From: "mcandre (Andrew Pennebaker) via ruby-core" <ruby-core@...>
Date: 2025-11-06T18:18:24+00:00
Subject: [ruby-core:123711] [Ruby Bug#21667] CVE-2024-12224

Issue #21667 has been updated by mcandre (Andrew Pennebaker).


Excellent news, glad to see the patch progressing.

How quickly can we release new versions of Ruby to include this patch?

----------------------------------------
Bug #21667: CVE-2024-12224
https://bugs.ruby-lang.org/issues/21667#change-115099

* Author: mcandre (Andrew Pennebaker)
* Status: Closed
* Backport: 3.2: UNKNOWN, 3.3: UNKNOWN, 3.4: UNKNOWN
----------------------------------------
ruby-build triggers Wiz finding CVE-2024-12224 for the leftover build files, when compiling Ruby from source.



-- 
https://bugs.ruby-lang.org/
______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/