[pkgsrc/trunk]: pkgsrc/textproc/ruby-nokogiri ruby-nokogiri: update to 1.13.6.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/textproc/ruby-nokogiri ruby-nokogiri: update to 1.13.6.
From: tsutsui <tsutsui%pkgsrc.org@localhost>
Date: Sat, 14 May 2022 16:48:57 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/37976c586ada
branches:  trunk
changeset: 379302:37976c586ada
user:      tsutsui <tsutsui%pkgsrc.org@localhost>
date:      Sat May 14 14:33:31 2022 +0000

description:
ruby-nokogiri: update to 1.13.6.

Upstream changes:
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.5

1.13.6 / 2022-05-08

Security

  * [CRuby] Address CVE-2022-29181, improper handling of unexpected data types,
    related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for
    more information.

Improvements

  * {HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise
    TypeError instead of segfaulting when an incorrect type is passed.


1.13.5 / 2022-05-04

Security

  * [CRuby] Vendored libxml2 is updated to address CVE-2022-29824. See
    GHSA-cgx6-hpwq-fhv5 for more information.

Dependencies

  * [CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

  * [CRuby] The libxml2 HTML4 parser no longer exhibits quadratic behavior when
    recovering some broken markup related to start-of-tag and bare <
    characters.

Changed

  * [CRuby] The libxml2 HTML4 parser in v2.9.14 recovers from some broken
    markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and
    incorrectly-opened comments will result in HTML text nodes starting with &
    lt;! instead of skipping the invalid tag. This behavior is a direct result
    of the quadratic-behavior fix noted above. The behavior of downstream
    sanitizers relying on this behavior will also change. Some tests describing
    the changed behavior are in test/html4/test_comments.rb.

diffstat:

 textproc/ruby-nokogiri/Makefile |  6 +++---
 textproc/ruby-nokogiri/PLIST    |  3 +--
 textproc/ruby-nokogiri/distinfo |  8 ++++----
 3 files changed, 8 insertions(+), 9 deletions(-)

diffs (50 lines):

diff -r 70bcb86e3903 -r 37976c586ada textproc/ruby-nokogiri/Makefile
--- a/textproc/ruby-nokogiri/Makefile   Sat May 14 13:59:27 2022 +0000
+++ b/textproc/ruby-nokogiri/Makefile   Sat May 14 14:33:31 2022 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.70 2022/04/16 14:28:18 tsutsui Exp $
+# $NetBSD: Makefile,v 1.71 2022/05/14 14:33:31 tsutsui Exp $
 
-DISTNAME=      nokogiri-1.13.4
+DISTNAME=      nokogiri-1.13.6
 CATEGORIES=    textproc
 
 MAINTAINER=    tsutsui%NetBSD.org@localhost
@@ -14,7 +14,7 @@
 USE_TOOLS+=            pkg-config
 MAKE_ENV+=             NOKOGIRI_USE_SYSTEM_LIBRARIES=yes
 RUBYGEM_OPTIONS+=      --format-executable
-OVERRIDE_GEMSPEC+=     :files ports/archives/libxml2-2.9.13.tar.gz= \
+OVERRIDE_GEMSPEC+=     :files ports/archives/libxml2-2.9.14.tar.gz= \
                        ports/archives/libxslt-1.1.35.tar.gz=
 
 # XXX: work around bug in bootstrap-mk-files, remove when fixed
diff -r 70bcb86e3903 -r 37976c586ada textproc/ruby-nokogiri/PLIST
--- a/textproc/ruby-nokogiri/PLIST      Sat May 14 13:59:27 2022 +0000
+++ b/textproc/ruby-nokogiri/PLIST      Sat May 14 14:33:31 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.36 2022/03/06 17:14:34 tsutsui Exp $
+@comment $NetBSD: PLIST,v 1.37 2022/05/14 14:33:31 tsutsui Exp $
 bin/nokogiri${RUBY_SUFFIX}
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_EXTSDIR}/gem.build_complete
@@ -175,6 +175,5 @@
 ${GEM_LIBDIR}/patches/libxml2/0006-update-automake-files-for-arm64.patch
 ${GEM_LIBDIR}/patches/libxml2/0008-htmlParseComment-handle-abruptly-closed-comments.patch
 ${GEM_LIBDIR}/patches/libxml2/0009-allow-wildcard-namespaces.patch
-${GEM_LIBDIR}/patches/libxml2/0010-Revert-Different-approach-to-fix-quadratic-behavior.patch
 ${GEM_LIBDIR}/patches/libxslt/0001-update-automake-files-for-arm64.patch
 ${GEM_HOME}/specifications/${GEM_NAME}.gemspec
diff -r 70bcb86e3903 -r 37976c586ada textproc/ruby-nokogiri/distinfo
--- a/textproc/ruby-nokogiri/distinfo   Sat May 14 13:59:27 2022 +0000
+++ b/textproc/ruby-nokogiri/distinfo   Sat May 14 14:33:31 2022 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.50 2022/04/16 14:28:18 tsutsui Exp $
+$NetBSD: distinfo,v 1.51 2022/05/14 14:33:31 tsutsui Exp $
 
-BLAKE2s (nokogiri-1.13.4.gem) = eeb5307c42870338c02c160081ac950686e759dda6517b2120a36ce8d96d71d9
-SHA512 (nokogiri-1.13.4.gem) = f2982819aa6d2bce87fc6e9d67e5b06a7f75c85d926eca306b2a13f00ec18c05650e510b1897610171901c891db8231e6ad850cad33d66e7f7a530b3869528af
-Size (nokogiri-1.13.4.gem) = 5492736 bytes
+BLAKE2s (nokogiri-1.13.6.gem) = faf40e01edf43045aa1f90041b1c3d82b8e08a1bfd60574dd3c963947417f7c9
+SHA512 (nokogiri-1.13.6.gem) = 1928b41b1e8f5e99792b8427b8228343d53deca56d472055b2afdf29d247637acc3403c5183be0f80e64b55ba20747a152ce5eebdaf90a4c431ca54010ce4b3f
+Size (nokogiri-1.13.6.gem) = 5379072 bytes

Prev by Date: [pkgsrc/trunk]: pkgsrc/databases/postgresql13-client postgresql13-client: Mar...
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated textproc/ruby-nokogiri to 1.13.6
Previous by Thread: [pkgsrc/trunk]: pkgsrc/databases/postgresql13-client postgresql13-client: Mar...
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated textproc/ruby-nokogiri to 1.13.6
Indexes:

Home | Main Index | Thread Index | Old Index