2 Sep
2024
2 Sep
'24
4:53 a.m.
Issue #20667 has been updated by k0kubun (Takashi Kokubun). Please consider filing a backport PR to stable branches next time. ---------------------------------------- Bug #20667: Backport REXML CVE fixes https://bugs.ruby-lang.org/issues/20667#change-109581 * Author: vo.x (Vit Ondruch) * Status: Closed * ruby -v: ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux] * Backport: 3.1: REQUIRED, 3.2: DONE, 3.3: DONE ---------------------------------------- It would be nice to have the recent REXML CVE fixes backported everywhere. BTW it is surprising that REXML was recently bumped in 3.1 / 3.2 branches, but 3.3 branch stays with older REXML 3.2. -- https://bugs.ruby-lang.org/