pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/ruby-rack

Module Name:    pkgsrc
Committed By:   taca
Date:           Mon Nov  3 06:36:52 UTC 2025

Modified Files:
        pkgsrc/www/ruby-rack: Makefile distinfo

Log Message:
www/ruby-rack: update to 3.2.4

3.2.2 (2025-10-07)

Security

* CVE-2025-61772 Multipart parser buffers unbounded per-part headers,
  enabling DoS (memory exhaustion)
* CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in
  memory, enabling DoS (memory exhaustion)
* CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory
  exhaustion)

3.2.3 (2025-10-10)

Security

* CVE-2025-61780 Improper handling of headers in Rack::Sendfile may allow
  proxy bypass.
* CVE-2025-61919 Unbounded read in Rack::Request form parsing can lead to
  memory exhaustion.

3.2.4 (2025-11-03)

Fixed

* Multipart parser: limit MIME header size check to the unread buffer region
  to avoid false multipart mime part header too large errors when previously
  read data accumulates in the scan buffer.  (#2392, @alpaca-tc, @willnet,
  @krororo)


To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 pkgsrc/www/ruby-rack/Makefile
cvs rdiff -u -r1.52 -r1.53 pkgsrc/www/ruby-rack/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/www/ruby-rack/Makefile
diff -u pkgsrc/www/ruby-rack/Makefile:1.54 pkgsrc/www/ruby-rack/Makefile:1.55
--- pkgsrc/www/ruby-rack/Makefile:1.54  Mon Sep 15 17:16:17 2025
+++ pkgsrc/www/ruby-rack/Makefile       Mon Nov  3 06:36:52 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.54 2025/09/15 17:16:17 taca Exp $
+# $NetBSD: Makefile,v 1.55 2025/11/03 06:36:52 taca Exp $
 
-DISTNAME=      rack-3.2.1
+DISTNAME=      rack-3.2.4
 CATEGORIES=    www
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost

Index: pkgsrc/www/ruby-rack/distinfo
diff -u pkgsrc/www/ruby-rack/distinfo:1.52 pkgsrc/www/ruby-rack/distinfo:1.53
--- pkgsrc/www/ruby-rack/distinfo:1.52  Mon Sep 15 17:16:17 2025
+++ pkgsrc/www/ruby-rack/distinfo       Mon Nov  3 06:36:52 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.52 2025/09/15 17:16:17 taca Exp $
+$NetBSD: distinfo,v 1.53 2025/11/03 06:36:52 taca Exp $
 
-BLAKE2s (rack-3.2.1.gem) = 739c6ff474f9ca34e4a1496ec5384cf0741f993f99e764106801e24310bab8a3
-SHA512 (rack-3.2.1.gem) = fb5bf65a8c47a9d5e94f7e5a6299cb21049e3cd29c8009d0cf5632f9e71df7a2de06dce882bc0ea940689fac1d83cef0bea6e448e5d7af8e2726aa4ce391dfa0
-Size (rack-3.2.1.gem) = 117760 bytes
+BLAKE2s (rack-3.2.4.gem) = fb9850c883242050b630e307bfddf5055c40aea52404209814a966e0cd2224b5
+SHA512 (rack-3.2.4.gem) = 1fd00e2fb3bcb05886434c843648ad8d28b69e12321ecd058242f7a814e269ad8ec44d66d17ae079b3d1022b7b7473397718dd032a74a6eac5f64ce973c9fe82
+Size (rack-3.2.4.gem) = 118784 bytes
Home | Main Index | Thread Index | Old Index