Semih Han Ordu comments

Repositories
Issues
Comments

Results 2 comments of


                                            Semih Han Ordu

Current ruby release (v2.7.2p137) out of date (now v2.7.6p?)

## [v2.7.6](https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/) This release includes a security fix. [CVE-2022-28739: Buffer overrun in String-to-Float conversion](https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/)

Ruby updated to 2.7.3

Is it possible to bump the version to `2.7.6`? The image is build in [this Dockerfile](https://github.com/lambci/docker-lambda/blob/master/ruby2.7/run/Dockerfile) via featching Ruby from a lambci S3 Bucket: `https://lambci.s3.amazonaws.com/fs/ruby2.7.tgz` Related issue: https://github.com/lambci/docker-lambda/issues/362