From: "vo.x (Vit Ondruch) via ruby-core" <ruby-core@...>
Date: 2024-08-05T08:27:52+00:00
Subject: [ruby-core:118796] [Ruby master Bug#20667] Backport ReXML CVE fixes

Issue #20667 has been reported by vo.x (Vit Ondruch).

----------------------------------------
Bug #20667: Backport ReXML CVE fixes
https://bugs.ruby-lang.org/issues/20667

* Author: vo.x (Vit Ondruch)
* Status: Open
* ruby -v: ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux]
* Backport: 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN
----------------------------------------
It would be nice to have the recent ReXML CVE fixes backported everywhere.

BTW it is surprising that ReXML was recently bumped in 3.1 / 3.2 branches, but 3.3 brach stays with older ReXML 3.2.



-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/