[ruby-core:117281] [Ruby master Bug#20386] Backport CVE-2024-27281

Issue #20386 has been reported by hsbt (Hiroshi SHIBATA). ---------------------------------------- Bug #20386: Backport CVE-2024-27281 https://bugs.ruby-lang.org/issues/20386 * Author: hsbt (Hiroshi SHIBATA) * Status: Closed * Backport: 3.0: REQUIRED, 3.1: REQUIRED, 3.2: REQUIRED, 3.3: REQUIRED ---------------------------------------- I disclosed https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ today. We should backport fixed RDoc to all stable version. * For 3.0: https://github.com/ruby/ruby/pull/10319 * For 3.1: https://github.com/ruby/ruby/pull/10318 * For 3.2: https://github.com/ruby/ruby/pull/10317 * For 3.3: https://github.com/ruby/ruby/pull/10316 -- https://bugs.ruby-lang.org/