pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang/ruby26-base
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 12 04:19:09 UTC 2019
Modified Files:
pkgsrc/lang/ruby26-base: Makefile distinfo
Log Message:
lang/ruby26-base: Add security patch for rubygems
Add security patch for rubygems, fixing these problem.
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/ruby26-base/Makefile \
pkgsrc/lang/ruby26-base/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/ruby26-base/Makefile
diff -u pkgsrc/lang/ruby26-base/Makefile:1.1 pkgsrc/lang/ruby26-base/Makefile:1.2
--- pkgsrc/lang/ruby26-base/Makefile:1.1 Sun Feb 3 13:41:33 2019
+++ pkgsrc/lang/ruby26-base/Makefile Tue Mar 12 04:19:09 2019
@@ -1,10 +1,14 @@
-# $NetBSD: Makefile,v 1.1 2019/02/03 13:41:33 taca Exp $
+# $NetBSD: Makefile,v 1.2 2019/03/12 04:19:09 taca Exp $
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
+PKGREVISION= 1
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
+PATCHFILES= ruby-2.6.1-rubygems.patch
+PATCH_SITES= https://bugs.ruby-lang.org/attachments/download/7664/
+
MAINTAINER= taca%NetBSD.org@localhost
HOMEPAGE= ${RUBY_HOMEPAGE}
COMMENT= Ruby ${RUBY_VERSION} release minimum base package
Index: pkgsrc/lang/ruby26-base/distinfo
diff -u pkgsrc/lang/ruby26-base/distinfo:1.1 pkgsrc/lang/ruby26-base/distinfo:1.2
--- pkgsrc/lang/ruby26-base/distinfo:1.1 Sun Feb 3 13:41:33 2019
+++ pkgsrc/lang/ruby26-base/distinfo Tue Mar 12 04:19:09 2019
@@ -1,5 +1,9 @@
-$NetBSD: distinfo,v 1.1 2019/02/03 13:41:33 taca Exp $
+$NetBSD: distinfo,v 1.2 2019/03/12 04:19:09 taca Exp $
+SHA1 (ruby-2.6.1-rubygems.patch) = a12386ef79715b4693e02ad0c00034558b669181
+RMD160 (ruby-2.6.1-rubygems.patch) = f733d14223b8e4270b1114524b0e33f634a822ab
+SHA512 (ruby-2.6.1-rubygems.patch) = 2684ed9c326a989cc75ec25e976f7ffef107d10ccaa54cc83ad48b3fe6f36a1526e6f4bd3a45e29401908d2155e9c3f82b3be14a24ab8c7bef3431f1a0cbbd39
+Size (ruby-2.6.1-rubygems.patch) = 18026 bytes
SHA1 (ruby-2.6.1.tar.xz) = ba5f4338bb642e3836dd80b73a9df0d1b6e079ae
RMD160 (ruby-2.6.1.tar.xz) = adccca8036dfc34d00ea71d5a59a2a968de5187b
SHA512 (ruby-2.6.1.tar.xz) = fb36289a955f0596c683cdadf1e4a9a9fd35222b1e1c6160c2e7cd82e5befd40a7aa4361e55f7a8f83c06ee899ec493821c7db34a60c4ac3bca0e874d33ef1a9
Home |
Main Index |
Thread Index |
Old Index