- Fix command injection vulnerability in RDoc.
Resolves: CVE-2021-31799
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
Resolves: CVE-2021-31810
- Fix StartTLS stripping vulnerability in Net::IMAP.
Resolves: CVE-2021-32066
- Fix dependencies of gems with explicit source installed from a different
source.
Resolves: CVE-2020-36327
* Extract RSS and REXML into separate subpackages, because they were moved from
default gems to bundled gems.
* Obsolete Net::Telnet and XMLRPC packages, because they were dropped from Ruby.
The detailed changelog leading to this release is preserved in
private-ruby-3.0 branch.
Move gemified xmlrpc into subpackage.
Move gemified openssl into subpackage.
Tk is removed from stdlib.
Extend 'gem_' macros for pre-release version support.
- Explicitly list RubyGems directories to avoid accidentaly packaged content.
- Split test-unit and power_assert gems into separate sub-packages.
- Drop libdb dependency in favor of gdbm.