CVS commit: pkgsrc/textproc/ruby-nokogiri

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/textproc/ruby-nokogiri
From: "Izumi Tsutsui" <tsutsui%netbsd.org@localhost>
Date: Fri, 22 Jun 2018 14:20:27 +0000

Module Name:    pkgsrc
Committed By:   tsutsui
Date:           Fri Jun 22 14:20:27 UTC 2018

Modified Files:
        pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo

Log Message:
nokogiri: update to 1.8.3.

Upstream changes (from CHANGELOG.md):

# 1.8.3 / 2018-06-16

## Security Notes

[MRI] Behavior in libxml2 has been reverted which caused CVE-2018-8048
(loofah gem), CVE-2018-3740 (sanitize gem), and CVE-2018-3741
(rails-html-sanitizer gem). The commit in question is here:

> https://github.com/GNOME/libxml2/commit/960f0e2

and more information is available about this commit and its impact here:

> https://github.com/flavorjones/loofah/issues/144

This release simply reverts the libxml2 commit in question to protect users
of Nokogiri's vendored libraries from similar vulnerabilities.

If you're offended by what happened here, I'd kindly ask that you comment
on the upstream bug report here:

> https://bugzilla.gnome.org/show_bug.cgi?id=769760

## Dependencies

* [MRI] libxml2 is updated from 2.9.7 to 2.9.8

## Features

* Node#classes, #add_class, #append_class, and #remove_class are added.
* NodeSet#append_class is added.
* NodeSet#remove_attribute is a new alias for NodeSet#remove_attr.
* NodeSet#each now returns an Enumerator when no block is passed
  (Thanks, @park53kr!)
* [JRuby] General improvements in JRuby implementation (Thanks, @kares!)

## Bug fixes

* CSS attribute selectors now gracefully handle queries using integers. [#711]
* Handle ASCII-8BIT encoding on fragment input [#553]
* Handle non-string return values within `Reader` [#898]
* [JRuby] Allow Node#replace to insert Comment and CDATA nodes. [#1666]
* [JRuby] Stability and speed improvements to `Node`, `Sax::PushParser`,
  and the JRuby implementation [#1708, #1710, #1501]


To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.40 pkgsrc/textproc/ruby-nokogiri/Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/textproc/ruby-nokogiri/PLIST
cvs rdiff -u -r1.27 -r1.28 pkgsrc/textproc/ruby-nokogiri/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/textproc/ruby-nokogiri/Makefile
diff -u pkgsrc/textproc/ruby-nokogiri/Makefile:1.39 pkgsrc/textproc/ruby-nokogiri/Makefile:1.40
--- pkgsrc/textproc/ruby-nokogiri/Makefile:1.39 Sun Feb 18 05:45:37 2018
+++ pkgsrc/textproc/ruby-nokogiri/Makefile      Fri Jun 22 14:20:27 2018
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.39 2018/02/18 05:45:37 tsutsui Exp $
+# $NetBSD: Makefile,v 1.40 2018/06/22 14:20:27 tsutsui Exp $
 
-DISTNAME=      nokogiri-1.8.2
+DISTNAME=      nokogiri-1.8.3
 CATEGORIES=    textproc
 
 MAINTAINER=    tsutsui%NetBSD.org@localhost

Index: pkgsrc/textproc/ruby-nokogiri/PLIST
diff -u pkgsrc/textproc/ruby-nokogiri/PLIST:1.25 pkgsrc/textproc/ruby-nokogiri/PLIST:1.26
--- pkgsrc/textproc/ruby-nokogiri/PLIST:1.25    Sun Feb 18 05:45:37 2018
+++ pkgsrc/textproc/ruby-nokogiri/PLIST Fri Jun 22 14:20:27 2018
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.25 2018/02/18 05:45:37 tsutsui Exp $
+@comment $NetBSD: PLIST,v 1.26 2018/06/22 14:20:27 tsutsui Exp $
 bin/nokogiri${RUBY_SUFFIX}
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_EXTSDIR}/gem.build_complete
@@ -19,6 +19,7 @@ ${GEM_LIBDIR}/Manifest.txt
 ${GEM_LIBDIR}/README.md
 ${GEM_LIBDIR}/ROADMAP.md
 ${GEM_LIBDIR}/Rakefile
+${GEM_LIBDIR}/SECURITY.md
 ${GEM_LIBDIR}/STANDARD_RESPONSES.md
 ${GEM_LIBDIR}/Y_U_NO_GEMSPEC.md
 ${GEM_LIBDIR}/appveyor.yml
@@ -159,6 +160,7 @@ ${GEM_LIBDIR}/lib/nokogiri/xml/xpath_con
 ${GEM_LIBDIR}/lib/nokogiri/xslt.rb
 ${GEM_LIBDIR}/lib/nokogiri/xslt/stylesheet.rb
 ${GEM_LIBDIR}/lib/xsd/xmlparser/nokogiri.rb
+${GEM_LIBDIR}/patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch
 ${GEM_LIBDIR}/patches/sort-patches-by-date
 ${GEM_LIBDIR}/suppressions/README.txt
 ${GEM_LIBDIR}/suppressions/nokogiri_ruby-2.supp
@@ -210,6 +212,7 @@ ${GEM_LIBDIR}/test/html/sax/test_parser.
 ${GEM_LIBDIR}/test/html/sax/test_parser_context.rb
 ${GEM_LIBDIR}/test/html/sax/test_parser_text.rb
 ${GEM_LIBDIR}/test/html/sax/test_push_parser.rb
+${GEM_LIBDIR}/test/html/test_attributes.rb
 ${GEM_LIBDIR}/test/html/test_builder.rb
 ${GEM_LIBDIR}/test/html/test_document.rb
 ${GEM_LIBDIR}/test/html/test_document_encoding.rb

Index: pkgsrc/textproc/ruby-nokogiri/distinfo
diff -u pkgsrc/textproc/ruby-nokogiri/distinfo:1.27 pkgsrc/textproc/ruby-nokogiri/distinfo:1.28
--- pkgsrc/textproc/ruby-nokogiri/distinfo:1.27 Sun Feb 18 05:45:37 2018
+++ pkgsrc/textproc/ruby-nokogiri/distinfo      Fri Jun 22 14:20:27 2018
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.27 2018/02/18 05:45:37 tsutsui Exp $
+$NetBSD: distinfo,v 1.28 2018/06/22 14:20:27 tsutsui Exp $
 
-SHA1 (nokogiri-1.8.2.gem) = c76e9d69acbe1b9d729c863585065214a3cc4f5a
-RMD160 (nokogiri-1.8.2.gem) = ad6bd51117f37eca31db00c5e1bf745cfb69f0a2
-SHA512 (nokogiri-1.8.2.gem) = e0ab71853440ca599ff693da809b8776ebc9a8a8a68035ef79b31bdee3b3dccbe4023750972b5fbed6f908e171633edee7d8f7276c35dba20fc4d2c7dbf6cf2f
-Size (nokogiri-1.8.2.gem) = 9271808 bytes
+SHA1 (nokogiri-1.8.3.gem) = 9c2fdc06f136432cee2cabbae903e8ee302ae7a2
+RMD160 (nokogiri-1.8.3.gem) = c62d8523ea395174d62f4cc50f36dda384bd405c
+SHA512 (nokogiri-1.8.3.gem) = 4825cc19667393c41a0c5a662474556991da3955fb17e67a363f979da8fadf0680eb4f89a7c87b71f6deba9db64e67bd463d5562d58604ea71a168abb8215eed
+Size (nokogiri-1.8.3.gem) = 9277440 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index