Project

General

Profile

Actions
Copy link

Bug #20667

closed

Backport REXML CVE fixes

Added by vo.x (Vit Ondruch) about 1 month ago. Updated 1 day ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux]
Backport:
3.1: DONE, 3.2: DONE, 3.3: DONE
[ruby-core:118796]

Description

It would be nice to have the recent REXML CVE fixes backported everywhere.

BTW it is surprising that REXML was recently bumped in 3.1 / 3.2 branches, but 3.3 branch stays with older REXML 3.2.

Actions
Copy link
 #1

Updated by hsbt (Hiroshi SHIBATA) about 1 month ago

  • Status changed from Open to Closed
  • Backport changed from 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN to 3.1: REQUIRED, 3.2: REQUIRED, 3.3: REQUIRED
Actions
Copy link
 #2

Updated by kou (Kouhei Sutou) about 1 month ago

  • Subject changed from Backport ReXML CVE fixes to Backport REXML CVE fixes
  • Description updated (diff)
Actions
Copy link
 #3 [ruby-core:118868]

Updated by nagachika (Tomoyuki Chikanaga) 25 days ago

  • Backport changed from 3.1: REQUIRED, 3.2: REQUIRED, 3.3: REQUIRED to 3.1: REQUIRED, 3.2: DONE, 3.3: REQUIRED
Actions
Copy link
 #4 [ruby-core:119005]

Updated by k0kubun (Takashi Kokubun) 9 days ago

  • Backport changed from 3.1: REQUIRED, 3.2: DONE, 3.3: REQUIRED to 3.1: REQUIRED, 3.2: DONE, 3.3: DONE
Actions
Copy link
 #5 [ruby-core:119006]

Updated by k0kubun (Takashi Kokubun) 9 days ago

Please consider filing a backport PR to stable branches next time.

Actions
Copy link
 #6 [ruby-core:119109]

Updated by hsbt (Hiroshi SHIBATA) 1 day ago

  • Backport changed from 3.1: REQUIRED, 3.2: DONE, 3.3: DONE to 3.1: DONE, 3.2: DONE, 3.3: DONE
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0