Bump Ruby 2.7.7 to 2.7.8 to address CVE - Githubissues

docker-library / ruby

Docker Official Image packaging for Ruby

http://www.ruby-lang.org/

BSD 2-Clause "Simplified" License

590 stars 334 forks source link

Bump Ruby 2.7.7 to 2.7.8 to address CVE #412

Closed seanich closed 1 year ago

seanich commented 1 year ago

Bumping Ruby 2.7.7 to 2.7.8 which addresses this CVE: https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ https://www.ruby-lang.org/en/news/2023/03/30/ruby-2-7-8-released/

seanich commented 1 year ago

Change already committed to master in https://github.com/docker-library/ruby/commit/7117899e1b7d3d8230fe8021acf76ead8d2f5230