Package rubygem-rexml-3.3.9-145.module+el8.10.0+623+69bbd9fb.noarch
| Name | rubygem-rexml |
|---|---|
| Epoch | 0 |
| Version | 3.3.9 |
| Release | 145.module+el8.10.0+623+69bbd9fb |
| Architecture | noarch |
| Website/URL | https://github.com/ruby/rexml |
| License | BSD |
| Build Time | 2025-04-23 15:21:41 |
| Build Host | builder-x86-03.inferitos.ru |
| Summary | An XML toolkit for Ruby |
| Repositories | AppStream |
| Description | REXML was inspired by the Electric XML library for Java, which features an easy-to-use API, small size, and speed. Hopefully, REXML, designed with the same philosophy, has these same features. I've tried to keep the API as intuitive as possible, and have followed the Ruby methodology for method naming and code flow, rather than mirroring the Java API. REXML supports both tree and stream document parsing. Stream parsing is faster (about 1.5 times as fast). However, with stream parsing, you don't get access to features such as XPath. |
| Errata | INFSA-2025:4063 |
| Size | 160 KiB |
| Source Project | ruby-3.1.7-145.module+el8.10.0+623+69bbd9fb |
| SHA-256 checksum | 1b00cdd7a821efb72e0472ddb22b39473277392ef6e549c1a49852e8572d5173 |
×
![Full screenshot]()
* Thu Mar 27 2025 Jarek Prokop <jprokop@redhat.com> - 3.1.7-145
- Upgrade to Ruby 3.1.7.
Resolves: RHEL-55408
- Fix DoS vulnerability in REXML. (CVE-2024-39908)
Resolves: RHEL-57051
- Fix DoS vulnerability in REXML. (CVE-2024-43398)
Resolves: RHEL-56002
* Tue Nov 26 2024 Jarek Prokop <jprokop@redhat.com> - 3.1.5-144
- Fix REXML ReDoS vulnerability. (CVE-2024-49761)
Resolves: RHEL-68520
* Tue May 07 2024 Jun Aruga <jaruga@redhat.com> - 3.1.5-143
- Upgrade to Ruby 3.1.5.
Resolves: RHEL-35748
- Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-35749
- Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-35750
- Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-35751
* Fri Mar 01 2024 Jarek Prokop <jprokop@redhat.com> - 3.1.4-142
- Upgrade to Ruby 3.1.4.
Resolves: RHEL-5584
- Fix HTTP response splitting in CGI.
Resolves: CVE-2021-33621
- Fix ReDos vulnerability in URI.
Resolves: CVE-2023-28755
Resolves: CVE-2023-36617
- Fix ReDos vulnerability in Time.
Resolves: CVE-2023-28756
- Make RDoc soft dependency in IRB.
Resolves: RHEL-5615
* Tue Dec 12 2023 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 3.1.2-141
- Rebuilt for MSVSphere 8.8
* Thu Apr 21 2022 Jarek Prokop <jprokop@redhat.com> - 3.1.2-141
- Upgrade to Ruby 3.1.2.
Resolves: rhbz#2063772
* Tue Oct 05 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-140
- Fix rubygem-irb upgrade not working due to directory -> symlink conversion.
Resolves: rhbz#2010949
* Tue Jul 13 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.2-139
- Upgrade to Ruby 3.0.2.
Related: rhbz#1938942
- Fix command injection vulnerability in RDoc. (CVE-2021-31799)
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
(CVE-2021-31810)
- Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
- Fix dependencies of gems with explicit source installed from a
different source. (CVE-2020-36327)
- Pass ldflags to gem install via CONFIGURE_ARGS.
The same comment on the changelog 3.0.1-138 was wrong.
* Mon Jun 07 2021 Jarek Prokop <jprokop@redhat.com> - 3.0.1-138
- Upgrade to Ruby 3.0.1 by merging Fedora rawhide branch (commit: 6b2ff68).
* Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
* Pass ldflags to gem install via CONFIGURE_ARGS
* Remove IRB dependency from rubygem-rdoc.
* Fix flaky excon test suite.
* Properly support DWARF5 debug information.
Related: rhbz#1920533
* Bundle OpenSSL into StdLib.
* Fix SEGFAULT in rubygem-shoulda-matchers test suite.
* Provide `gem.build_complete` file for binary gems.
* Re-enable test suite.
* ruby-default-gems have to depend on rubygem(io-console) due to reline.
* Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
* Add support for reworked RubyGems plugins.
* Use proper path for plugin wrappers.
* Extract RSS and REXML into separate subpackages, because they were moved from
default gems to bundled gems.
* Drop Net::Telnet and XMLRPC packages, because they were dropped from Ruby.
Resolves: rhbz#1938942
- Fix FTBFS due to an incompatible load directive.
* Wed Apr 07 2021 Pavel Valena <pvalena@redhat.com> - 2.7.3-136
- Upgrade to Ruby 2.7.3.
Resolves: rhbz#1947938
- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
contains leading zero
Resolves: rhbz#1944227