pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2022Q4] pkgsrc/www/ruby-rails-html-sanitizer
Module Name: pkgsrc
Committed By: bsiegert
Date: Sun Jan 15 19:57:02 UTC 2023
Modified Files:
pkgsrc/www/ruby-rails-html-sanitizer [pkgsrc-2022Q4]: Makefile distinfo
Log Message:
Pullup ticket #6722 - requested by taca
www/ruby-rails-html-sanitizer: security fix
Revisions pulled up:
- www/ruby-rails-html-sanitizer/Makefile 1.6
- www/ruby-rails-html-sanitizer/distinfo 1.8
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 3 15:19:14 UTC 2023
Modified Files:
pkgsrc/www/ruby-rails-html-sanitizer: Makefile distinfo
Log Message:
www/ruby-rails-html-sanitizer: update to 1.4.4
1.4.4 (2022-12-13)
* Address inefficient regular expression complexity with certain
configurations of Rails::Html::Sanitizer.
Fixes CVE-2022-23517. See GHSA-5x79-w82f-gw8w for more information.
Mike Dalessio
* Address improper sanitization of data URIs.
Fixes CVE-2022-23518 and #135. See GHSA-mcvf-2q2m-x72m for more information.
Mike Dalessio
* Address possible XSS vulnerability with certain configurations of
Rails::Html::Sanitizer.
Fixes CVE-2022-23520. See GHSA-rrfc-7g8p-99q8 for more information.
Mike Dalessio
* Address possible XSS vulnerability with certain configurations of
Rails::Html::Sanitizer.
Fixes CVE-2022-23519. See GHSA-9h9g-93gc-623h for more information.
Mike Dalessio
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.5.6.1 pkgsrc/www/ruby-rails-html-sanitizer/Makefile
cvs rdiff -u -r1.7 -r1.7.6.1 pkgsrc/www/ruby-rails-html-sanitizer/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/ruby-rails-html-sanitizer/Makefile
diff -u pkgsrc/www/ruby-rails-html-sanitizer/Makefile:1.5 pkgsrc/www/ruby-rails-html-sanitizer/Makefile:1.5.6.1
--- pkgsrc/www/ruby-rails-html-sanitizer/Makefile:1.5 Sun Jun 12 12:20:11 2022
+++ pkgsrc/www/ruby-rails-html-sanitizer/Makefile Sun Jan 15 19:57:02 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.5 2022/06/12 12:20:11 taca Exp $
+# $NetBSD: Makefile,v 1.5.6.1 2023/01/15 19:57:02 bsiegert Exp $
-DISTNAME= rails-html-sanitizer-1.4.3
+DISTNAME= rails-html-sanitizer-1.4.4
CATEGORIES= www
MAINTAINER= minskim%NetBSD.org@localhost
@@ -8,7 +8,7 @@ HOMEPAGE= https://github.com/rails/rails
COMMENT= HTML sanitizer for Rails applications
LICENSE= mit
-DEPENDS+= ${RUBY_PKGPREFIX}-loofah>=2.3<3:../../www/ruby-loofah
+DEPENDS+= ${RUBY_PKGPREFIX}-loofah>=2.19<3:../../www/ruby-loofah
USE_LANGUAGES= # empty
Index: pkgsrc/www/ruby-rails-html-sanitizer/distinfo
diff -u pkgsrc/www/ruby-rails-html-sanitizer/distinfo:1.7 pkgsrc/www/ruby-rails-html-sanitizer/distinfo:1.7.6.1
--- pkgsrc/www/ruby-rails-html-sanitizer/distinfo:1.7 Sun Jun 12 12:20:11 2022
+++ pkgsrc/www/ruby-rails-html-sanitizer/distinfo Sun Jan 15 19:57:02 2023
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.7 2022/06/12 12:20:11 taca Exp $
+$NetBSD: distinfo,v 1.7.6.1 2023/01/15 19:57:02 bsiegert Exp $
-BLAKE2s (rails-html-sanitizer-1.4.3.gem) = 110fc5e7b2557d3a8bb7d2424b072e62f7bb9d4dd6d5d6625c4033250a25626a
-SHA512 (rails-html-sanitizer-1.4.3.gem) = ead339d8ed5aefa737298d886a0db3c353254cfa57bdee7d2011f596ed2871dcad3bd16561728da2447e239fcaa908256bb6436493462bca6310a17a3812ffd9
-Size (rails-html-sanitizer-1.4.3.gem) = 17920 bytes
+BLAKE2s (rails-html-sanitizer-1.4.4.gem) = 36684c6c71abd83aa775f2d14d6ca7e24ac934bf3ca657f06981824b32ce9bf0
+SHA512 (rails-html-sanitizer-1.4.4.gem) = 9a6671334967078f744296ca273a8b44c0071d04c841fe626333bbb62c252b6688b5559079a47cda540f06bd35c924ede8d9ef092c775dfab55e2673137fc05b
+Size (rails-html-sanitizer-1.4.4.gem) = 18432 bytes
Home |
Main Index |
Thread Index |
Old Index