CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Thu, 29 Mar 2018 03:11:58 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Thu Mar 29 03:11:58 UTC 2018

Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby22-base: Makefile distinfo

Log Message:
lang/ruby22-base: update to 2.2.10, security release

Ruby 2.2.10 Released                            Posted by usa on 28 Mar 2018

Ruby 2.2.10 has been released.  This release includes several security
fixes. Please check the topics below for details.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

Ruby 2.2 is under the state of the security maintenance phase, until the end
of the March of 2018.  After the date, maintenance of Ruby 2.2 will be ended.
So, this release is expected to be the last release of Ruby 2.2.  We will
never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious
regression bug.  We recommend you migrating to newer versions of Ruby, such as
2.5.


To generate a diff of this commit:
cvs rdiff -u -r1.194 -r1.195 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.22 -r1.23 pkgsrc/lang/ruby22-base/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/ruby22-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.194 pkgsrc/lang/ruby/rubyversion.mk:1.195
--- pkgsrc/lang/ruby/rubyversion.mk:1.194       Thu Mar 29 03:09:35 2018
+++ pkgsrc/lang/ruby/rubyversion.mk     Thu Mar 29 03:11:58 2018
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.194 2018/03/29 03:09:35 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.195 2018/03/29 03:11:58 taca Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -214,7 +214,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
 .endif
 
 # current supported Ruby's version
-RUBY22_VERSION=                2.2.9
+RUBY22_VERSION=                2.2.10
 RUBY23_VERSION=                2.3.7
 RUBY24_VERSION=                2.4.4
 RUBY25_VERSION=                2.5.1

Index: pkgsrc/lang/ruby22-base/Makefile
diff -u pkgsrc/lang/ruby22-base/Makefile:1.22 pkgsrc/lang/ruby22-base/Makefile:1.23
--- pkgsrc/lang/ruby22-base/Makefile:1.22       Fri Feb 23 15:26:14 2018
+++ pkgsrc/lang/ruby22-base/Makefile    Thu Mar 29 03:11:58 2018
@@ -1,15 +1,10 @@
-# $NetBSD: Makefile,v 1.22 2018/02/23 15:26:14 wiz Exp $
+# $NetBSD: Makefile,v 1.23 2018/03/29 03:11:58 taca Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=   1
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 
-PATCH_SITES=   https://bugs.ruby-lang.org/attachments/download/7030/
-PATCHFILES=    rubygems-276-for-ruby22.patch
-PATCH_DIST_STRIP=      -p0
-
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
 COMMENT=       Ruby ${RUBY_VERSION} release minimum base package

Index: pkgsrc/lang/ruby22-base/distinfo
diff -u pkgsrc/lang/ruby22-base/distinfo:1.23 pkgsrc/lang/ruby22-base/distinfo:1.24
--- pkgsrc/lang/ruby22-base/distinfo:1.23       Mon Feb 19 16:47:53 2018
+++ pkgsrc/lang/ruby22-base/distinfo    Thu Mar 29 03:11:58 2018
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.23 2018/02/19 16:47:53 taca Exp $
+$NetBSD: distinfo,v 1.24 2018/03/29 03:11:58 taca Exp $
 
-SHA1 (ruby-2.2.9.tar.bz2) = 773ba9b51bde612866f656c4531f59660e2b0087
-RMD160 (ruby-2.2.9.tar.bz2) = 0973ec6a23ec909af7dec7c7152ca0a4e79fe959
-SHA512 (ruby-2.2.9.tar.bz2) = 2a8c8770fda20a22b79c9115b6f468f8e7ea1092c84a5089af7a3122163e5ad298b493e6637e4d93ba02d899d8a619c94064dda8ac98cf3b93f64f45d5401085
-Size (ruby-2.2.9.tar.bz2) = 13371232 bytes
+SHA1 (ruby-2.2.10.tar.bz2) = 72ee1dcfd96199d2c3092b77db7a7f439c0abd08
+RMD160 (ruby-2.2.10.tar.bz2) = b766f369db78f002c6bdf4d54592af6dbc7d0295
+SHA512 (ruby-2.2.10.tar.bz2) = f8ec96c2a5f4ecf22052ee0b1029989ded52d7bf5d41be24fef67e732e76f72119302240bca08f0547510a9cd29e941a32e263cad9c8a2bf80023d6bc97b2373
+Size (ruby-2.2.10.tar.bz2) = 13365461 bytes
 SHA1 (rubygems-276-for-ruby22.patch) = a705fc2290c062aebc907fddb0f83e2589356371
 RMD160 (rubygems-276-for-ruby22.patch) = 6d694ea1f5e1bf70143a4ad6924547302db262ec
 SHA512 (rubygems-276-for-ruby22.patch) = dfe12d7d2744cc6034cecd330258943bc6ae2bfd363375e2250b913c242c49b204de561e3aa6c55cd827fbe6e487d4f4038f72ec73fcc68c954d7d844743fa4d

Prev by Date: CVS commit: pkgsrc/lang
Next by Date: CVS commit: pkgsrc/databases/ruby-gdbm
Previous by Thread: CVS commit: pkgsrc/lang
Next by Thread: CVS commit: pkgsrc/databases/ruby-gdbm
Indexes:

Home | Main Index | Thread Index | Old Index