Summary: | <dev-lang/ruby-{2.4.9, 2.5.7}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hans de Graaff <graaff> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ruby |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
dev-lang/ruby-2.4.9
dev-lang/ruby-2.5.7 alpha amd64 arm arm64 x86 sparc
|
Runtime testing required: | --- |
Bug Depends on: | 693358 | ||
Bug Blocks: |
Description
Hans de Graaff
![]() ![]() Fixed versions 2.4.8, 2.5.7, 2.6.5 are now in the tree. An automated check of this bug failed - repoman reported dependency errors (126 lines truncated):
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: DEPEND: ia64(default/linux/ia64/17.0) ['>=app-eselect/eselect-ruby-20171225']
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: PDEPEND: ia64(default/linux/ia64/17.0) ['>=dev-ruby/did_you_mean-1.2.0:2.5[ruby_targets_ruby25]', '>=dev-ruby/minitest-5.10.3[ruby_targets_ruby25]', '>=dev-ruby/net-telnet-0.1.1[ruby_targets_ruby25]', '>=dev-ruby/power_assert-1.1.1[ruby_targets_ruby25]', '>=dev-ruby/rake-12.3.0[ruby_targets_ruby25]', '>=dev-ruby/test-unit-3.2.7[ruby_targets_ruby25]', '>=dev-ruby/xmlrpc-0.3.0[ruby_targets_ruby25]', 'virtual/rubygems[ruby_targets_ruby25]', '>=dev-ruby/json-2.0.2[ruby_targets_ruby25]', '>=dev-ruby/rdoc-6.1.2[ruby_targets_ruby25]']
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: RDEPEND: ia64(default/linux/ia64/17.0) ['>=app-eselect/eselect-ruby-20171225']
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: DEPEND: ia64(default/linux/ia64/17.0) ['>=app-eselect/eselect-ruby-20171225']
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: PDEPEND: ia64(default/linux/ia64/17.0) ['>=dev-ruby/did_you_mean-1.2.0:2.5[ruby_targets_ruby25]', '>=dev-ruby/minitest-5.10.3[ruby_targets_ruby25]', '>=dev-ruby/net-telnet-0.1.1[ruby_targets_ruby25]', '>=dev-ruby/power_assert-1.1.1[ruby_targets_ruby25]', '>=dev-ruby/rake-12.3.0[ruby_targets_ruby25]', '>=dev-ruby/test-unit-3.2.7[ruby_targets_ruby25]', '>=dev-ruby/xmlrpc-0.3.0[ruby_targets_ruby25]', 'virtual/rubygems[ruby_targets_ruby25]', '>=dev-ruby/json-2.0.2[ruby_targets_ruby25]', '>=dev-ruby/rdoc-6.1.2[ruby_targets_ruby25]']
> dependency.bad dev-lang/ruby/ruby-2.5.7.ebuild: RDEPEND: ia64(default/linux/ia64/17.0) ['>=app-eselect/eselect-ruby-20171225']
An automated check of this bug succeeded - the previous repoman errors are now resolved. ppc stable ppc64 stable sparc stable amd64 stable x86 stable arm64 stable alpha stable s390 stable ia64 stable hppa stable arm stable New GLSA request filed. @ maintainer(s): Please cleanup and drop =dev-lang/ruby-{2.4.7,2.5.6,2.6.5}! cleanup done. This issue was resolved and addressed in GLSA 202003-06 at https://security.gentoo.org/glsa/202003-06 by GLSA coordinator Thomas Deutschmann (whissi). |