development/languages

ruby-devel - A Ruby development environment

Website: http://ruby-lang.org/
License: (Ruby or BSD) and Public Domain
Vendor: Scientific Linux
Description:
Header files and libraries for building an extension library for the
Ruby or an application embedding Ruby.

Packages

ruby-devel-2.0.0.648-36.el7.x86_64 [126 KiB] Changelog by Vít Ondruch (2019-04-04):
- Introduce `Gem::UserInteraction#verbose` method as precondition to fix
  CVE-2019-8321.
  * rubygems-2.3.0-refactor-checking-really_verbose.patch
- Fix escape sequence injection vulnerability in verbose.
- Fix escape sequence injection vulnerability in gem owner.
  Resolves: CVE-2019-8322
- Fix escape sequence injection vulnerability in API response handling.
  Resolves: CVE-2019-8323
- Prohibit arbitrary code execution when installing a malicious gem.
  Resolves: CVE-2019-8324
- Fix escape sequence injection vulnerability in errors.
  Resolves: CVE-2019-8325
  * ruby-2.4.6-Applied-security-patches-for-RubyGems.patch
ruby-devel-2.0.0.648-35.el7_6.x86_64 [130 KiB] Changelog by Vít Ondruch (2019-04-04):
- Introduce `Gem::UserInteraction#verbose` method as precondition to fix
  CVE-2019-8321.
  * rubygems-2.3.0-refactor-checking-really_verbose.patch
- Fix escape sequence injection vulnerability in verbose.
- Fix escape sequence injection vulnerability in gem owner.
- Fix escape sequence injection vulnerability in API response handling.
- Prohibit arbitrary code execution when installing a malicious gem.
- Fix escape sequence injection vulnerability in errors.
  * ruby-2.4.6-Applied-security-patches-for-RubyGems.patch
  Resolves: rhbz#1699283
ruby-devel-2.0.0.648-34.el7_6.x86_64 [124 KiB] Changelog by Jun Aruga (2018-11-01):
- CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work.
  Resolves: CVE-2018-16395
ruby-devel-2.0.0.648-33.el7_4.x86_64 [129 KiB] Changelog by Vít Ondruch (2018-02-19):
- Fix always passing WEBrick test.
ruby-devel-2.0.0.353-22.el7_0.x86_64 [125 KiB] Changelog by Vít Ondruch (2014-11-16):
- Fix REXML billion laughs attack via parameter entity expansion
  (CVE-2014-8080).
  Resolves: rhbz#1163998
- REXML incomplete fix for CVE-2014-8080 (CVE-2014-8090).
  Resolves: rhbz#1163998

Listing created by Repoview-0.6.6-4.el7