From 9770cbf9e2c2c723744f40040ae2d606dbc789a0 Mon Sep 17 00:00:00 2001 From: Ben Woodcroft Date: Thu, 31 Aug 2017 10:06:36 +0800 Subject: gnu: ruby-2.4.1: Fix CVE-2017-{0899,0900,0901,0902}. * gnu/packages/patches/ruby-rubygems-2612-ruby24.patch, gnu/packages/patches/ruby-rubygems-2613-ruby24.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/ruby.scm (ruby-2.4.1)[source]: Use them. --- gnu/packages/ruby.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'gnu/packages/ruby.scm') diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 243ff9e5db..e2258cba23 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -121,7 +121,10 @@ (define-public ruby-2.4.1 (snippet `(begin ;; Remove bundled libffi (delete-file-recursively "ext/fiddle/libffi-3.2.1") - #t)))))) + #t)) + (patches + (search-patches "ruby-rubygems-2612-ruby24.patch" + "ruby-rubygems-2613-ruby24.patch")))))) (define-public ruby-2.3 (package -- cgit v1.2.3