pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/ruby-rack2
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 3 06:39:55 UTC 2025
Modified Files:
pkgsrc/www/ruby-rack2: Makefile distinfo
Log Message:
www/ruby-rack2: update to 2.2.21
2.2.18 (2025-09-25)
Security
* CVE-2025-59830 Unbounded parameter parsing in Rack::QueryParser can lead
to memory exhaustion via semicolon-separated parameters.
2.2.19 (2025-10-07)
Security
* CVE-2025-61772 Multipart parser buffers unbounded per-part headers,
enabling DoS (memory exhaustion)
* CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in
memory, enabling DoS (memory exhaustion)
* CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory
exhaustion)
2.2.20 (2025-10-10)
Security
* CVE-2025-61780 Improper handling of headers in Rack::Sendfile may allow
proxy bypass.
* CVE-2025-61919 Unbounded read in Rack::Request form parsing can lead to
memory exhaustion.
2.2.21 (2025-11-03)
Fixed
* Multipart parser: limit MIME header size check to the unread buffer region
to avoid false multipart mime part header too large errors when previously
read data accumulates in the scan buffer. (#2392, @alpaca-tc, @willnet,
@krororo)
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/ruby-rack2/Makefile \
pkgsrc/www/ruby-rack2/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/ruby-rack2/Makefile
diff -u pkgsrc/www/ruby-rack2/Makefile:1.14 pkgsrc/www/ruby-rack2/Makefile:1.15
--- pkgsrc/www/ruby-rack2/Makefile:1.14 Thu Jun 5 14:48:16 2025
+++ pkgsrc/www/ruby-rack2/Makefile Mon Nov 3 06:39:55 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.14 2025/06/05 14:48:16 taca Exp $
+# $NetBSD: Makefile,v 1.15 2025/11/03 06:39:55 taca Exp $
-DISTNAME= rack-2.2.17
+DISTNAME= rack-2.2.21
PKGNAME= ${RUBY_PKGPREFIX}-${DISTNAME:S/rack/&2/}
CATEGORIES= www
Index: pkgsrc/www/ruby-rack2/distinfo
diff -u pkgsrc/www/ruby-rack2/distinfo:1.14 pkgsrc/www/ruby-rack2/distinfo:1.15
--- pkgsrc/www/ruby-rack2/distinfo:1.14 Thu Jun 5 14:48:16 2025
+++ pkgsrc/www/ruby-rack2/distinfo Mon Nov 3 06:39:55 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.14 2025/06/05 14:48:16 taca Exp $
+$NetBSD: distinfo,v 1.15 2025/11/03 06:39:55 taca Exp $
-BLAKE2s (rack-2.2.17.gem) = 4ca7f44127a2a2a2e1b9e6f2d6bf6865b89797e529c250e452f5d8f33e7d683b
-SHA512 (rack-2.2.17.gem) = e3f3f8f94aee641a00fb39ebd5d3c1a43b5d2c6d689fbfa2b13f5877e5b4bea33c2ce0e78c8db06005908723596aaa7220ae521e62d5552ead212c8239002e04
-Size (rack-2.2.17.gem) = 154112 bytes
+BLAKE2s (rack-2.2.21.gem) = 6e8bae7962d045ef2a322859a6884fab585b78ce43b897e176ef1642fb187d04
+SHA512 (rack-2.2.21.gem) = c4f4ae2a0ca805f3ffbfe74b0bf95dd0ff22094c60015d1ff9433c936e3095c425dec0bba0fb2e15cdf9f4e3561e72b4182fbf2bdfcac9c22fe26025632bc5c6
+Size (rack-2.2.21.gem) = 155648 bytes
Home |
Main Index |
Thread Index |
Old Index