CVS commit: pkgsrc/devel/ruby-redmine42

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/devel/ruby-redmine42
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Sat, 3 Dec 2022 06:40:09 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Dec  3 06:40:09 UTC 2022

Modified Files:
        pkgsrc/devel/ruby-redmine42: Makefile distinfo
        pkgsrc/devel/ruby-redmine42/patches: patch-Gemfile

Log Message:
devel/ruby-redmine42: update to 4.2.9

4.2.9 (2022-12-01)

This is security release.

* Fix CVE-2022-44031: Persistent XSS in textile formatting due to blockquote
  citation (#37751)

* Fix CVE-2021-44637: Redmine contains a cross-site scripting vulnerability
  (#37767)

* Open Redirect in attachments#download_all (#37880)


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-redmine42/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-redmine42/distinfo
cvs rdiff -u -r1.7 -r1.8 pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/devel/ruby-redmine42/Makefile
diff -u pkgsrc/devel/ruby-redmine42/Makefile:1.16 pkgsrc/devel/ruby-redmine42/Makefile:1.17
--- pkgsrc/devel/ruby-redmine42/Makefile:1.16   Mon Oct 10 03:24:52 2022
+++ pkgsrc/devel/ruby-redmine42/Makefile        Sat Dec  3 06:40:09 2022
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.16 2022/10/10 03:24:52 taca Exp $
+# $NetBSD: Makefile,v 1.17 2022/12/03 06:40:09 taca Exp $
 
 DISTNAME=      redmine-${RM_VERSION}
 PKGNAME=       ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/}
@@ -12,7 +12,7 @@ LICENSE=      gnu-gpl-v2 # and so on.
 
 USE_TOOLS+=    pax
 
-RM_VERSION=    4.2.8
+RM_VERSION=    4.2.9
 
 NO_BUILD=      yes
 

Index: pkgsrc/devel/ruby-redmine42/distinfo
diff -u pkgsrc/devel/ruby-redmine42/distinfo:1.11 pkgsrc/devel/ruby-redmine42/distinfo:1.12
--- pkgsrc/devel/ruby-redmine42/distinfo:1.11   Sun Oct  9 15:31:46 2022
+++ pkgsrc/devel/ruby-redmine42/distinfo        Sat Dec  3 06:40:09 2022
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.11 2022/10/09 15:31:46 taca Exp $
+$NetBSD: distinfo,v 1.12 2022/12/03 06:40:09 taca Exp $
 
-BLAKE2s (redmine-4.2.8.tar.gz) = 680e3838dc1c094b38e053edac9099c015bae2ed77ebb9d8cc439722eff63b8e
-SHA512 (redmine-4.2.8.tar.gz) = 0cb2d1d8d700503855ac626a056413035cd14d46b6fca0a312461ab112c990b2eaeaa4212c3be5738df8c145160ac4ae0dfb1c2d21586e953452d09b782cc748
-Size (redmine-4.2.8.tar.gz) = 3043322 bytes
-SHA1 (patch-Gemfile) = 5b3dcc200f2e62ebec6e1ad0be4217ac06229869
+BLAKE2s (redmine-4.2.9.tar.gz) = f13f82335fd8c8d069a51dd556ff4487d7b5f90b9cab0eb569bd49099c4b8fe7
+SHA512 (redmine-4.2.9.tar.gz) = b0c6cade20dbcb4dd5c88081fb44f63dc3687b3735d47572e71bfeff0e17d2e4c9281afc10cf3b9679ab1e492a71a260a1d3fac5b660af5226849ccac4e0dd36
+Size (redmine-4.2.9.tar.gz) = 3043566 bytes
+SHA1 (patch-Gemfile) = 995dc55fcf3f8b77eade831d24918b0445180366
 SHA1 (patch-lib_tasks_initializers.rake) = 73c4594c94abd28e628bbd172565b161f0e54fff

Index: pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile
diff -u pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile:1.7 pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile:1.8
--- pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile:1.7       Sun Oct  9 15:31:46 2022
+++ pkgsrc/devel/ruby-redmine42/patches/patch-Gemfile   Sat Dec  3 06:40:09 2022
@@ -1,8 +1,8 @@
-$NetBSD: patch-Gemfile,v 1.7 2022/10/09 15:31:46 taca Exp $
+$NetBSD: patch-Gemfile,v 1.8 2022/12/03 06:40:09 taca Exp $
 
 Relax dependency.
 
---- Gemfile.orig       2022-10-02 20:10:08.000000000 +0000
+--- Gemfile.orig       2022-12-01 15:40:06.000000000 +0000
 +++ Gemfile
 @@ -3,17 +3,17 @@ source 'https://rubygems.org'
  ruby '>= 2.4.0', '< 2.8.0'
@@ -44,7 +44,7 @@ Relax dependency.
        when /sqlite3/
          gem "sqlite3", "~> 1.4.0", :platforms => [:mri, :mingw, :x64_mingw]
        when /sqlserver/
-@@ -87,26 +87,6 @@ else
+@@ -87,27 +87,6 @@ else
    warn("Please configure your config/database.yml first")
  end
  
@@ -54,13 +54,14 @@ Relax dependency.
 -
 -group :test do
 -  gem "rails-dom-testing"
--  gem 'mocha', '>= 1.4.0'
+-  gem 'mocha', (Gem.ruby_version < Gem::Version.new('2.7.0') ? ['>= 1.4.0', '< 2.0.0'] : '>= 1.4.0')
 -  gem 'simplecov', '~> 0.18.5', :require => false
 -  gem "ffi", platforms: [:mingw, :x64_mingw, :mswin]
 -  # For running system tests
--  gem 'puma'
+-  # TODO: Remove version specification once Capybara supports Puma 6
+-  gem 'puma', '< 6.0.0'
 -  gem 'capybara', '~> 3.31.0'
--  gem "selenium-webdriver"
+-  gem "selenium-webdriver", "~> 3.142.7"
 -  gem 'webdrivers', '~> 4.4', require: false
 -  # RuboCop
 -  gem 'rubocop', '~> 1.12.0'

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index