[pkgsrc/pkgsrc-2021Q3]: pkgsrc/lang Pullup ticket #6546 - requested by taca

[tm <tm%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2cb5a6a5b42e
branches:  pkgsrc-2021Q3
changeset: 770218:2cb5a6a5b42e
user:      tm <tm%pkgsrc.org@localhost>
date:      Sat Nov 27 22:02:59 2021 +0000

description:
Pullup ticket #6546 - requested by taca
lang/ruby27-base: security fix

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.239
- lang/ruby27-base/PLIST                                        1.5
- lang/ruby27-base/distinfo                                     1.9

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Nov 25 16:01:18 UTC 2021

   Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby27-base: PLIST distinfo

   Log Message:
   lang/ruby27-base: update to 2.7.5

   Ruby 2.7.5 Released
   Posted by usa on 24 Nov 2021

   Ruby 2.7.5 has been released.

   This release includes security fixes.  Please check the topics below for
   details.

   * CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
     Parsing Methods

   * CVE-2021-41816: Buffer Overrun in CGI.escape_html

   * CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse

   See the commit logs for details.

diffstat:

 lang/ruby/rubyversion.mk  |   8 ++++----
 lang/ruby27-base/PLIST    |  12 ++----------
 lang/ruby27-base/distinfo |  10 +++++-----
 3 files changed, 11 insertions(+), 19 deletions(-)

diffs (87 lines):

diff -r 351bff9e7016 -r 2cb5a6a5b42e lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk  Sat Nov 27 21:53:48 2021 +0000
+++ b/lang/ruby/rubyversion.mk  Sat Nov 27 22:02:59 2021 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.237.2.1 2021/11/27 21:53:13 tm Exp $
+# $NetBSD: rubyversion.mk,v 1.237.2.2 2021/11/27 22:02:59 tm Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -214,7 +214,7 @@
 
 # current supported Ruby's version
 RUBY26_VERSION=                2.6.9
-RUBY27_VERSION=                2.7.4
+RUBY27_VERSION=                2.7.5
 RUBY30_VERSION=                3.0.2
 
 # current API compatible version; used for version of shared library
@@ -338,7 +338,7 @@
 RUBY_XML_RPC_VERSION=          0.3.0
 
 # bundled extensions
-RUBY_DATE_VERSION=             3.0.0
+RUBY_DATE_VERSION=             3.0.3
 RUBY_DBM_VERSION=              1.1.0
 RUBY_ETC_VERSION=              1.1.0
 RUBY_FCNTL_VERSION=            1.0.0
@@ -358,7 +358,7 @@
 RUBY_LOGGER_VERSION=           1.4.2
 RUBY_MATRIX_VERSION=           0.2.0
 RUBY_MUTEX_M_VERSION=          0.1.0
-RUBY_OPENSSL_VERSION=          2.1.2
+RUBY_OPENSSL_VERSION=          2.1.3
 RUBY_OSTRUCT_VERSION=          0.2.0
 RUBY_PRIME_VERSION=            0.1.1
 RUBY_PSYCH_VERSION=            3.1.0
diff -r 351bff9e7016 -r 2cb5a6a5b42e lang/ruby27-base/PLIST
--- a/lang/ruby27-base/PLIST    Sat Nov 27 21:53:48 2021 +0000
+++ b/lang/ruby27-base/PLIST    Sat Nov 27 22:02:59 2021 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2021/04/11 12:32:03 taca Exp $
+@comment $NetBSD: PLIST,v 1.4.4.1 2021/11/27 22:02:59 tm Exp $
 bin/bundle${RUBY_SUFFIX}
 bin/bundler${RUBY_SUFFIX}
 bin/erb${RUBY_SUFFIX}
@@ -348,14 +348,6 @@
 ${RUBY_LIB}/drb/unix.rb
 ${RUBY_LIB}/drb/weakidconv.rb
 ${RUBY_LIB}/erb.rb
-${RUBY_LIB}/exe/bundle
-${RUBY_LIB}/exe/bundler
-${RUBY_LIB}/exe/irb
-${RUBY_LIB}/exe/racc
-${RUBY_LIB}/exe/racc2y
-${RUBY_LIB}/exe/rdoc
-${RUBY_LIB}/exe/ri
-${RUBY_LIB}/exe/y2racc
 ${RUBY_LIB}/expect.rb
 ${RUBY_LIB}/fileutils.rb
 ${RUBY_LIB}/find.rb
@@ -1475,7 +1467,7 @@
 ${GEM_HOME}/specifications/default/benchmark-0.1.0.gemspec
 ${GEM_HOME}/specifications/default/bigdecimal-${RUBY_BIGDECIMAL_VERSION}.gemspec
 ${GEM_HOME}/specifications/default/bundler-${RUBY_BUNDLER_VERSION}.gemspec
-${GEM_HOME}/specifications/default/cgi-0.1.0.gemspec
+${GEM_HOME}/specifications/default/cgi-0.1.0.1.gemspec
 ${GEM_HOME}/specifications/default/csv-${RUBY_CSV_VERSION}.gemspec
 ${GEM_HOME}/specifications/default/date-${RUBY_DATE_VERSION}.gemspec
 ${GEM_HOME}/specifications/default/dbm-${RUBY_DBM_VERSION}.gemspec
diff -r 351bff9e7016 -r 2cb5a6a5b42e lang/ruby27-base/distinfo
--- a/lang/ruby27-base/distinfo Sat Nov 27 21:53:48 2021 +0000
+++ b/lang/ruby27-base/distinfo Sat Nov 27 22:02:59 2021 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.5 2021/07/07 15:23:08 taca Exp $
+$NetBSD: distinfo,v 1.5.2.1 2021/11/27 22:02:59 tm Exp $
 
-SHA1 (ruby-2.7.4.tar.xz) = 6e044d835f9f432cfa9441241c1ef66e3d607cbf
-RMD160 (ruby-2.7.4.tar.xz) = 6df300c44653c3c2ba0bff4f84da71cd4bc084a1
-SHA512 (ruby-2.7.4.tar.xz) = 2cbb70ecfdd69120e789023ddb2b25cab0d03bc33fdc367a8f74ca8a3ee785c18c8ded9de3ecee627c7e275ffb85147e6abf921b6a61e31851b37c7fedf45bf9
-Size (ruby-2.7.4.tar.xz) = 12067588 bytes
+SHA1 (ruby-2.7.5.tar.xz) = 1d04fbf24150eaa1297a7ef4c7057ec0a9dca527
+RMD160 (ruby-2.7.5.tar.xz) = 6e62a7c30ea1295f0c5b9ec56027c1828ed72d89
+SHA512 (ruby-2.7.5.tar.xz) = 21c8a713e3ce115fc4c405113ac691ddcefc3419f528b93ca1ac59e7052c1b6e9e241da0e570e291e567f28f3d840824dbcc5967b216cbe7d6ca7a05580fa311
+Size (ruby-2.7.5.tar.xz) = 12072980 bytes
 SHA1 (patch-configure) = 5ee800f6824b18efd06e56a659235ea784819f2e
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335