CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Thu, 29 Mar 2018 03:06:57 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Thu Mar 29 03:06:57 UTC 2018

Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby25-base: Makefile distinfo

Log Message:
lang/ruby25-base: update to 2.5.1, security release

Ruby 2.5.1 Released                             Posted by naruse on 28 Mar 2018

Ruby 2.5.1 has been released.

This release includes some bug fixes and some security fixes.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

There are also some bug fixes. See commit logs for more details.


To generate a diff of this commit:
cvs rdiff -u -r1.192 -r1.193 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/ruby25-base/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby25-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.192 pkgsrc/lang/ruby/rubyversion.mk:1.193
--- pkgsrc/lang/ruby/rubyversion.mk:1.192       Thu Mar 29 03:04:47 2018
+++ pkgsrc/lang/ruby/rubyversion.mk     Thu Mar 29 03:06:57 2018
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.192 2018/03/29 03:04:47 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.193 2018/03/29 03:06:57 taca Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -217,7 +217,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
 RUBY22_VERSION=                2.2.9
 RUBY23_VERSION=                2.3.6
 RUBY24_VERSION=                2.4.4
-RUBY25_VERSION=                2.5.0
+RUBY25_VERSION=                2.5.1
 
 # current API compatible version; used for version of shared library
 RUBY22_API_VERSION=    2.2.0

Index: pkgsrc/lang/ruby25-base/Makefile
diff -u pkgsrc/lang/ruby25-base/Makefile:1.4 pkgsrc/lang/ruby25-base/Makefile:1.5
--- pkgsrc/lang/ruby25-base/Makefile:1.4        Mon Feb 19 16:47:17 2018
+++ pkgsrc/lang/ruby25-base/Makefile    Thu Mar 29 03:06:57 2018
@@ -1,15 +1,10 @@
-# $NetBSD: Makefile,v 1.4 2018/02/19 16:47:17 taca Exp $
+# $NetBSD: Makefile,v 1.5 2018/03/29 03:06:57 taca Exp $
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=   2
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 
-PATCH_SITES=   https://bugs.ruby-lang.org/attachments/download/7027/
-PATCHFILES=    rubygems-276-for-ruby25.patch
-PATCH_DIST_STRIP=      -p0
-
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
 COMMENT=       Ruby ${RUBY_VERSION} release minimum base package

Index: pkgsrc/lang/ruby25-base/distinfo
diff -u pkgsrc/lang/ruby25-base/distinfo:1.5 pkgsrc/lang/ruby25-base/distinfo:1.6
--- pkgsrc/lang/ruby25-base/distinfo:1.5        Mon Feb 19 16:47:17 2018
+++ pkgsrc/lang/ruby25-base/distinfo    Thu Mar 29 03:06:57 2018
@@ -1,13 +1,9 @@
-$NetBSD: distinfo,v 1.5 2018/02/19 16:47:17 taca Exp $
+$NetBSD: distinfo,v 1.6 2018/03/29 03:06:57 taca Exp $
 
-SHA1 (ruby-2.5.0.tar.bz2) = 827b9a3bcffa86d1fc9ed96d403cb9dc37731688
-RMD160 (ruby-2.5.0.tar.bz2) = e09d8b3f89d3b494231026cf1295c5bf5da794e5
-SHA512 (ruby-2.5.0.tar.bz2) = 8f6fdf6708e7470f55bc009db2567cd8d4e633ad0678d83a015441ecf5b5d88bd7da8fb8533a42157ff83b74d00b6dc617d39bbb17fc2c6c12287a1d8eaa0f2c
-Size (ruby-2.5.0.tar.bz2) = 13955820 bytes
-SHA1 (rubygems-276-for-ruby25.patch) = 3fe8a6a0307ea2e3f029a0dc5f8113583ccbb241
-RMD160 (rubygems-276-for-ruby25.patch) = 8177f1c9a7900b0a797b563be0e51c37f03962d8
-SHA512 (rubygems-276-for-ruby25.patch) = 83db7e4cc2c9b4f793cc9ecf1a2c3b37c55ca7dff6515ca7e6f4b5d797d3fa111b11b1c8eb11578c05078c61d4d37198e5ee382f4d9f910a01283dbb74432b7d
-Size (rubygems-276-for-ruby25.patch) = 79238 bytes
+SHA1 (ruby-2.5.1.tar.bz2) = 251fdb5ac10783b036fe923aa7986be582062361
+RMD160 (ruby-2.5.1.tar.bz2) = a4cd4e9b38103d65da2954681d5d0c34b17b69ae
+SHA512 (ruby-2.5.1.tar.bz2) = 82e799ecf7257a9f5fe8691c50a478b0f91bd4bdca50341c839634b0da5cd76c5556965cb9437264b66438434c94210c949fe9dab88cbc5b3b7fa34b5382659b
+Size (ruby-2.5.1.tar.bz2) = 14000644 bytes
 SHA1 (patch-configure) = 965f31ec3ae2fb91479f02cb3b19ea7518685718
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e

Prev by Date: CVS commit: pkgsrc/lang
Next by Date: CVS commit: pkgsrc/lang
Previous by Thread: CVS commit: pkgsrc/lang
Next by Thread: CVS commit: pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index