pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2021Q1]: pkgsrc/lang Pullup ticket #6443 - requested by taca
details: https://anonhg.NetBSD.org/pkgsrc/rev/75dab6b4d276
branches: pkgsrc-2021Q1
changeset: 450361:75dab6b4d276
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Thu Apr 15 07:10:45 2021 +0000
description:
Pullup ticket #6443 - requested by taca
lang/ruby26-base: security fix, bugfix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.227-1.228
- lang/ruby26-base/ALTERNATIVES 1.2
- lang/ruby26-base/Makefile 1.13
- lang/ruby26-base/PLIST 1.5
- lang/ruby26-base/distinfo 1.10
- lang/ruby26-base/patches/patch-configure 1.3
- lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 11 12:16:20 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
lang/ruby/rubyversion.mk: pass RUBY_RAILS_ACCEPTED
Pass RUBY_RAILS_ACCEPTED to MAKEFLAGS unless it isn't empty.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 11 12:28:38 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26-base: Makefile PLIST distinfo
pkgsrc/lang/ruby26-base/patches: patch-configure
Removed Files:
pkgsrc/lang/ruby26-base/patches: patch-lib_webrick_httprequest.rb
Log Message:
lang/ruby26-base: update to 2.6.7
Ruby 2.6.7 Released (2021-04-05)
This release includes security fixes. Please check the topics below for
details.
* CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in
WEBrick
* CVE-2021-28965: XML round-trip vulnerability in REXML
See the commit logs for details.
By this release, we end the normal maintenance phase of Ruby 2.6, and Ruby
2.6 enters the security maintenance phase. This means that we will no
longer backport any bug fixes to Ruby 2.6 except security fixes. The term
of the security maintenance phase is scheduled for a year. Ruby 2.6 reaches
EOL and its official support ends by the end of the security maintenance
phase. Therefore, we recommend that you start to plan upgrade to Ruby 2.7
or 3.0.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 11 13:00:25 UTC 2021
Modified Files:
pkgsrc/lang/ruby26-base: ALTERNATIVES
Log Message:
lang/ruby26-base: fix ALTERNATIVES file
diffstat:
lang/ruby/rubyversion.mk | 11 ++-
lang/ruby26-base/ALTERNATIVES | 3 +
lang/ruby26-base/Makefile | 3 +-
lang/ruby26-base/PLIST | 7 +-
lang/ruby26-base/distinfo | 13 ++--
lang/ruby26-base/patches/patch-configure | 41 ++++----------
lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb | 27 ---------
7 files changed, 33 insertions(+), 72 deletions(-)
diffs (275 lines):
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby/rubyversion.mk Thu Apr 15 07:10:45 2021 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.225.2.1 2021/04/15 07:04:00 bsiegert Exp $
+# $NetBSD: rubyversion.mk,v 1.225.2.2 2021/04/15 07:10:45 bsiegert Exp $
#
# This file determines which Ruby version is used as a dependency for
@@ -214,7 +214,7 @@
# current supported Ruby's version
RUBY25_VERSION= 2.5.9
-RUBY26_VERSION= 2.6.6
+RUBY26_VERSION= 2.6.7
RUBY27_VERSION= 2.7.2
RUBY30_VERSION= 3.0.0
@@ -330,7 +330,7 @@
RUBY_OSTRUCT_VERSION= 0.1.0
RUBY_PRIME_VERSION= 0.1.0
RUBY_PSYCH_VERSION= 3.1.0
-RUBY_REXML_VERSION= 3.1.9
+RUBY_REXML_VERSION= 3.1.9.1
RUBY_RSS_VERSION= 0.2.7
RUBY_SCANF_VERSION= 1.0.0
RUBY_SDBM_VERSION= 1.0.0
@@ -340,7 +340,7 @@
RUBY_SYNC_VERSION= 0.5.0
RUBY_THWAIT_VERSION= 0.1.0
RUBY_TRACER_VERSION= 0.1.0
-RUBY_WEBRICK_VERSION= 1.4.2
+RUBY_WEBRICK_VERSION= 1.4.4
RUBY_ZLIB_VERSION= 1.0.0
RUBY_SUFFIX= ${_RUBY_VER_MAJOR}${_RUBY_VER_MINOR}
@@ -612,6 +612,9 @@
MAKEFLAGS+= RUBY_VER=${RUBY_VER:Q} \
RUBY_VERSION_DEFAULT=${RUBY_VERSION_DEFAULT:Q}
+.if !empty(RUBY_RAILS_ACCEPTED)
+MAKEFLAGS+= RUBY_RAILS_ACCEPTED=${RUBY_RAILS_ACCEPTED}
+.endif
PLIST_RUBY_DIRS= RUBY_INC=${RUBY_INC:Q} RUBY_ARCHINC=${RUBY_ARCHINC:Q} \
RUBY_LIB_BASE=${RUBY_LIB_BASE:Q} \
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/ALTERNATIVES
--- a/lang/ruby26-base/ALTERNATIVES Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby26-base/ALTERNATIVES Thu Apr 15 07:10:45 2021 +0000
@@ -3,4 +3,7 @@
bin/erb @PREFIX@/bin/erb@RUBY_SUFFIX@
bin/gem @PREFIX@/bin/gem@RUBY_SUFFIX@
bin/irb @PREFIX@/bin/irb@RUBY_SUFFIX@
+bin/rake @PREFIX@/bin/rake@RUBY_SUFFIX@
+bin/rdoc @PREFIX@/bin/rdoc@RUBY_SUFFIX@
+bin/ri @PREFIX@/bin/ri@RUBY_SUFFIX@
bin/ruby @PREFIX@/bin/@RUBY_NAME@
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/Makefile
--- a/lang/ruby26-base/Makefile Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby26-base/Makefile Thu Apr 15 07:10:45 2021 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2021/02/14 15:31:02 taca Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2021/04/15 07:10:45 bsiegert Exp $
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION= 1
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/PLIST
--- a/lang/ruby26-base/PLIST Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby26-base/PLIST Thu Apr 15 07:10:45 2021 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2020/04/01 15:21:57 taca Exp $
+@comment $NetBSD: PLIST,v 1.4.8.1 2021/04/15 07:10:45 bsiegert Exp $
bin/bundle${RUBY_SUFFIX}
bin/bundler${RUBY_SUFFIX}
bin/erb${RUBY_SUFFIX}
@@ -910,9 +910,8 @@
${RUBY_LIB}/rubygems/spec_fetcher.rb
${RUBY_LIB}/rubygems/specification.rb
${RUBY_LIB}/rubygems/specification_policy.rb
-${RUBY_LIB}/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem
-${RUBY_LIB}/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem
-${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem
${RUBY_LIB}/rubygems/stub_specification.rb
${RUBY_LIB}/rubygems/syck_hack.rb
${RUBY_LIB}/rubygems/test_case.rb
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/distinfo
--- a/lang/ruby26-base/distinfo Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby26-base/distinfo Thu Apr 15 07:10:45 2021 +0000
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.9 2020/10/04 03:41:12 taca Exp $
+$NetBSD: distinfo,v 1.9.4.1 2021/04/15 07:10:45 bsiegert Exp $
-SHA1 (ruby-2.6.6.tar.xz) = 4dc8d4f7abc1d498b7bac68e82efc01a849f300f
-RMD160 (ruby-2.6.6.tar.xz) = 3091dc207ad5089305c105582e39f73ca9dfeb2b
-SHA512 (ruby-2.6.6.tar.xz) = 86caf93dbf61d03781767ab5375a7edf4761f13ba08ccfefe16c0a7550499237e7390c2f72a95d42670d4fe76b2401b4218936187c62ec1572799e9e04c50d62
-Size (ruby-2.6.6.tar.xz) = 11567284 bytes
-SHA1 (patch-configure) = d66204877531fe147361adf843819c3db6d40919
+SHA1 (ruby-2.6.7.tar.xz) = 1fd1448125a00cd7b9994637b5e561506de6a6d3
+RMD160 (ruby-2.6.7.tar.xz) = 25d606c0338322e96e61a9e7a5821b1a5e543261
+SHA512 (ruby-2.6.7.tar.xz) = ba6fc0a36af2a08cf1b008851e805f59ea1047724fc7b61d4bc674533b8f123cb12fa0969e9a3f57290477c0d75f974ca7e304836e4905bd96a737211df9bd21
+Size (ruby-2.6.7.tar.xz) = 11591404 bytes
+SHA1 (patch-configure) = ccfad7b5e35e87308e187e6c5fb3ffea57ad763d
SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e
SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
@@ -17,6 +17,5 @@
SHA1 (patch-lib_rubygems_install__update__options.rb) = 1e953b5a517a805fd7184e359fbc06e67a5ff9b3
SHA1 (patch-lib_rubygems_installer.rb) = bce2fe5bcc88ba15352c1e3017bdf97e19d0cbfa
SHA1 (patch-lib_rubygems_platform.rb) = 8608f9e29728101789a990d73b4a6780054dd278
-SHA1 (patch-lib_webrick_httprequest.rb) = 71d2d01e27d23aa5f0b7bc77f2cda1fd85aeeab4
SHA1 (patch-test_rubygems_test__gem.rb) = 80d646b95df81bacca6d277d2801dba16df291f5
SHA1 (patch-thread__pthread.c) = ce3dfbc7e953cdd04522bcc8e443b60e541845ce
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/patches/patch-configure
--- a/lang/ruby26-base/patches/patch-configure Thu Apr 15 07:04:00 2021 +0000
+++ b/lang/ruby26-base/patches/patch-configure Thu Apr 15 07:10:45 2021 +0000
@@ -1,15 +1,14 @@
-$NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
+$NetBSD: patch-configure,v 1.2.18.1 2021/04/15 07:10:45 bsiegert Exp $
* Adding Interix support.
* Ignore doxygen.
* Ignore VCS.
* Handle SSP in pkgsrc.
* Put -std= in CFLAGS not CPPFLAGS.
-* Fix argument for pthread_self() on NetBSD.
---- configure.orig 2019-01-30 10:41:14.000000000 +0000
+--- configure.orig 2021-04-05 11:48:36.000000000 +0000
+++ configure
-@@ -6048,7 +6048,7 @@ else
+@@ -6064,7 +6064,7 @@ else
if test x"$target_alias" = x; then :
case "$target_os" in #(
@@ -18,7 +17,7 @@
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for real target cpu" >&5
$as_echo_n "checking for real target cpu... " >&6; }
-@@ -8393,6 +8393,7 @@ fi
+@@ -8431,6 +8431,7 @@ fi
stack_protector=no
;; #(
*) :
@@ -26,7 +25,7 @@
;;
esac
if test -z "${stack_protector+set}"; then :
-@@ -10239,6 +10240,10 @@ esac
+@@ -10277,6 +10278,10 @@ esac
ac_cv_func___builtin_setjmp=no
;; #(
@@ -37,7 +36,7 @@
*) :
;;
esac
-@@ -21600,6 +21605,8 @@ else
+@@ -21638,6 +21643,8 @@ else
# ifdef _MSC_VER
# include <malloc.h>
# define alloca _alloca
@@ -46,21 +45,7 @@
# else
# ifdef HAVE_ALLOCA_H
# include <alloca.h>
-@@ -26151,11 +26158,11 @@ if ${rb_cv_func_pthread_setname_np_argum
- else
- rb_cv_func_pthread_setname_np_arguments=
- # Linux,AIX, (pthread_self(), name)
-- # NetBSD (pthread_self(), name, \"%s\")
-+ # NetBSD (pthread_self(), \"%s\", name)
- # Darwin (name)
- for mac in \
- "(pthread_self(), name)" \
-- "(pthread_self(), name, \"%s\")" \
-+ "(pthread_self(), \"%s\", name)" \
- "(name)" \
- ; do
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -26749,7 +26756,9 @@ fi
+@@ -26842,7 +26849,9 @@ fi
interix*) :
: ${LDSHARED='$(CC) -shared'}
XLDFLAGS="$XLDFLAGS -Wl,-E"
@@ -70,7 +55,7 @@
rb_cv_dlopen=yes ;; #(
freebsd*|dragonfly*) :
-@@ -27991,7 +28000,7 @@ fi
+@@ -28084,7 +28093,7 @@ fi
;; #(
freebsd*|dragonfly*) :
@@ -79,7 +64,7 @@
LIBRUBY_SONAME='$(LIBRUBY_SO)'
if test "$rb_cv_binary_elf" != "yes" ; then :
-@@ -28070,9 +28079,10 @@ esac
+@@ -28163,9 +28172,10 @@ esac
;; #(
darwin*) :
@@ -92,7 +77,7 @@
if test "$load_relative" = yes; then :
libprefix="@executable_path/../${libdir_basename}"
-@@ -28093,7 +28103,12 @@ fi
+@@ -28186,7 +28196,12 @@ fi
;; #(
interix*) :
@@ -106,7 +91,7 @@
;; #(
mingw*|cygwin*|mswin*) :
-@@ -28275,7 +28290,7 @@ if test "$enable_rpath" = yes; then :
+@@ -28368,7 +28383,7 @@ if test "$enable_rpath" = yes; then :
esac
rpathflag=`IFS="$PATH_SEPARATOR"
echo x "$rpathflag" |
@@ -115,7 +100,7 @@
`
LIBRUBY_RPATHFLAGS="$LIBRUBY_RPATHFLAGS${rpathflag}"
LIBRUBYARG_SHARED="$LIBRUBY_RPATHFLAGS $LIBRUBYARG_SHARED"
-@@ -28817,15 +28832,7 @@ fi
+@@ -28910,15 +28925,7 @@ fi
if test "$install_doc" != no; then :
@@ -132,7 +117,7 @@
if test "$install_capi" != no -a -n "$DOXYGEN"; then :
CAPITARGET="capi"
-@@ -30979,31 +30988,7 @@ which seems to be undefined. Please mak
+@@ -31072,31 +31079,7 @@ which seems to be undefined. Please mak
"Makefile":F)
tmpmk=confmk$$.tmp
{
diff -r a9f93ba8b9ba -r 75dab6b4d276 lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb
--- a/lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb Thu Apr 15 07:04:00 2021 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,27 +0,0 @@
-$NetBSD: patch-lib_webrick_httprequest.rb,v 1.1 2020/10/04 03:41:12 taca Exp $
-
-Add fix for CVE-2020-25613.
-
---- lib/webrick/httprequest.rb.orig 2020-03-31 11:23:13.000000000 +0000
-+++ lib/webrick/httprequest.rb
-@@ -226,9 +226,9 @@ module WEBrick
- raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
- end
-
-- if /close/io =~ self["connection"]
-+ if /\Aclose\z/io =~ self["connection"]
- @keep_alive = false
-- elsif /keep-alive/io =~ self["connection"]
-+ elsif /\Akeep-alive\z/io =~ self["connection"]
- @keep_alive = true
- elsif @http_version < "1.1"
- @keep_alive = false
-@@ -503,7 +503,7 @@ module WEBrick
- return unless socket
- if tc = self['transfer-encoding']
- case tc
-- when /chunked/io then read_chunked(socket, block)
-+ when /\Achunked\z/io then read_chunked(socket, block)
- else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
- end
- elsif self['content-length'] || @remaining_size
Home |
Main Index |
Thread Index |
Old Index