mirror of
https://github.com/openwrt/packages.git
synced 2025-12-27 01:09:30 +04:00
287d5b8653
The 3.2.3 release includes many bug-fixes. This release also includes the update of uri.gem to 0.12.2 which contains the security fix. - CVE-2023-36617: ReDoS vulnerability in URI See: https://www.ruby-lang.org/en/news/2024/01/18/ruby-3-2-3-released/ The 3.2.4 release includes security fixes. Please check the topics below for details. - CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search - CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc - CVE-2024-27280: Buffer overread vulnerability in StringIO See: https://www.ruby-lang.org/en/news/2024/04/23/ruby-3-2-4-released/ Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>