Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
---|---|---|---|---|---|---|
remove_rubygems_stuff.patch | Remove the use of rubygems and bundler in spec files | no | vendor | 2019-09-14 | ||
move_unicode_data.patch | move unicode.data to /usr/share/ruby-addressable/ | Cédric Boutillier <boutil@debian.org> | no | 2019-09-14 | ||
remove_lib_from_loadpath.patch | remove lib/ from loadpath in spec using unicode.data so that it picks up the installed version of the library in debian/ with unicode.data at the right place. in complement to move_unicode_data.patch |
Cédric Boutillier <boutil@debian.org> | no | 2019-09-14 | ||
CVE-2021-32740.patch | [PATCH] Prevent ReDOS vuln on URI Template matching The regular expression used to match a template against a URL is vulnerable to a regular expression denial-of-service via catastrophic backtracking. This commit includes a test that demonstrates the failure without the fix as well as updates the regexp to remove the vulnerability. The vulnerability is removed by updating the grouping to be atomic. |
Security Curious <security-curious@pm.me> | no | 2021-07-02 |