CVS commit: pkgsrc/textproc/ruby-safe_yaml

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/textproc/ruby-safe_yaml
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Sun, 15 Sep 2013 16:31:27 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Sun Sep 15 16:31:27 UTC 2013

Added Files:
        pkgsrc/textproc/ruby-safe_yaml: DESCR Makefile PLIST distinfo

Log Message:
Add ruby-safe_yaml package version 0.9.5.

The SafeYAML gem provides an alternative implementation of `YAML.load`
suitable for accepting user input in Ruby applications.  Unlike Ruby's
built-in implementation of `YAML.load`, SafeYAML's version will not expose
apps to arbitrary code execution exploits (such as [the ones
discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/)
[in Rails in early
2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)).

If you encounter any issues with SafeYAML, check out the 'Common Issues'
section below.  If you don't see anything that addresses the problem you're
experiencing, by all means,  [create an
issue](https://github.com/dtao/safe_yaml/issues/new)!


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/textproc/ruby-safe_yaml/DESCR \
    pkgsrc/textproc/ruby-safe_yaml/Makefile \
    pkgsrc/textproc/ruby-safe_yaml/PLIST \
    pkgsrc/textproc/ruby-safe_yaml/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/textproc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/textproc
Indexes:

Home | Main Index | Thread Index | Old Index