Hiya, On Wed, Jun 7, 2023 at 2:39 PM Moritz Muehlenhoff <j...@inutil.org> wrote: > Specifically > https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ > states: > > | For Ruby 2.7: Update to uri 0.10.0.1 > | For Ruby 3.0: Update to uri 0.10.2 > | For Ruby 3.1: Update to uri 0.11.1 > | For Ruby 3.2: Update to uri 0.12.1 > > And the 0.10 change > (https://github.com/ruby/uri/commit/17861a53e499a2eabf7ba83d63914d0f01921d70) > is different from the 0.12 one > (https://github.com/ruby/uri/commit/eaf89cc31619d49e67c64d0b58ea9dc38892d175) > > There might be other changes needed for 2.5, not sure.
Yep, I'm taking a look to prep something for 2.5. - u
