[pkgsrc/trunk]: pkgsrc/lang ruby24-base: Update ruby24-base and ruby24 to 2.4.2.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang ruby24-base: Update ruby24-base and ruby24 to 2.4.2.
From: taca <taca%pkgsrc.org@localhost>
Date: Wed, 15 Jan 2020 07:53:00 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/c35a69b75ba0
branches:  trunk
changeset: 368349:c35a69b75ba0
user:      taca <taca%pkgsrc.org@localhost>
date:      Fri Sep 15 00:39:46 2017 +0000

description:
ruby24-base: Update ruby24-base and ruby24 to 2.4.2.


Ruby 2.4.2 Released                     Posted by nagachika on 14 Sep 2017

We are pleased to announce the release of Ruby 2.4.2. This release contains
some security fixes.

* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
  authentication of WEBrick

* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docod

* CVE-2017-14064: Heap exposure in generating JSON

* Multiple vulnerabilities in RubyGems

* Update bundled libyaml to version 0.1.7.

There are also many bug-fixes. See commit logs for more details.

diffstat:

 lang/ruby/rubyversion.mk                               |   8 +++---
 lang/ruby24-base/Makefile                              |   7 +-----
 lang/ruby24-base/distinfo                              |  19 ++++-------------
 lang/ruby24-base/patches/patch-ext_openssl_ossl__ssl.c |  15 --------------
 4 files changed, 10 insertions(+), 39 deletions(-)

diffs (100 lines):

diff -r 2894777bb938 -r c35a69b75ba0 lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk  Fri Sep 15 00:37:47 2017 +0000
+++ b/lang/ruby/rubyversion.mk  Fri Sep 15 00:39:46 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.183 2017/09/15 00:36:17 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.184 2017/09/15 00:39:46 taca Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -216,7 +216,7 @@
 # current supported Ruby's version
 RUBY22_VERSION=                2.2.8
 RUBY23_VERSION=                2.3.5
-RUBY24_VERSION=                2.4.1
+RUBY24_VERSION=                2.4.2
 
 # current API compatible version; used for version of shared library
 RUBY22_API_VERSION=    2.2.0
@@ -313,11 +313,11 @@
 RUBY_GEMS_VERSION=     2.6.11
 RUBY_RDOC_VERSION=     5.0.0
 RUBY_RAKE_VERSION=     12.0.0
-RUBY_JSON_VERSION=     2.0.2
+RUBY_JSON_VERSION=     2.0.4
 
 RUBY_BIGDECIMAL_VERSION=       1.3.0
 RUBY_IO_CONSOLE_VERSION=       0.4.6
-RUBY_OPENSSL_VERSION=          2.0.3
+RUBY_OPENSSL_VERSION=          2.0.5
 RUBY_PSYCH_VERSION=            2.2.2
 RUBY_DID_YOU_MEAN_VERSION=     1.1.0
 RUBY_MINITEST_VERSION=         5.10.1
diff -r 2894777bb938 -r c35a69b75ba0 lang/ruby24-base/Makefile
--- a/lang/ruby24-base/Makefile Fri Sep 15 00:37:47 2017 +0000
+++ b/lang/ruby24-base/Makefile Fri Sep 15 00:39:46 2017 +0000
@@ -1,15 +1,10 @@
-# $NetBSD: Makefile,v 1.4 2017/08/30 03:33:39 taca Exp $
+# $NetBSD: Makefile,v 1.5 2017/09/15 00:39:46 taca Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=   1
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 
-PATCH_SITES=   https://bugs.ruby-lang.org/attachments/download/6692/ \
-               https://bugs.ruby-lang.org/attachments/download/6693/
-PATCHFILES=    rubygems-2612-ruby24.patch rubygems-2613-ruby24.patch
-
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
 COMMENT=       Ruby ${RUBY_VERSION} release minimum base package
diff -r 2894777bb938 -r c35a69b75ba0 lang/ruby24-base/distinfo
--- a/lang/ruby24-base/distinfo Fri Sep 15 00:37:47 2017 +0000
+++ b/lang/ruby24-base/distinfo Fri Sep 15 00:39:46 2017 +0000
@@ -1,20 +1,11 @@
-$NetBSD: distinfo,v 1.3 2017/08/30 03:33:39 taca Exp $
+$NetBSD: distinfo,v 1.4 2017/09/15 00:39:46 taca Exp $
 
-SHA1 (ruby-2.4.1.tar.bz2) = b0bec75c260dcb81ca386fafef27bd718f8c28ad
-RMD160 (ruby-2.4.1.tar.bz2) = 02f0be92b3fb3fbb4bd1f945359c0d45297cefc6
-SHA512 (ruby-2.4.1.tar.bz2) = 1c80d4c30ecb51758a193b26b76802a06d214de7f15570f1e85b5fae4cec81bda7237f086b81f6f2b5767f2e93d347ad1fa3f49d7b5c2e084d5f57c419503f74
-Size (ruby-2.4.1.tar.bz2) = 12571597 bytes
-SHA1 (rubygems-2612-ruby24.patch) = 5da389b3858c8392a58ab1ab25c654e174c23857
-RMD160 (rubygems-2612-ruby24.patch) = db0542664fa3e4ac3b5f50a83644b2dca2c30a75
-SHA512 (rubygems-2612-ruby24.patch) = 03d4925fab0c5b47e033a69cb3b5807f9af218b745cfee57487e5120fbd468e568ba498709aae3adcce80d9584692e9cd71f659e79ba1ad5c2dc318610ae3dd2
-Size (rubygems-2612-ruby24.patch) = 13536 bytes
-SHA1 (rubygems-2613-ruby24.patch) = 002496ebe06922edf106638b80a29f9311411a42
-RMD160 (rubygems-2613-ruby24.patch) = 8476e8a8cf5ec19886f01dc2c4e3999b495a2105
-SHA512 (rubygems-2613-ruby24.patch) = 94c9963d6c917ded90f12748d61083e2a5cb8e41ae61c50b329930aaa6104eaec5426c32cbc3a8fe01e48564d004cfbc3eea2a5c1e1bb598fc4dad69d2ea5c93
-Size (rubygems-2613-ruby24.patch) = 11119 bytes
+SHA1 (ruby-2.4.2.tar.bz2) = a8a50a9297ff656e5230bf0f945acd69cc02a097
+RMD160 (ruby-2.4.2.tar.bz2) = 0e44cf9b76d01be568049a634eba8a0959a69ff2
+SHA512 (ruby-2.4.2.tar.bz2) = 1a5302d2558089a6b91b815fff9b75a29e690f10861de5fdd48211f3f45025a70dad7495f216e6af9c62d72e69ed316f1a52fada704bdc7e6d8c094d141ea77c
+Size (ruby-2.4.2.tar.bz2) = 12607283 bytes
 SHA1 (patch-configure) = 680a13e6405a8aab61eba078f6d88488b426885c
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
-SHA1 (patch-ext_openssl_ossl__ssl.c) = 03ec33b438f3269910d10fb221d1cfe8df33c9ee
 SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e
 SHA1 (patch-lib_rdoc_ri_driver.rb) = f4d3e59e35b608acd4edc17916142c7f033e6198
 SHA1 (patch-lib_rubygems.rb) = 1a5aa56308cff986ab8e65f523f8d19649ddf24c
diff -r 2894777bb938 -r c35a69b75ba0 lang/ruby24-base/patches/patch-ext_openssl_ossl__ssl.c
--- a/lang/ruby24-base/patches/patch-ext_openssl_ossl__ssl.c    Fri Sep 15 00:37:47 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-ext_openssl_ossl__ssl.c,v 1.1 2017/06/18 13:45:11 taca Exp $
-
-Utilize OPENSSL_NO_SSL2, do we still need it?
-
---- ext/openssl/ossl_ssl.c.orig        2017-03-27 01:40:50.000000000 +0000
-+++ ext/openssl/ossl_ssl.c
-@@ -65,7 +65,7 @@ static const struct {
-     { #name"_server", (SSL_METHOD *(*)(void))name##_server_method, version }, \
-     { #name"_client", (SSL_METHOD *(*)(void))name##_client_method, version }
- #endif
--#if defined(HAVE_SSLV2_METHOD)
-+#if !defined(OPENSSL_NO_SSL2) && defined(HAVE_SSLV2_METHOD)
-     OSSL_SSL_METHOD_ENTRY(SSLv2, SSL2_VERSION),
- #endif
- #if defined(HAVE_SSLV3_METHOD)

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: security update of ruby22, ruby23 and ruby24
Next by Date: [pkgsrc/trunk]: pkgsrc/lang Update ruby23-base, ruby-gdbm, ruby-fiddle, ruby-...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: security update of ruby22, ruby23 and ruby24
Next by Thread: [pkgsrc/trunk]: pkgsrc/lang Update ruby23-base, ruby-gdbm, ruby-fiddle, ruby-...
Indexes:

Home | Main Index | Thread Index | Old Index