summary refs log tree commit diff
path: root/gnu/packages/ruby.scm
diff options
context:
space:
mode:
authorBen Woodcroft <donttrustben@gmail.com>2016-11-19 09:00:22 +1000
committerBen Woodcroft <donttrustben@gmail.com>2016-11-20 11:38:12 +1000
commit9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428 (patch)
tree89b3bfd7e7d7fd07746eb778aa9a2b188a2c335a /gnu/packages/ruby.scm
parent966a543b369bad3d35f8c1e3fa30c34687217427 (diff)
downloadguix-9b62c5a8fb588aac5002b899e3b1a3b0ac1bb428.tar.gz
gnu: ruby: Replace with ruby-2.3.2 [fixes CVE-2015-3900].
* gnu/packages/ruby.scm (ruby)[replacement]: New field.
(ruby-2.3.2): New variable.
Diffstat (limited to 'gnu/packages/ruby.scm')
-rw-r--r--gnu/packages/ruby.scm20
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index b6cb0a243d..1abea02bb5 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -47,6 +47,7 @@
 (define-public ruby
   (package
     (name "ruby")
+    (replacement ruby-2.3.2)
     (version "2.3.1")
     (source
      (origin
@@ -101,6 +102,25 @@ a focus on simplicity and productivity.")
     (home-page "https://ruby-lang.org")
     (license license:ruby)))
 
+(define ruby-2.3.2
+  (package
+    (inherit ruby)
+    (version "2.3.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "http://cache.ruby-lang.org/pub/ruby/"
+                           (version-major+minor version)
+                           "/ruby-" version ".tar.xz"))
+       (sha256
+        (base32
+         "031g76zxb2wp6988dmrpbqd98i17xi6l8q1115h83r2w0h8z6y2w"))
+       (modules '((guix build utils)))
+       (snippet `(begin
+                   ;; Remove bundled libffi
+                   (delete-file-recursively "ext/fiddle/libffi-3.2.1")
+                   #t))))))
+
 (define-public ruby-2.2
   (package (inherit ruby)
     (version "2.2.6")
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-22 11:16:48 +0000