* [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3
@ 2026-04-21 18:59 Bernd Kuhls
2026-04-21 20:31 ` Julien Olivain via buildroot
2026-05-04 14:48 ` Thomas Perale via buildroot
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2026-04-21 18:59 UTC (permalink / raw)
To: buildroot
https://www.ruby-lang.org/en/news/2026/04/21/ruby-4-0-3-released/
Added sha512 tarball hash provided by upstream.
Fixes CVE-2026-41316:
https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
package/ruby/ruby.hash | 5 +++--
package/ruby/ruby.mk | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/package/ruby/ruby.hash b/package/ruby/ruby.hash
index 9908fe8d4f..7512d1153b 100644
--- a/package/ruby/ruby.hash
+++ b/package/ruby/ruby.hash
@@ -1,5 +1,6 @@
-# https://www.ruby-lang.org/en/news/2026/03/16/ruby-4-0-2-released/
-sha256 4618db85bb9ec04d8152d0099db488694a3d3c4f52106625e4ad547f1318db87 ruby-4.0.2.tar.xz
+# https://www.ruby-lang.org/en/news/2026/04/21/ruby-4-0-3-released/
+sha256 22cf6005d25bbe496b5ebe9224d63a1aaabfbfe02591bb5d612517c5a7836f29 ruby-4.0.3.tar.xz
+sha512 5816fb264ce76df59f4bfe0cadceb45025fada2e61f2c14024d6b03f63d304820cddf94afcf82a4951fd12f3b0d9148683f856f3f2245d56042fc8407b6cbff5 ruby-4.0.3.tar.xz
# License files, Locally calculated
sha256 a74812486cffbdc55141a5d9f165d782cbb202660d827622ec966237d4717b99 LEGAL
diff --git a/package/ruby/ruby.mk b/package/ruby/ruby.mk
index 6bd8ad43c5..7e6f6d8146 100644
--- a/package/ruby/ruby.mk
+++ b/package/ruby/ruby.mk
@@ -5,7 +5,7 @@
################################################################################
RUBY_VERSION_MAJOR = 4.0
-RUBY_VERSION = $(RUBY_VERSION_MAJOR).2
+RUBY_VERSION = $(RUBY_VERSION_MAJOR).3
RUBY_VERSION_EXT = 4.0.0
RUBY_SITE = http://cache.ruby-lang.org/pub/ruby/$(RUBY_VERSION_MAJOR)
RUBY_SOURCE = ruby-$(RUBY_VERSION).tar.xz
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3
2026-04-21 18:59 [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3 Bernd Kuhls
@ 2026-04-21 20:31 ` Julien Olivain via buildroot
2026-05-04 14:48 ` Thomas Perale via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Julien Olivain via buildroot @ 2026-04-21 20:31 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On 21/04/2026 20:59, Bernd Kuhls wrote:
> https://www.ruby-lang.org/en/news/2026/04/21/ruby-4-0-3-released/
>
> Added sha512 tarball hash provided by upstream.
>
> Fixes CVE-2026-41316:
> https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Applied to master, thanks.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3
2026-04-21 18:59 [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3 Bernd Kuhls
2026-04-21 20:31 ` Julien Olivain via buildroot
@ 2026-05-04 14:48 ` Thomas Perale via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Perale via buildroot @ 2026-05-04 14:48 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: Thomas Perale, buildroot
In reply of:
> https://www.ruby-lang.org/en/news/2026/04/21/ruby-4-0-3-released/
>
> Added sha512 tarball hash provided by upstream.
>
> Fixes CVE-2026-41316:
> https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Applied to 2026.02.x. Thanks
> ---
> package/ruby/ruby.hash | 5 +++--
> package/ruby/ruby.mk | 2 +-
> 2 files changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/package/ruby/ruby.hash b/package/ruby/ruby.hash
> index 9908fe8d4f..7512d1153b 100644
> --- a/package/ruby/ruby.hash
> +++ b/package/ruby/ruby.hash
> @@ -1,5 +1,6 @@
> -# https://www.ruby-lang.org/en/news/2026/03/16/ruby-4-0-2-released/
> -sha256 4618db85bb9ec04d8152d0099db488694a3d3c4f52106625e4ad547f1318db87 ruby-4.0.2.tar.xz
> +# https://www.ruby-lang.org/en/news/2026/04/21/ruby-4-0-3-released/
> +sha256 22cf6005d25bbe496b5ebe9224d63a1aaabfbfe02591bb5d612517c5a7836f29 ruby-4.0.3.tar.xz
> +sha512 5816fb264ce76df59f4bfe0cadceb45025fada2e61f2c14024d6b03f63d304820cddf94afcf82a4951fd12f3b0d9148683f856f3f2245d56042fc8407b6cbff5 ruby-4.0.3.tar.xz
>
> # License files, Locally calculated
> sha256 a74812486cffbdc55141a5d9f165d782cbb202660d827622ec966237d4717b99 LEGAL
> diff --git a/package/ruby/ruby.mk b/package/ruby/ruby.mk
> index 6bd8ad43c5..7e6f6d8146 100644
> --- a/package/ruby/ruby.mk
> +++ b/package/ruby/ruby.mk
> @@ -5,7 +5,7 @@
> ################################################################################
>
> RUBY_VERSION_MAJOR = 4.0
> -RUBY_VERSION = $(RUBY_VERSION_MAJOR).2
> +RUBY_VERSION = $(RUBY_VERSION_MAJOR).3
> RUBY_VERSION_EXT = 4.0.0
> RUBY_SITE = http://cache.ruby-lang.org/pub/ruby/$(RUBY_VERSION_MAJOR)
> RUBY_SOURCE = ruby-$(RUBY_VERSION).tar.xz
> --
> 2.47.3
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-05-04 14:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-21 18:59 [Buildroot] [PATCH 1/1] package/ruby: security bump version to 4.0.3 Bernd Kuhls
2026-04-21 20:31 ` Julien Olivain via buildroot
2026-05-04 14:48 ` Thomas Perale via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.