CentOS 7 - SCL for x86_64: development/libraries: rh-ruby24-rubygem-psych
Jump to letter: [
CDGHLMNPRSTV
]
rh-ruby24-rubygem-psych - A libyaml wrapper for Ruby
- Description:
Psych is a YAML parser and emitter. Psych leverages
libyaml[http://pyyaml.org/wiki/LibYAML] for its YAML parsing and emitting
capabilities. In addition to wrapping libyaml, Psych also knows how to
serialize and de-serialize most Ruby objects to and from the YAML format.
Packages
| rh-ruby24-rubygem-psych-2.2.2-92.el7.x86_64
[87 KiB] |
Changelog
by Jun Aruga (2019-04-11):
- Upgrade to Ruby 2.4.6.
- Delete directory using symlink when decompressing tar
Resolves: CVE-2019-8320
- Fix escape sequence injection vulnerability in verbose.
Resolves: CVE-2019-8321
- Fix escape sequence injection vulnerability in gem owner.
Resolves: CVE-2019-8322
- Fix escape sequence injection vulnerability in API response handling.
Resolves: CVE-2019-8323
- Prohibit arbitrary code execution when installing a malicious gem.
Resolves: CVE-2019-8324
- Fix escape sequence injection vulnerability in errors.
Resolves: CVE-2019-8325
|
| rh-ruby24-rubygem-psych-2.2.2-91.sc1.el7.x86_64
[87 KiB] |
Changelog
by Pavel Valena (2018-11-05):
- Upgrade to Ruby 2.4.5.
Resolves: CVE-2018-16395
Resolves: rhbz#1563077
Removed Patch10: ruby-2.5.0-Disable-Tokyo-TZ-tests.patch; subsumed
- Properly harden package using -fstack-protector-strong.
- Fix: return default path with nonexistent home dir(rhbz#1602879)
|
| rh-ruby24-rubygem-psych-2.2.2-90.el7.x86_64
[86 KiB] |
Changelog
by Pavel Valena (2018-03-12):
- Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code
execution(CVE-2017-17790).
* ruby-2.5.0-Fixed-command-Injection.patch
Related: rhbz#1549651
|
| rh-ruby24-rubygem-psych-2.2.2-75.el7.x86_64
[85 KiB] |
Changelog
by Vít Ondruch (2017-01-17):
- Apply patch fixing rubygem-mongo build failures.
|