From: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Date: Tue, 19 Apr 2022 18:50:16 +0000 (-0300)
Subject: ruby: update to 2.6.10
X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=9c39582d99d510e4e6f4de53358ad040a1ae980b;p=feed%2Fpackages.git

ruby: update to 2.6.10

Fixes from 2.6.9:
- CVE-2021-41817: Regular Expression Denial of Service Vulnerability of
  Date Parsing Methods
- CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse

Fixes from 2.6.10:
- CVE-2022-28739: Buffer overrun in String-to-Float conversion

After this release, Ruby 2.6 reaches EOL.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
---

diff --git a/lang/ruby/Makefile b/lang/ruby/Makefile
index e44f940c09..279cce00de 100644
--- a/lang/ruby/Makefile
+++ b/lang/ruby/Makefile
@@ -11,7 +11,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruby
-PKG_VERSION:=2.6.9
+PKG_VERSION:=2.6.10
 PKG_RELEASE:=1
 
 # First two numbes
@@ -19,7 +19,7 @@ PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VE
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/
-PKG_HASH:=6a041d82ae6e0f02ccb1465e620d94a7196489d8a13d6018a160da42ebc1eece
+PKG_HASH:=5fd8ded51321b88fdc9c1b4b0eb1b951d2eddbc293865da0151612c2e814c1f2
 PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
 PKG_LICENSE:=BSD-2-Clause
 PKG_LICENSE_FILES:=COPYING