Upgrade to Ruby 3.4.7.

- Fix URI Credential Leakage Bypass previous fixes.

Resolves: CVE-2025-61594
This commit is contained in:
Jun Aruga 2025-10-21 17:59:36 +01:00
commit 5b97680661
2 changed files with 10 additions and 5 deletions

View file

@ -1,6 +1,6 @@
%global major_version 3
%global minor_version 4
%global teeny_version 5
%global teeny_version 7
%global major_minor_version %{major_version}.%{minor_version}
%global ruby_version %{major_minor_version}.%{teeny_version}
@ -78,7 +78,7 @@
%global pathname_version 0.4.0
%global pp_version 0.6.2
%global prettyprint_version 0.2.0
%global prism_version 1.2.0
%global prism_version 1.5.1
%global pstore_version 0.1.4
%global readline_version 0.0.4
%global reline_version 0.6.0
@ -97,7 +97,7 @@
%global tmpdir_version 0.3.1
%global tsort_version 0.2.0
%global un_version 0.3.0
%global uri_version 1.0.3
%global uri_version 1.0.4
%global weakref_version 0.1.3
%global win32ole_version 1.9.1
%global win32_registry_version 0.1.0
@ -177,7 +177,7 @@
Summary: An interpreter of object-oriented scripting language
Name: ruby
Version: %{ruby_version}%{?development_release}
Release: 27%{?dist}
Release: 28%{?dist}
# Licenses, which are likely not included in binary RPMs:
# Apache-2.0:
# benchmark/gc/redblack.rb
@ -1880,6 +1880,11 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%changelog
* Thu Oct 30 2025 Jun Aruga <jaruga@redhat.com> - 3.4.7-28
- Upgrade to Ruby 3.4.7.
- Fix URI Credential Leakage Bypass previous fixes.
Resolves: CVE-2025-61594
* Tue Aug 19 2025 Jarek Prokop <jprokop@redhat.com> - 3.4.5-27
- Upgrade to Ruby 3.4.5.
Resolves: rhbz#2389202

View file

@ -1 +1 @@
SHA512 (ruby-3.4.5.tar.xz) = 1f5d2fd527d15bd81ca8f49767d6426533367c1018a1d275d34721a96410b51204236173224e5198a42b56162c6e7a7b0c060fc032a9fd7f250b44e05c7af560
SHA512 (ruby-3.4.7.tar.xz) = a6b99a2f1d0115d5e7efa710da440b9066c524c335928367c80852630f8db5da36c0a82d6e7ace90e8c40cb20c6097cbdca15a51c343254cadf5f0adf60f8505