ruby: security fix CVE 2018-1000073

Directory traversal vulnerability as described by https://nvd.nist.gov/vuln/detail/CVE-2018-1000073. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
author: Joe Slater <joe.slater@windriver.com> 2018-07-20 14:10:02 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-07-26 13:16:31 +0100
commit: 1a0a1785766c12003e3f8848852af84cae203e6b (patch)
tree: b97443b4b794aeb779b52b4d73dbcfe3320f70f7 /meta/recipes-devtools/ruby/ruby_2.5.1.bb
parent: 852c9498ae365bc8c149b5e6df0c8667bd885c79 (diff)
download: openembedded-core-contrib-1a0a1785766c12003e3f8848852af84cae203e6b.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby_2.5.1.bb b/meta/recipes-devtools/ruby/ruby_2.5.1.bb
index 91048284c1..af2739a43d 100644
--- a/meta/recipes-devtools/ruby/ruby_2.5.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.5.1.bb
@@ -3,6 +3,7 @@ require ruby.inc
 SRC_URI += " \
            file://ruby-CVE-2017-9226.patch \
            file://ruby-CVE-2017-9228.patch \
+           file://CVE-2018-1000073.patch \
            "
 
 SRC_URI[md5sum] = "23867bc8c16c55e43b14dfe0614bcfa8"
author	Joe Slater <joe.slater@windriver.com>	2018-07-20 14:10:02 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-07-26 13:16:31 +0100
commit	1a0a1785766c12003e3f8848852af84cae203e6b (patch)
tree	b97443b4b794aeb779b52b4d73dbcfe3320f70f7 /meta/recipes-devtools/ruby/ruby_2.5.1.bb
parent	852c9498ae365bc8c149b5e6df0c8667bd885c79 (diff)
download	openembedded-core-contrib-1a0a1785766c12003e3f8848852af84cae203e6b.tar.gz