[pkgsrc/trunk]: pkgsrc/devel/ruby-redmine42 devel/ruby-redmin42: update to 4.2.7

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/devel/ruby-redmine42 devel/ruby-redmin42: update to 4.2.7
From: taca <taca%pkgsrc.org@localhost>
Date: Wed, 22 Jun 2022 16:47:13 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/a9d4360a0e6c
branches:  trunk
changeset: 380996:a9d4360a0e6c
user:      taca <taca%pkgsrc.org@localhost>
date:      Wed Jun 22 15:39:58 2022 +0000

description:
devel/ruby-redmin42: update to 4.2.7

>From release announce on 2022-06-21:

Redmine 4.2.7 and 5.0.2 have been released and are available for download,
you can review the changes in the Changelog.

These maintenance releases fixes some important issues and multiple security
fixes that were found in the latest Redmine 4.2.* and 5.0.* versions.

Security:

1. Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in
   order to fix a remote code execution vulnerability.  Because the fixed
   version of the gem doesn't support Ruby 2.5, those instances that are
   using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to
   update Ruby version to at least 2.6 because it's the only way to get the
   update and the fix.  Also, the next major Redmine version (5.1.0) already
   dropped support for Ruby 2.5 (#37159).

2. Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities

3. Fixes unauthorised Information Leak in QueryAssociationColumn and
   QueryAssociationCustomFieldColumn when the user has no permission to view
   on the associated object

Many thanks to Liane Hampe and Felix Schäfer for reporting these security
issues and to Holger Just and Felix Schäfer for their work on fixing all
these issues.

diffstat:

 devel/ruby-redmine42/Makefile |  4 ++--
 devel/ruby-redmine42/PLIST    |  6 +++---
 devel/ruby-redmine42/distinfo |  8 ++++----
 3 files changed, 9 insertions(+), 9 deletions(-)

diffs (60 lines):

diff -r df59b56d8bf4 -r a9d4360a0e6c devel/ruby-redmine42/Makefile
--- a/devel/ruby-redmine42/Makefile     Wed Jun 22 14:55:16 2022 +0000
+++ b/devel/ruby-redmine42/Makefile     Wed Jun 22 15:39:58 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.10 2022/06/15 14:22:55 taca Exp $
+# $NetBSD: Makefile,v 1.11 2022/06/22 15:39:58 taca Exp $
 
 DISTNAME=      redmine-${RM_VERSION}
 PKGNAME=       ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/}
@@ -12,7 +12,7 @@
 
 USE_TOOLS+=    pax
 
-RM_VERSION=    4.2.6
+RM_VERSION=    4.2.7
 
 NO_BUILD=      yes
 
diff -r df59b56d8bf4 -r a9d4360a0e6c devel/ruby-redmine42/PLIST
--- a/devel/ruby-redmine42/PLIST        Wed Jun 22 14:55:16 2022 +0000
+++ b/devel/ruby-redmine42/PLIST        Wed Jun 22 15:39:58 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2022/04/03 05:36:02 taca Exp $
+@comment $NetBSD: PLIST,v 1.3 2022/06/22 15:39:58 taca Exp $
 bin/redmine42_generate_secret_token${RUBY_SUFFIX}.sh
 bin/redmine42_load_default_data${RUBY_SUFFIX}.sh
 bin/redmine42_migrate_db${RUBY_SUFFIX}.sh
@@ -1613,7 +1613,7 @@
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-vi.js
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-zh-CN.js
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-zh-TW.js
-share/${RUBY_NAME}-redmine42/public/javascripts/jquery-3.5.1-ui-1.12.1-ujs-5.2.4.5.js
+share/${RUBY_NAME}-redmine42/public/javascripts/jquery-3.6.0-ui-1.13.1-ujs-5.2.4.5.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jquery-migrate-3.3.2.min.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jstoolbar/jstoolbar.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jstoolbar/lang/jstoolbar-ar.js
@@ -1685,7 +1685,7 @@
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_777777_256x240.png
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_cc0000_256x240.png
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_ffffff_256x240.png
-share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/jquery-ui-1.12.1.css
+share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/jquery-ui-1.13.1.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/jstoolbar.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/responsive.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/rtl.css
diff -r df59b56d8bf4 -r a9d4360a0e6c devel/ruby-redmine42/distinfo
--- a/devel/ruby-redmine42/distinfo     Wed Jun 22 14:55:16 2022 +0000
+++ b/devel/ruby-redmine42/distinfo     Wed Jun 22 15:39:58 2022 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.9 2022/06/15 14:22:55 taca Exp $
+$NetBSD: distinfo,v 1.10 2022/06/22 15:39:58 taca Exp $
 
-BLAKE2s (redmine-4.2.6.tar.gz) = 3e87ec7b1a4568d0d46cc8868d3ecd8481687411fce813eb50e50f5e0a7058de
-SHA512 (redmine-4.2.6.tar.gz) = 4071783917627927c0239cd3fefbc04a48706c28cd63b7fb09b5d234698b5847cc66f27dd717ee8d144385174471361b73b781799f02b73a49e141a6cbdd4077
-Size (redmine-4.2.6.tar.gz) = 3041632 bytes
+BLAKE2s (redmine-4.2.7.tar.gz) = 3e692c8190c896d0f40deb94a709494448622d68a03531323effdc015af0d8ad
+SHA512 (redmine-4.2.7.tar.gz) = 6654aec3981de8b26de416d253c22c91d881dd7df54192ce41e6e99213c6f4b0947ce213fe484c18117f8701d0528ebb23fe3acf335f84638eeddd972b601be9
+Size (redmine-4.2.7.tar.gz) = 3042676 bytes
 SHA1 (patch-Gemfile) = 45289d38e0209c7393c199e5e915afca8f25fb7b
 SHA1 (patch-lib_tasks_initializers.rake) = 73c4594c94abd28e628bbd172565b161f0e54fff

Prev by Date: [pkgsrc/trunk]: pkgsrc/www/R-curl www/R-curl: fix build+install on big-endian...
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine42 to 4.2.7
Previous by Thread: [pkgsrc/trunk]: pkgsrc/www/R-curl www/R-curl: fix build+install on big-endian...
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine42 to 4.2.7
Indexes:

Home | Main Index | Thread Index | Old Index