CVS commit: [pkgsrc-2023Q1] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2023Q1] pkgsrc/lang
From: "S.P.Zeidler" <spz%netbsd.org@localhost>
Date: Sat, 1 Apr 2023 20:04:44 +0000

Module Name:    pkgsrc
Committed By:   spz
Date:           Sat Apr  1 20:04:44 UTC 2023

Modified Files:
        pkgsrc/lang/ruby [pkgsrc-2023Q1]: rubyversion.mk
        pkgsrc/lang/ruby31-base [pkgsrc-2023Q1]: distinfo

Log Message:
Pullup ticket #6747 - requested by taca
lang/ruby31-base: security update

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.263
- lang/ruby31-base/distinfo                                     1.10

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Apr  1 09:17:15 UTC 2023

   Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby31-base: distinfo

   Log Message:
   lang/ruby31: update to 3.1.4

   Ruby 3.1.4 Released                  Posted by nagachika on 30 Mar 2023

   Ruby 3.1.4 has been released.

   This release includes security fixes.  Please check the topics below for
   details.

   * CVE-2023-28755: ReDoS vulnerability in URI
   * CVE-2023-28756: ReDoS vulnerability in Time

   What's Changed

   * Bug #19187: Ruby 3.1.3 testsuite fails after timezone 2022g update is
     applied
   * Bug #19153: Since 2.7.7 CGI::Cookie raises ArgumentError when cookie
     domains is prefixed with a dot
   * Bug #18629: block args array splatting assigns to higher scope _ var
   * Bug #18765: Wrong description introduced by
     https://github.com/ruby/ruby/pull/4938/files
   * Bug #19189: Ruby 3.1.3/3.2.x can no longer find pkg-config if not present
     at buildtime
   * Bug #19292: Time object's wday, yday, and isdst returns broken value (and
     so does to_a) when kwarg in: 'UTC' was given
   * Bug #19305: TracePoint#parameters segfaults when certain method creation
     pattern is used
   * Bug #19319: Crash in rb_str_casemap
   * Bug #19316: YJIT crash in 3.2.0
   * Bug #19284: Integer overflow when using RUBY_GC_HEAP_INIT_SLOTS
     environment variable
   * Bug #19320: Crash during compaction while traversing the stack
   * Bug #19389: StringIO gets(..., chomp: true) behaves differently to File/IO.
   * Bug #19284: Integer overflow when using RUBY_GC_HEAP_INIT_SLOTS
     environment variable
   * Bug #19398: Memory leak in WeakMap
   * Bug #19403: Unable to Build Native Gems on Mac with Ruby 3.1.0+
   * Bug #19415: Incorrect circularity warning for concurrent requires
   * Bug #19419: [BUG] try to mark T_NONE object in ibf_dump_mark
   * Bug #19445: Segmentation fault with Numeric#step
   * Bug #19161: Cannot compile 3.0.5 or 3.1.3 on Red Hat Enterprise Linux 7
   * Bug #18989: Backport f229b36087f1b387d77af8f3fa50f9bffd2fd44e to ruby_3_1
   * Bug #18748: Range#cover? returns true for beginless range of different
     type
   * Bug #18827: __ENCODING__ is not set to the source encoding when saving
     script lines
   * Bug #19242: Circular cause by Marshal
   * Bug #19243: Windows: Dir.home returns string in wrong encoding
   * Bug #19115: RubyGems fails to detect OpenSSL in --with-static-linked-ext
     builds
   * Bug #18464: RUBY_INTERNAL_EVENT_NEWOBJ tracepoint causes an interpreter
     crash when combined with Ractors
   * Bug #19529: [BUG] ObjectSpace::WeakMap can segfault after compaction
   * Bug #19485: Unexpected behavior in squiggly heredocs

   Note: This list is automatically generated by tool/gen-github-release.rb.
   Because of this, some commits may be missing.

   To generate a diff of this commit:
   cvs rdiff -u -r1.262 -r1.263 pkgsrc/lang/ruby/rubyversion.mk
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/ruby31-base/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.260.2.2 -r1.260.2.3 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.9 -r1.9.4.1 pkgsrc/lang/ruby31-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.260.2.2 pkgsrc/lang/ruby/rubyversion.mk:1.260.2.3
--- pkgsrc/lang/ruby/rubyversion.mk:1.260.2.2   Sat Apr  1 19:57:14 2023
+++ pkgsrc/lang/ruby/rubyversion.mk     Sat Apr  1 20:04:44 2023
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.260.2.2 2023/04/01 19:57:14 spz Exp $
+# $NetBSD: rubyversion.mk,v 1.260.2.3 2023/04/01 20:04:44 spz Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -215,7 +215,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
 # current supported Ruby's version
 RUBY27_VERSION=                2.7.8
 RUBY30_VERSION=                3.0.6
-RUBY31_VERSION=                3.1.3
+RUBY31_VERSION=                3.1.4
 RUBY32_VERSION=                3.2.1
 
 # current API compatible version; used for version of shared library
@@ -440,7 +440,7 @@ RUBY_BASE64_VER=            0.1.1
 RUBY_BENCHMARK_VER=            0.2.0
 RUBY_BIGDECIMAL_VER=           3.1.1
 RUBY_BUNDLER_VER=              2.3.26
-RUBY_CGI_VER=                  0.3.5
+RUBY_CGI_VER=                  0.3.6
 RUBY_CSV_VER=                  3.2.5
 RUBY_DATE_VER=                 3.2.2
 RUBY_DELEGATE_VER=             0.2.0
@@ -497,12 +497,12 @@ RUBY_STRINGIO_VER=                3.0.1
 RUBY_STRSCAN_VER=              3.0.1
 RUBY_SYSLOG_VER=               0.1.0
 RUBY_TEMPFILE_VER=             0.1.2
-RUBY_TIME_VER=                 0.2.0
+RUBY_TIME_VER=                 0.2.2
 RUBY_TIMEOUT_VER=              0.2.0
 RUBY_TMPDIR_VER=               0.1.2
 RUBY_TSORT_VER=                        0.1.0
 RUBY_UN_VER=                   0.2.0
-RUBY_URI_VER=                  0.11.0
+RUBY_URI_VER=                  0.12.1
 RUBY_WEAKREF_VER=              0.1.1
 RUBY_YAML_VER=                 0.2.0
 RUBY_ZLIB_VER=                 2.1.1

Index: pkgsrc/lang/ruby31-base/distinfo
diff -u pkgsrc/lang/ruby31-base/distinfo:1.9 pkgsrc/lang/ruby31-base/distinfo:1.9.4.1
--- pkgsrc/lang/ruby31-base/distinfo:1.9        Mon Dec  5 11:47:02 2022
+++ pkgsrc/lang/ruby31-base/distinfo    Sat Apr  1 20:04:44 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.9 2022/12/05 11:47:02 jperkin Exp $
+$NetBSD: distinfo,v 1.9.4.1 2023/04/01 20:04:44 spz Exp $
 
-BLAKE2s (ruby-3.1.3.tar.xz) = ed377b463a7602520d5f2dda4f172f3846b1d817eb9a4bbfd27c8449d983997c
-SHA512 (ruby-3.1.3.tar.xz) = 4b0fd334ae56132ba98b8a69adad54bdcf7f7aeabd5eba5b0f0399a3868e2054f9026ca1b1cb2dbb197a9e9b0610b263481949c0623a62071546bc5adff8ca69
-Size (ruby-3.1.3.tar.xz) = 15300224 bytes
+BLAKE2s (ruby-3.1.4.tar.xz) = cefa8daefd26c8da56db3e114f27cb1b0af8c427d4ba9b650ef60034cb7b413c
+SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633
+Size (ruby-3.1.4.tar.xz) = 15316604 bytes
 SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
 SHA1 (patch-configure) = 7bce8e1de07e3ff81cc984faef9ba12518557b7a
 SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890

Prev by Date: CVS commit: [pkgsrc-2023Q1] pkgsrc/lang
Next by Date: CVS commit: pkgsrc/print
Previous by Thread: CVS commit: [pkgsrc-2023Q1] pkgsrc/lang
Next by Thread: CVS commit: pkgsrc/print
Indexes:

Home | Main Index | Thread Index | Old Index