CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Thu, 25 Apr 2024 15:06:11 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Thu Apr 25 15:06:11 UTC 2024

Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby32-base: Makefile distinfo
Removed Files:
        pkgsrc/lang/ruby32-base/patches: patch-lib_rdoc_store.rb
            patch-lib_rdoc_version.rb

Log Message:
lang/ruby32-base: update to 3.2.4

This is security release.  Note CVE-2024-27280 and CVE-2024-27281 were
already fixed by ruby31-base-3.2.3nb3.

3.2.4 (2024-04-23)

* CVE-2024-27282: Arbitrary memory address read vulnerability with Regex
  search
* CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
* CVE-2024-27280: Buffer overread vulnerability in StringIO


To generate a diff of this commit:
cvs rdiff -u -r1.276 -r1.277 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/ruby32-base/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/ruby32-base/distinfo
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/lang/ruby32-base/patches/patch-lib_rdoc_store.rb \
    pkgsrc/lang/ruby32-base/patches/patch-lib_rdoc_version.rb

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.276 pkgsrc/lang/ruby/rubyversion.mk:1.277
--- pkgsrc/lang/ruby/rubyversion.mk:1.276       Thu Apr 25 14:51:53 2024
+++ pkgsrc/lang/ruby/rubyversion.mk     Thu Apr 25 15:06:11 2024
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.276 2024/04/25 14:51:53 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.277 2024/04/25 15:06:11 taca Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -214,7 +214,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
 
 # current supported Ruby's version
 RUBY31_VERSION=                3.1.5
-RUBY32_VERSION=                3.2.3
+RUBY32_VERSION=                3.2.4
 RUBY33_VERSION=                3.3.0
 
 # current API compatible version; used for version of shared library

Index: pkgsrc/lang/ruby32-base/Makefile
diff -u pkgsrc/lang/ruby32-base/Makefile:1.8 pkgsrc/lang/ruby32-base/Makefile:1.9
--- pkgsrc/lang/ruby32-base/Makefile:1.8        Sat Mar 23 14:47:12 2024
+++ pkgsrc/lang/ruby32-base/Makefile    Thu Apr 25 15:06:11 2024
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2024/03/23 14:47:12 taca Exp $
+# $NetBSD: Makefile,v 1.9 2024/04/25 15:06:11 taca Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=   1
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 

Index: pkgsrc/lang/ruby32-base/distinfo
diff -u pkgsrc/lang/ruby32-base/distinfo:1.7 pkgsrc/lang/ruby32-base/distinfo:1.8
--- pkgsrc/lang/ruby32-base/distinfo:1.7        Sat Mar 23 14:47:12 2024
+++ pkgsrc/lang/ruby32-base/distinfo    Thu Apr 25 15:06:11 2024
@@ -1,16 +1,14 @@
-$NetBSD: distinfo,v 1.7 2024/03/23 14:47:12 taca Exp $
+$NetBSD: distinfo,v 1.8 2024/04/25 15:06:11 taca Exp $
 
-BLAKE2s (ruby-3.2.3.tar.xz) = 19e7b48f2d1790297e731bcc624e40f2fc6c0bca522f727d4b051f1eb790f256
-SHA512 (ruby-3.2.3.tar.xz) = d2a1897c2f4e801a28acb869322abfee76775115016252cecad90639485ed51deda1446cb16edb387f10a2e188602d646ef9b008b57f27bd745071277c535f3b
-Size (ruby-3.2.3.tar.xz) = 15163960 bytes
+BLAKE2s (ruby-3.2.4.tar.xz) = 7e70feebf7b4b48b277a117045269b1e22c17e0d9dd94280ac5f1716c8e9605e
+SHA512 (ruby-3.2.4.tar.xz) = fb0af37be4b6ad7b98ab9f8a508952238ee68b5828e3926331e4db52e2ebc1e6046f31114069322db0cd3bea7c9b82ace91c8564573ddcfa1f960877b237dbff
+Size (ruby-3.2.4.tar.xz) = 15175656 bytes
 SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
 SHA1 (patch-configure) = f3a143eda324bdfcaab51ee44274eaa445cf2767
 SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890
 SHA1 (patch-include_ruby_internal_static__assert.h) = 7d5c3ae7ff674b9b34639924fcf08237164de9f8
 SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335
 SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
-SHA1 (patch-lib_rdoc_store.rb) = b72582d5e3a21fb7e87db8f2b743bc8fb09cf04d
-SHA1 (patch-lib_rdoc_version.rb) = 3f96abdf5fe2ef1f9a1d111eeba1394bf3ca12e8
 SHA1 (patch-lib_rubygems.rb) = 060549c43b84f73c77432a72cdcf22941be4eb17
 SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 66c475a5308deb2ed5096b88cf65549732f87421
 SHA1 (patch-lib_rubygems_config__file.rb) = 1da55a32d931f91321636401e94d89f78f9fa622

Prev by Date: CVS commit: pkgsrc/audio/forked-daapd
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/audio/forked-daapd
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index