CVS commit: pkgsrc/databases/ruby-sqlite3

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/databases/ruby-sqlite3
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Thu, 6 Oct 2022 14:19:01 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Thu Oct  6 14:19:01 UTC 2022

Modified Files:
        pkgsrc/databases/ruby-sqlite3: Makefile PLIST distinfo

Log Message:
databases/ruby-sqlite3: update to 1.5.2

1.5.2 (2022-10-01)

Packaging

This version correctly vendors the tarball for sqlite v3.39.4 in the vanilla
"ruby" platform gem package, so that users will not require network access
at installation.

v1.5.0 and v1.5.1 mistakenly packaged the tarball for sqlite v3.38.5 in the
vanilla "ruby" platform gem, resulting in downloading the intended tarball
over the network at installation time (or, if the network was not available,
failure to install).  Note that the precompiled native gems were not
affected by this issue. [#352]

1.5.1 (2022-09-29)

Dependencies

* Vendored sqlite is updated to v3.39.4.

Security

The vendored version of sqlite, v3.39.4, should be considered to be a
security release.  From the release notes:

         Version 3.39.4 is a minimal patch against the prior release that
         addresses issues found since the prior release.  In particular, a
         potential vulnerability in the FTS3 extension has been fixed, so
         this should be considered a security update.

         In order to exploit the vulnerability, an attacker must have full
         SQL access and must be able to construct a corrupt database with
         over 2GB of FTS3 content.  The problem arises from a 32-bit signed
         integer overflow.

For more information please see GHSA-mgvv-5mxp-xq67.


To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/databases/ruby-sqlite3/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/databases/ruby-sqlite3/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/databases/ruby-sqlite3/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/databases/ruby-sqlite3/Makefile
diff -u pkgsrc/databases/ruby-sqlite3/Makefile:1.56 pkgsrc/databases/ruby-sqlite3/Makefile:1.57
--- pkgsrc/databases/ruby-sqlite3/Makefile:1.56 Sun Sep 11 16:05:14 2022
+++ pkgsrc/databases/ruby-sqlite3/Makefile      Thu Oct  6 14:19:01 2022
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.56 2022/09/11 16:05:14 taca Exp $
+# $NetBSD: Makefile,v 1.57 2022/10/06 14:19:01 taca Exp $
 
-DISTNAME=      sqlite3-1.5.0
-PKGREVISION=   1
+DISTNAME=      sqlite3-1.5.2
 CATEGORIES=    databases
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost

Index: pkgsrc/databases/ruby-sqlite3/PLIST
diff -u pkgsrc/databases/ruby-sqlite3/PLIST:1.19 pkgsrc/databases/ruby-sqlite3/PLIST:1.20
--- pkgsrc/databases/ruby-sqlite3/PLIST:1.19    Fri Sep  9 13:17:47 2022
+++ pkgsrc/databases/ruby-sqlite3/PLIST Thu Oct  6 14:19:01 2022
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.19 2022/09/09 13:17:47 taca Exp $
+@comment $NetBSD: PLIST,v 1.20 2022/10/06 14:19:01 taca Exp $
 ${GEM_HOME}/build_info/${GEM_NAME}.info
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_EXTSDIR}/gem.build_complete
@@ -12,6 +12,7 @@ ${GEM_LIBDIR}/Gemfile
 ${GEM_LIBDIR}/LICENSE
 ${GEM_LIBDIR}/LICENSE-DEPENDENCIES
 ${GEM_LIBDIR}/README.md
+${GEM_LIBDIR}/dependencies.yml
 ${GEM_LIBDIR}/ext/sqlite3/aggregator.c
 ${GEM_LIBDIR}/ext/sqlite3/aggregator.h
 ${GEM_LIBDIR}/ext/sqlite3/backup.c
@@ -39,6 +40,7 @@ ${GEM_LIBDIR}/lib/sqlite3/statement.rb
 ${GEM_LIBDIR}/lib/sqlite3/translator.rb
 ${GEM_LIBDIR}/lib/sqlite3/value.rb
 ${GEM_LIBDIR}/lib/sqlite3/version.rb
+${GEM_LIBDIR}/ports/archives/sqlite-autoconf-3390400.tar.gz
 ${GEM_LIBDIR}/test/helper.rb
 ${GEM_LIBDIR}/test/test_backup.rb
 ${GEM_LIBDIR}/test/test_collation.rb

Index: pkgsrc/databases/ruby-sqlite3/distinfo
diff -u pkgsrc/databases/ruby-sqlite3/distinfo:1.26 pkgsrc/databases/ruby-sqlite3/distinfo:1.27
--- pkgsrc/databases/ruby-sqlite3/distinfo:1.26 Fri Sep  9 13:17:47 2022
+++ pkgsrc/databases/ruby-sqlite3/distinfo      Thu Oct  6 14:19:01 2022
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.26 2022/09/09 13:17:47 taca Exp $
+$NetBSD: distinfo,v 1.27 2022/10/06 14:19:01 taca Exp $
 
-BLAKE2s (sqlite3-1.5.0.gem) = bc9dcb58e741a9471ded882ffde9fa20da40ce004415f5fae37edb0025dfc373
-SHA512 (sqlite3-1.5.0.gem) = 52303d3994e25bc994f86fac03b40b3bdb7eb688ae386ca583bacab74b68dd493c470f854884036d350b23ba366448605314bf080343a5684f9c999d73c1ab38
-Size (sqlite3-1.5.0.gem) = 3102720 bytes
+BLAKE2s (sqlite3-1.5.2.gem) = 3ada0749d73f5e24dc1162b58028a092e5ce42c4e4d53b92e04da629cff90378
+SHA512 (sqlite3-1.5.2.gem) = 2fed4140beee19c2fa695e219de2dfb107e112b80ae9b0524961e3de0f92482cd0510e39cc5f04287ed275fc135eaf449bd90dd224961b7c4968e2c8e639a30b
+Size (sqlite3-1.5.2.gem) = 3134976 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index