pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/devel/ruby-redmine42



Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Jun 22 15:39:58 UTC 2022

Modified Files:
        pkgsrc/devel/ruby-redmine42: Makefile PLIST distinfo

Log Message:
devel/ruby-redmin42: update to 4.2.7

>From release announce on 2022-06-21:

Redmine 4.2.7 and 5.0.2 have been released and are available for download,
you can review the changes in the Changelog.

These maintenance releases fixes some important issues and multiple security
fixes that were found in the latest Redmine 4.2.* and 5.0.* versions.

Security:

1. Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in
   order to fix a remote code execution vulnerability.  Because the fixed
   version of the gem doesn't support Ruby 2.5, those instances that are
   using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to
   update Ruby version to at least 2.6 because it's the only way to get the
   update and the fix.  Also, the next major Redmine version (5.1.0) already
   dropped support for Ruby 2.5 (#37159).

2. Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities

3. Fixes unauthorised Information Leak in QueryAssociationColumn and
   QueryAssociationCustomFieldColumn when the user has no permission to view
   on the associated object

Many thanks to Liane Hampe and Felix Schäfer for reporting these security
issues and to Holger Just and Felix Schäfer for their work on fixing all
these issues.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/devel/ruby-redmine42/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/ruby-redmine42/PLIST
cvs rdiff -u -r1.9 -r1.10 pkgsrc/devel/ruby-redmine42/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/devel/ruby-redmine42/Makefile
diff -u pkgsrc/devel/ruby-redmine42/Makefile:1.10 pkgsrc/devel/ruby-redmine42/Makefile:1.11
--- pkgsrc/devel/ruby-redmine42/Makefile:1.10   Wed Jun 15 14:22:55 2022
+++ pkgsrc/devel/ruby-redmine42/Makefile        Wed Jun 22 15:39:58 2022
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.10 2022/06/15 14:22:55 taca Exp $
+# $NetBSD: Makefile,v 1.11 2022/06/22 15:39:58 taca Exp $
 
 DISTNAME=      redmine-${RM_VERSION}
 PKGNAME=       ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/}
@@ -12,7 +12,7 @@ LICENSE=      gnu-gpl-v2 # and so on.
 
 USE_TOOLS+=    pax
 
-RM_VERSION=    4.2.6
+RM_VERSION=    4.2.7
 
 NO_BUILD=      yes
 

Index: pkgsrc/devel/ruby-redmine42/PLIST
diff -u pkgsrc/devel/ruby-redmine42/PLIST:1.2 pkgsrc/devel/ruby-redmine42/PLIST:1.3
--- pkgsrc/devel/ruby-redmine42/PLIST:1.2       Sun Apr  3 05:36:02 2022
+++ pkgsrc/devel/ruby-redmine42/PLIST   Wed Jun 22 15:39:58 2022
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2022/04/03 05:36:02 taca Exp $
+@comment $NetBSD: PLIST,v 1.3 2022/06/22 15:39:58 taca Exp $
 bin/redmine42_generate_secret_token${RUBY_SUFFIX}.sh
 bin/redmine42_load_default_data${RUBY_SUFFIX}.sh
 bin/redmine42_migrate_db${RUBY_SUFFIX}.sh
@@ -1613,7 +1613,7 @@ share/${RUBY_NAME}-redmine42/public/java
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-vi.js
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-zh-CN.js
 share/${RUBY_NAME}-redmine42/public/javascripts/i18n/datepicker-zh-TW.js
-share/${RUBY_NAME}-redmine42/public/javascripts/jquery-3.5.1-ui-1.12.1-ujs-5.2.4.5.js
+share/${RUBY_NAME}-redmine42/public/javascripts/jquery-3.6.0-ui-1.13.1-ujs-5.2.4.5.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jquery-migrate-3.3.2.min.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jstoolbar/jstoolbar.js
 share/${RUBY_NAME}-redmine42/public/javascripts/jstoolbar/lang/jstoolbar-ar.js
@@ -1685,7 +1685,7 @@ share/${RUBY_NAME}-redmine42/public/styl
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_777777_256x240.png
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_cc0000_256x240.png
 share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/images/ui-icons_ffffff_256x240.png
-share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/jquery-ui-1.12.1.css
+share/${RUBY_NAME}-redmine42/public/stylesheets/jquery/jquery-ui-1.13.1.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/jstoolbar.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/responsive.css
 share/${RUBY_NAME}-redmine42/public/stylesheets/rtl.css

Index: pkgsrc/devel/ruby-redmine42/distinfo
diff -u pkgsrc/devel/ruby-redmine42/distinfo:1.9 pkgsrc/devel/ruby-redmine42/distinfo:1.10
--- pkgsrc/devel/ruby-redmine42/distinfo:1.9    Wed Jun 15 14:22:55 2022
+++ pkgsrc/devel/ruby-redmine42/distinfo        Wed Jun 22 15:39:58 2022
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.9 2022/06/15 14:22:55 taca Exp $
+$NetBSD: distinfo,v 1.10 2022/06/22 15:39:58 taca Exp $
 
-BLAKE2s (redmine-4.2.6.tar.gz) = 3e87ec7b1a4568d0d46cc8868d3ecd8481687411fce813eb50e50f5e0a7058de
-SHA512 (redmine-4.2.6.tar.gz) = 4071783917627927c0239cd3fefbc04a48706c28cd63b7fb09b5d234698b5847cc66f27dd717ee8d144385174471361b73b781799f02b73a49e141a6cbdd4077
-Size (redmine-4.2.6.tar.gz) = 3041632 bytes
+BLAKE2s (redmine-4.2.7.tar.gz) = 3e692c8190c896d0f40deb94a709494448622d68a03531323effdc015af0d8ad
+SHA512 (redmine-4.2.7.tar.gz) = 6654aec3981de8b26de416d253c22c91d881dd7df54192ce41e6e99213c6f4b0947ce213fe484c18117f8701d0528ebb23fe3acf335f84638eeddd972b601be9
+Size (redmine-4.2.7.tar.gz) = 3042676 bytes
 SHA1 (patch-Gemfile) = 45289d38e0209c7393c199e5e915afca8f25fb7b
 SHA1 (patch-lib_tasks_initializers.rake) = 73c4594c94abd28e628bbd172565b161f0e54fff



Home | Main Index | Thread Index | Old Index