CVS commit: pkgsrc/lang/ruby22-base

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang/ruby22-base
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Wed, 30 Aug 2017 03:32:55 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Aug 30 03:32:55 UTC 2017

Modified Files:
        pkgsrc/lang/ruby22-base: Makefile distinfo

Log Message:
Add patch to fix vulnerabilities of rubygems.

https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

* a DNS request hijacking vulnerability
* an ANSI escape sequence vulnerability
* a DoS vulernerability in the query command
* a vulnerability in the gem installer that allowed a malicious gem to
  overwrite arbitrary files

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/ruby22-base/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/lang/ruby22-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby22-base/Makefile
diff -u pkgsrc/lang/ruby22-base/Makefile:1.17 pkgsrc/lang/ruby22-base/Makefile:1.18
--- pkgsrc/lang/ruby22-base/Makefile:1.17       Tue May 30 15:46:21 2017
+++ pkgsrc/lang/ruby22-base/Makefile    Wed Aug 30 03:32:55 2017
@@ -1,10 +1,14 @@
-# $NetBSD: Makefile,v 1.17 2017/05/30 15:46:21 taca Exp $
+# $NetBSD: Makefile,v 1.18 2017/08/30 03:32:55 taca Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
+PKGREVISION=   1
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 
+PATCH_SITES=   https://bugs.ruby-lang.org/attachments/download/6690/
+PATCHFILES=    rubygems-2613-ruby22.patch
+
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
 COMMENT=       Ruby ${RUBY_VERSION} release minimum base package

Index: pkgsrc/lang/ruby22-base/distinfo
diff -u pkgsrc/lang/ruby22-base/distinfo:1.18 pkgsrc/lang/ruby22-base/distinfo:1.19
--- pkgsrc/lang/ruby22-base/distinfo:1.18       Thu Jul  6 16:35:05 2017
+++ pkgsrc/lang/ruby22-base/distinfo    Wed Aug 30 03:32:55 2017
@@ -1,9 +1,13 @@
-$NetBSD: distinfo,v 1.18 2017/07/06 16:35:05 taca Exp $
+$NetBSD: distinfo,v 1.19 2017/08/30 03:32:55 taca Exp $
 
 SHA1 (ruby-2.2.7.tar.bz2) = 0b5b79f55a1e7a7c2f6600e75167c1b9cc435042
 RMD160 (ruby-2.2.7.tar.bz2) = 5aef4d373a0ea7434b7c32098b43ecc6fba542a6
 SHA512 (ruby-2.2.7.tar.bz2) = 83756cd1c91516962b83961e0de59d858618f7ed3e9795f930aab4f199d47a95ed8f867d8aa9b51d508be26d9babf2140117c88241168bac41e6ef702cfadf20
 Size (ruby-2.2.7.tar.bz2) = 13381078 bytes
+SHA1 (rubygems-2613-ruby22.patch) = e5199afa6cfbe07f729dafab5f1358e7ed193b84
+RMD160 (rubygems-2613-ruby22.patch) = b80aa70e6ba6f5b62d4797b5d0f6e9390203a7ce
+SHA512 (rubygems-2613-ruby22.patch) = 301a32b3107ab03642a900660b8b43a62263e55a0d6d645ca4dd95d38e0c5068e84c1ec85ef0cd7bb2063433fcf26f0037cf32e6cb149f8a74950d3e2c083ab2
+Size (rubygems-2613-ruby22.patch) = 11094 bytes
 SHA1 (patch-configure) = fda86ab23ec6291f3a51001793686904d4433b38
 SHA1 (patch-ext_dbm_extconf.rb) = ee932265052613d458375ad1a760a09fefb9d959
 SHA1 (patch-ext_openssl_ossl__ssl.c) = e887a5576959921da116a5cee629c25610169593

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/lang/ruby23-base
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/lang/ruby23-base
Indexes:

Home | Main Index | Thread Index | Old Index