From 01a6878bb1dedfdbffe0e5ee0a77fe362388f5c6 Mon Sep 17 00:00:00 2001 From: Peter Hoeg Date: Fri, 8 Sep 2017 12:07:39 +0800 Subject: [PATCH 1/2] ruby: boy scout cleanups --- pkgs/development/interpreters/ruby/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index f3d4ae4bb00..ba67e3bf406 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -151,12 +151,12 @@ let sed -i "s|'--with-baseruby=${baseruby}/bin/ruby'||" $rbConfig ''; - meta = { - license = stdenv.lib.licenses.ruby; - homepage = http://www.ruby-lang.org/en/; + meta = with stdenv.lib; { description = "The Ruby language"; - maintainers = with stdenv.lib.maintainers; [ vrthra manveru ]; - platforms = stdenv.lib.platforms.all; + homepage = http://www.ruby-lang.org/en/; + license = licenses.ruby; + maintainers = with maintainers; [ vrthra manveru ]; + platforms = platforms.all; }; passthru = rec { From 9f51b3c105a5302691552b166f3cbc0581bd85b4 Mon Sep 17 00:00:00 2001 From: Peter Hoeg Date: Fri, 8 Sep 2017 12:07:55 +0800 Subject: [PATCH 2/2] rubygems: 2.6.10 -> 2.6.13 Fixes a number of CVEs: - a DNS request hijacking vulnerability. (CVE-2017-0902) - an ANSI escape sequence vulnerability. (CVE-2017-0899) - a DoS vulnerability in the query command. (CVE-2017-0900) - a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) --- pkgs/development/interpreters/ruby/rubygems-src.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/interpreters/ruby/rubygems-src.nix b/pkgs/development/interpreters/ruby/rubygems-src.nix index 7658c303a1e..99870e6ba2c 100644 --- a/pkgs/development/interpreters/ruby/rubygems-src.nix +++ b/pkgs/development/interpreters/ruby/rubygems-src.nix @@ -1,6 +1,6 @@ { fetchurl -, version ? "2.6.10" -, sha256 ? "364c0eee8e0c9e8ab4879c5035832e5a27f0c97292d2264af5ae0020585280f0" +, version ? "2.6.13" +, sha256 ? "1j98ww8cz9y4wwshg7p4i4acrmls3ywkyj1nlkh4k3bywwm50hfh" }: fetchurl { url = "http://production.cf.rubygems.org/rubygems/rubygems-${version}.tgz";