gnu: ruby-2.4.1: Fix CVE-2017-{0899,0900,0901,0902}.

* gnu/packages/patches/ruby-rubygems-2612-ruby24.patch, gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/ruby.scm (ruby-2.4.1)[source]: Use them.
2025-10-02 02:15:12 +00:00 · 2017-08-31 10:06:36 +08:00 · 2017-08-31 10:06:36 +08:00 · 9770cbf9e2
commit 9770cbf9e2
parent 690a904ad7
4 changed files with 798 additions and 1 deletions
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@ -121,7 +121,10 @@ a focus on simplicity and productivity.")
       (snippet `(begin
                   ;; Remove bundled libffi
                   (delete-file-recursively "ext/fiddle/libffi-3.2.1")
-                   #t))))))
+                   #t))
+       (patches
+        (search-patches "ruby-rubygems-2612-ruby24.patch"
+                        "ruby-rubygems-2613-ruby24.patch"))))))

 (define-public ruby-2.3
  (package