aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Woodcroft <donttrustben@gmail.com>2016-11-19 09:00:22 +1000
committerBen Woodcroft <donttrustben@gmail.com>2016-11-20 11:38:12 +1000
commit9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428 (patch)
tree89b3bfd7e7d7fd07746eb778aa9a2b188a2c335a
parent966a543b369bad3d35f8c1e3fa30c34687217427 (diff)
downloadguix-9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428.tar
guix-9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428.tar.gz
gnu: ruby: Replace with ruby-2.3.2 [fixes CVE-2015-3900].
* gnu/packages/ruby.scm (ruby)[replacement]: New field. (ruby-2.3.2): New variable.
-rw-r--r--gnu/packages/ruby.scm20
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index b6cb0a243d..1abea02bb5 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -47,6 +47,7 @@
(define-public ruby
(package
(name "ruby")
+ (replacement ruby-2.3.2)
(version "2.3.1")
(source
(origin
@@ -101,6 +102,25 @@ a focus on simplicity and productivity.")
(home-page "https://ruby-lang.org")
(license license:ruby)))
+(define ruby-2.3.2
+ (package
+ (inherit ruby)
+ (version "2.3.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://cache.ruby-lang.org/pub/ruby/"
+ (version-major+minor version)
+ "/ruby-" version ".tar.xz"))
+ (sha256
+ (base32
+ "031g76zxb2wp6988dmrpbqd98i17xi6l8q1115h83r2w0h8z6y2w"))
+ (modules '((guix build utils)))
+ (snippet `(begin
+ ;; Remove bundled libffi
+ (delete-file-recursively "ext/fiddle/libffi-3.2.1")
+ #t))))))
+
(define-public ruby-2.2
(package (inherit ruby)
(version "2.2.6")