pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang
Module Name: pkgsrc
Committed By: taca
Date: Thu Mar 29 03:09:35 UTC 2018
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby23-base: Makefile distinfo
Removed Files:
pkgsrc/lang/ruby23-base/patches: patch-man_erb.1 patch-man_irb.1
patch-man_ri.1 patch-man_ruby.1
Log Message:
lang/ruby23-base: update to 2.3.7, security release
Ruby 2.3.7 Released Posted by usa on 28 Mar 2018
Ruby 2.3.7 has been released.
This release includes about 70 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
See the ChangeLog for details.
After this release, we will end the normal maintenance phase of Ruby 2.3, and
start the security maintenance phase of it. This means that after the release
of 2.3.7 we will never backport any bug fixes to 2.3 except security fixes.
The term of the security maintenance phase is scheduled for 1 year. By the
end of this term, official support of Ruby 2.3 will be over. Therefore, we
recommend that you start planning to upgrade to Ruby 2.5 or 2.4.
To generate a diff of this commit:
cvs rdiff -u -r1.193 -r1.194 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.15 -r1.16 pkgsrc/lang/ruby23-base/Makefile \
pkgsrc/lang/ruby23-base/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/ruby23-base/patches/patch-man_erb.1 \
pkgsrc/lang/ruby23-base/patches/patch-man_irb.1 \
pkgsrc/lang/ruby23-base/patches/patch-man_ri.1 \
pkgsrc/lang/ruby23-base/patches/patch-man_ruby.1
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.193 pkgsrc/lang/ruby/rubyversion.mk:1.194
--- pkgsrc/lang/ruby/rubyversion.mk:1.193 Thu Mar 29 03:06:57 2018
+++ pkgsrc/lang/ruby/rubyversion.mk Thu Mar 29 03:09:35 2018
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.193 2018/03/29 03:06:57 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.194 2018/03/29 03:09:35 taca Exp $
#
# This file determines which Ruby version is used as a dependency for
@@ -215,7 +215,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
# current supported Ruby's version
RUBY22_VERSION= 2.2.9
-RUBY23_VERSION= 2.3.6
+RUBY23_VERSION= 2.3.7
RUBY24_VERSION= 2.4.4
RUBY25_VERSION= 2.5.1
Index: pkgsrc/lang/ruby23-base/Makefile
diff -u pkgsrc/lang/ruby23-base/Makefile:1.15 pkgsrc/lang/ruby23-base/Makefile:1.16
--- pkgsrc/lang/ruby23-base/Makefile:1.15 Fri Feb 23 15:26:14 2018
+++ pkgsrc/lang/ruby23-base/Makefile Thu Mar 29 03:09:35 2018
@@ -1,15 +1,10 @@
-# $NetBSD: Makefile,v 1.15 2018/02/23 15:26:14 wiz Exp $
+# $NetBSD: Makefile,v 1.16 2018/03/29 03:09:35 taca Exp $
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION= 2
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
-PATCH_SITES= https://bugs.ruby-lang.org/attachments/download/7029/
-PATCHFILES= rubygems-276-for-ruby23.patch
-PATCH_DIST_STRIP= -p0
-
MAINTAINER= taca%NetBSD.org@localhost
HOMEPAGE= ${RUBY_HOMEPAGE}
COMMENT= Ruby ${RUBY_VERSION} release minimum base package
Index: pkgsrc/lang/ruby23-base/distinfo
diff -u pkgsrc/lang/ruby23-base/distinfo:1.15 pkgsrc/lang/ruby23-base/distinfo:1.16
--- pkgsrc/lang/ruby23-base/distinfo:1.15 Mon Feb 19 16:46:26 2018
+++ pkgsrc/lang/ruby23-base/distinfo Thu Mar 29 03:09:35 2018
@@ -1,13 +1,9 @@
-$NetBSD: distinfo,v 1.15 2018/02/19 16:46:26 taca Exp $
+$NetBSD: distinfo,v 1.16 2018/03/29 03:09:35 taca Exp $
-SHA1 (ruby-2.3.6.tar.bz2) = 07c3b66d544dd22c22fbae3f16cfb3eeb88b7b1e
-RMD160 (ruby-2.3.6.tar.bz2) = 664e027a6f172212ac8ebff3aa9b99df4e99906b
-SHA512 (ruby-2.3.6.tar.bz2) = bc3c7a115745a38e44bd91eb5637b1e412011c471d9749db7960185ef75737b944dd0e524f22432809649952ca7d93f46d458990e9cd2b0db5ca8abf4bc8ea99
-Size (ruby-2.3.6.tar.bz2) = 14429114 bytes
-SHA1 (rubygems-276-for-ruby23.patch) = 859334e0313e522826b28c4878611f34c46b7526
-RMD160 (rubygems-276-for-ruby23.patch) = c4d7718b7e4845811bf54917ca185ac49c75d6b3
-SHA512 (rubygems-276-for-ruby23.patch) = b2b363bec953aa4cfd17bd501753a621b829d5052780f33c6d74d813f128f703a4dd59db53ac59860aed6f741fd1a77b1ef173523f0f8b49b91282e5c8181961
-Size (rubygems-276-for-ruby23.patch) = 19953 bytes
+SHA1 (ruby-2.3.7.tar.bz2) = 3bb88965405da5e4de2432eeb445fffa8a66fb33
+RMD160 (ruby-2.3.7.tar.bz2) = cb8f83f773a0d1cfc8595148ac61aff253f6b67d
+SHA512 (ruby-2.3.7.tar.bz2) = e72754f7703f0706c4b0bccd053035536053451fe069a55427984cc0bc5692b86bd51c243c5f62f78527c66b08300d2e4aa19b73e6ded13d6020aa2450e66a7d
+Size (ruby-2.3.7.tar.bz2) = 14421177 bytes
SHA1 (patch-configure) = 3737bf52082288b02e7382d71a322f4822c5abe4
SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
SHA1 (patch-ext_openssl_ossl__ssl.c) = 24e794aae278da6204e29212d9e2add0b0119ea4
@@ -22,9 +18,5 @@ SHA1 (patch-lib_rubygems_install__update
SHA1 (patch-lib_rubygems_installer.rb) = 37218b0ebf874095dce8b92bc30b5beb720e13a2
SHA1 (patch-lib_rubygems_platform.rb) = 244a6698636012235882ae606ae3a3b4dffd3faf
SHA1 (patch-lib_rubygems_specification.rb) = 46f517d6128d1366c0a302a7d04d2caec7ec948f
-SHA1 (patch-man_erb.1) = a03758f5ae399463b140fbac92c39e6ccc9d18bd
-SHA1 (patch-man_irb.1) = bf3cd43511ddc51a41dced16f2be1c9f8018d226
-SHA1 (patch-man_ri.1) = d8917e7a08bbc3eb41349570cc658d40c1b3463f
-SHA1 (patch-man_ruby.1) = c6d1de29fe470024b926226615d97d485dececd9
SHA1 (patch-test_rubygems_test__gem.rb) = 47cc7af18fc5f30d6d695e70851cfaf3205a9266
SHA1 (patch-tool_rbinstall.rb) = 159b657293029cb5bc096d7c23ae85fe05c88ba2
Home |
Main Index |
Thread Index |
Old Index