me
/
guix
Archived
1
0
Fork 0
Code

gnu: ruby: Replace with 2.7.6 [security fixes]. 

Includes fixes for: CVE-2022-28739, CVE-2021-41816, and CVE-2021-41817.

* gnu/packages/ruby.scm (ruby-2.7-fixed): New variable.
(ruby-2.7)[replacement]: Graft.

Signed-off-by: Marius Bakke <marius@gnu.org>
master
Remco van 't Veer 2022-06-29 20:00:37 +02:00 committed by Marius Bakke
parent 939c998160
commit 83c86fa446
No known key found for this signature in database
GPG Key ID: A2A06DF2A33A54FA
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
gnu/packages/ruby.scm
View File

@ -155,6 +155,7 @@ a focus on simplicity and productivity.")
(package
(inherit ruby-2.6)
(version "2.7.4")
(replacement ruby-2.7-fixed) ; security fixes
(source
(origin
(inherit (package-source ruby-2.6))
@ -189,6 +190,20 @@ a focus on simplicity and productivity.")
(native-inputs
(list autoconf))))
(define ruby-2.7-fixed
(package
(inherit ruby-2.7)
(version "2.7.6")
(source
(origin
(inherit (package-source ruby-2.7))
(uri (string-append "https://cache.ruby-lang.org/pub/ruby/"
(version-major+minor version)
"/ruby-" version ".tar.gz"))
(sha256
(base32
"042xrdk7hsv4072bayz3f8ffqh61i8zlhvck10nfshllq063n877"))))))
(define-public ruby-3.0
(package
(inherit ruby-2.7)