Changelog for
rubygem-minitest-5.14.2-162.el9_4.noarch.rpm :
* Tue Apr 30 2024 Jun Aruga
- 3.0.7-162- Upgrade to Ruby 3.0.7. Resolves: RHEL-35740- Fix HTTP response splitting in CGI. Resolves: RHEL-35741- Fix ReDoS vulnerability in URI. Resolves: RHEL-35742- Fix ReDoS vulnerability in Time. Resolves: RHEL-35743- Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35744- Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35746- Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-35747
* Mon Oct 09 2023 Jun Aruga - 3.0.4-161- Fix OpenSSL.fips_mode and OpenSSL::PKey.read in OpenSSL 3 FIPS. Resolves: RHEL-12724- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters Related: RHEL-12724
* Wed Jun 28 2023 Jun Aruga - 3.0.4-160- Bypass git submodule test failure on Git >= 2.38.1.- Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b.- Fix for tzdata-2022g.- Fix File.utime test.
* Fri Jul 08 2022 Jarek Prokop - 3.0.4-160- Upgrade to Ruby 3.0.4. Resolves: rhbz#2096347- OpenSSL test suite fixes due to disabled SHA1. Resolves: rbhz#2107696- Fix double free in Regexp compilation. Resolves: CVE-2022-28738- Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739