pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2017Q2]: pkgsrc/lang/ruby24-base Pullup ticket #5545 - request...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/d23d55bd3190
branches:  pkgsrc-2017Q2
changeset: 408689:d23d55bd3190
user:      spz <spz%pkgsrc.org@localhost>
date:      Fri Sep 15 19:25:23 2017 +0000

description:
Pullup ticket #5545 - requested by taca
lang/ruby24-base: security fix

Revisions pulled up:
- lang/ruby24-base/Makefile                                     1.4
- lang/ruby24-base/distinfo                                     1.3

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Wed Aug 30 03:33:39 UTC 2017

   Modified Files:
        pkgsrc/lang/ruby24-base: Makefile distinfo

   Log Message:
   Add patch to fix vulnerabilities of rubygems.

   https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

   * a DNS request hijacking vulnerability
   * an ANSI escape sequence vulnerability
   * a DoS vulernerability in the query command
   * a vulnerability in the gem installer that allowed a malicious gem to
     overwrite arbitrary files

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby24-base/Makefile
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby24-base/distinfo

diffstat:

 lang/ruby24-base/Makefile |   6 +++++-
 lang/ruby24-base/distinfo |  10 +++++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diffs (42 lines):

diff -r f96e6a797e45 -r d23d55bd3190 lang/ruby24-base/Makefile
--- a/lang/ruby24-base/Makefile Fri Sep 15 19:25:13 2017 +0000
+++ b/lang/ruby24-base/Makefile Fri Sep 15 19:25:23 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.3 2017/06/27 15:25:19 jperkin Exp $
+# $NetBSD: Makefile,v 1.3.2.1 2017/09/15 19:25:23 spz Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
@@ -6,6 +6,10 @@
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 
+PATCH_SITES=   https://bugs.ruby-lang.org/attachments/download/6692/ \
+               https://bugs.ruby-lang.org/attachments/download/6693/
+PATCHFILES=    rubygems-2612-ruby24.patch rubygems-2613-ruby24.patch
+
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
 COMMENT=       Ruby ${RUBY_VERSION} release minimum base package
diff -r f96e6a797e45 -r d23d55bd3190 lang/ruby24-base/distinfo
--- a/lang/ruby24-base/distinfo Fri Sep 15 19:25:13 2017 +0000
+++ b/lang/ruby24-base/distinfo Fri Sep 15 19:25:23 2017 +0000
@@ -1,9 +1,17 @@
-$NetBSD: distinfo,v 1.2 2017/06/27 15:25:19 jperkin Exp $
+$NetBSD: distinfo,v 1.2.2.1 2017/09/15 19:25:23 spz Exp $
 
 SHA1 (ruby-2.4.1.tar.bz2) = b0bec75c260dcb81ca386fafef27bd718f8c28ad
 RMD160 (ruby-2.4.1.tar.bz2) = 02f0be92b3fb3fbb4bd1f945359c0d45297cefc6
 SHA512 (ruby-2.4.1.tar.bz2) = 1c80d4c30ecb51758a193b26b76802a06d214de7f15570f1e85b5fae4cec81bda7237f086b81f6f2b5767f2e93d347ad1fa3f49d7b5c2e084d5f57c419503f74
 Size (ruby-2.4.1.tar.bz2) = 12571597 bytes
+SHA1 (rubygems-2612-ruby24.patch) = 5da389b3858c8392a58ab1ab25c654e174c23857
+RMD160 (rubygems-2612-ruby24.patch) = db0542664fa3e4ac3b5f50a83644b2dca2c30a75
+SHA512 (rubygems-2612-ruby24.patch) = 03d4925fab0c5b47e033a69cb3b5807f9af218b745cfee57487e5120fbd468e568ba498709aae3adcce80d9584692e9cd71f659e79ba1ad5c2dc318610ae3dd2
+Size (rubygems-2612-ruby24.patch) = 13536 bytes
+SHA1 (rubygems-2613-ruby24.patch) = 002496ebe06922edf106638b80a29f9311411a42
+RMD160 (rubygems-2613-ruby24.patch) = 8476e8a8cf5ec19886f01dc2c4e3999b495a2105
+SHA512 (rubygems-2613-ruby24.patch) = 94c9963d6c917ded90f12748d61083e2a5cb8e41ae61c50b329930aaa6104eaec5426c32cbc3a8fe01e48564d004cfbc3eea2a5c1e1bb598fc4dad69d2ea5c93
+Size (rubygems-2613-ruby24.patch) = 11119 bytes
 SHA1 (patch-configure) = 680a13e6405a8aab61eba078f6d88488b426885c
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-ext_openssl_ossl__ssl.c) = 03ec33b438f3269910d10fb221d1cfe8df33c9ee



Home | Main Index | Thread Index | Old Index