pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/ruby-rest-client



Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Mar 28 04:12:16 UTC 2015

Modified Files:
        pkgsrc/www/ruby-rest-client: Makefile distinfo

Log Message:
Update ruby-rest-client to 1.8.0, security fix.

# 1.8.0

- Security: implement standards compliant cookie handling by adding a
  dependency on http-cookie. This breaks compatibility, but was necessary to
  address a session fixation / cookie disclosure vulnerability.
  (#369 / CVE-2015-1820)

  Previously, any Set-Cookie headers found in an HTTP 30x response would be
  sent to the redirection target, regardless of domain. Responses now expose a
  cookie jar and respect standards compliant domain / path flags in Set-Cookie
  headers.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-rest-client/Makefile \
    pkgsrc/www/ruby-rest-client/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index