs due to a symbol visibility that doesn't handle retguard. Upstream fix identified by tb@ i386 testing by tb@ OK tb@