pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 25 14:51:54 UTC 2024
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby31-base: Makefile distinfo
Removed Files:
pkgsrc/lang/ruby31-base/patches: patch-ext_stringio_stringio.c
patch-lib_rdoc_store.rb patch-lib_rdoc_version.rb
patch-lib_uri_rfc2396__parser.rb patch-lib_uri_rfc3986__parser.rb
patch-lib_uri_version.rb patch-test_stringio_test__stringio.rb
Log Message:
lang/ruby31-base: update to 3.1.5
This is security release. Note CVE-2024-27280 and CVE-2024-27281 were
already fixed by ruby31-base-3.1.4nb3.
3.1.5 (2024-04-23)
Security release.
* CVE-2024-27282: Arbitrary memory address read vulnerability with Regex
search
* CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
* CVE-2024-27280: Buffer overread vulnerability in StringIO
To generate a diff of this commit:
cvs rdiff -u -r1.275 -r1.276 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.13 -r1.14 pkgsrc/lang/ruby31-base/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/lang/ruby31-base/distinfo
cvs rdiff -u -r1.1 -r0 \
pkgsrc/lang/ruby31-base/patches/patch-ext_stringio_stringio.c \
pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_store.rb \
pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_version.rb \
pkgsrc/lang/ruby31-base/patches/patch-lib_uri_rfc2396__parser.rb \
pkgsrc/lang/ruby31-base/patches/patch-lib_uri_rfc3986__parser.rb \
pkgsrc/lang/ruby31-base/patches/patch-lib_uri_version.rb \
pkgsrc/lang/ruby31-base/patches/patch-test_stringio_test__stringio.rb
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.275 pkgsrc/lang/ruby/rubyversion.mk:1.276
--- pkgsrc/lang/ruby/rubyversion.mk:1.275 Sat Mar 23 15:15:51 2024
+++ pkgsrc/lang/ruby/rubyversion.mk Thu Apr 25 14:51:53 2024
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.275 2024/03/23 15:15:51 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.276 2024/04/25 14:51:53 taca Exp $
#
# This file determines which Ruby version is used as a dependency for
@@ -213,7 +213,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
.endif
# current supported Ruby's version
-RUBY31_VERSION= 3.1.4
+RUBY31_VERSION= 3.1.5
RUBY32_VERSION= 3.2.3
RUBY33_VERSION= 3.3.0
@@ -277,7 +277,7 @@ RUBY_ABBREV_VER= 0.1.0
RUBY_BASE64_VER= 0.1.1
RUBY_BENCHMARK_VER= 0.2.0
RUBY_BIGDECIMAL_VER= 3.1.1
-RUBY_BUNDLER_VER= 2.3.26
+RUBY_BUNDLER_VER= 2.3.27
RUBY_CGI_VER= 0.3.6
RUBY_CSV_VER= 3.2.5
RUBY_DATE_VER= 3.2.2
@@ -303,7 +303,7 @@ RUBY_IRB_VER= 1.4.1
RUBY_JSON_VER= 2.6.1
RUBY_LOGGER_VER= 1.5.0
RUBY_MUTEX_M_VER= 0.1.1
-RUBY_NET_HTTP_VER= 0.3.0
+RUBY_NET_HTTP_VER= 0.3.0.1
RUBY_NET_PROTOCOL_VER= 0.1.2
RUBY_NKF_VER= 0.1.1
RUBY_OBSERVER_VER= 0.1.1
@@ -349,10 +349,10 @@ RUBY_ZLIB_VER= 2.1.1
RUBY_DEBUG_VER= 1.6.3
RUBY_MATRIX_VER= 0.4.2
RUBY_MINITEST_VER= 5.15.0
-RUBY_NET_FTP_VER= 0.1.3
-RUBY_NET_IMAP_VER= 0.2.3
+RUBY_NET_FTP_VER= 0.1.4
+RUBY_NET_IMAP_VER= 0.2.4
RUBY_NET_POP_VER= 0.1.1
-RUBY_NET_SMTP_VER= 0.3.1
+RUBY_NET_SMTP_VER= 0.3.1.1
RUBY_POWER_ASSERT_VER= 2.0.1
RUBY_PRIME_VER= 0.1.2
RUBY_RAKE_VER= 13.0.6
Index: pkgsrc/lang/ruby31-base/Makefile
diff -u pkgsrc/lang/ruby31-base/Makefile:1.13 pkgsrc/lang/ruby31-base/Makefile:1.14
--- pkgsrc/lang/ruby31-base/Makefile:1.13 Sat Mar 23 14:28:48 2024
+++ pkgsrc/lang/ruby31-base/Makefile Thu Apr 25 14:51:53 2024
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.13 2024/03/23 14:28:48 taca Exp $
+# $NetBSD: Makefile,v 1.14 2024/04/25 14:51:53 taca Exp $
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION= 3
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
Index: pkgsrc/lang/ruby31-base/distinfo
diff -u pkgsrc/lang/ruby31-base/distinfo:1.12 pkgsrc/lang/ruby31-base/distinfo:1.13
--- pkgsrc/lang/ruby31-base/distinfo:1.12 Sat Mar 23 14:28:48 2024
+++ pkgsrc/lang/ruby31-base/distinfo Thu Apr 25 14:51:53 2024
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2024/03/23 14:28:48 taca Exp $
+$NetBSD: distinfo,v 1.13 2024/04/25 14:51:53 taca Exp $
-BLAKE2s (ruby-3.1.4.tar.xz) = cefa8daefd26c8da56db3e114f27cb1b0af8c427d4ba9b650ef60034cb7b413c
-SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633
-Size (ruby-3.1.4.tar.xz) = 15316604 bytes
+BLAKE2s (ruby-3.1.5.tar.xz) = 2392b4d6ae449e5e34b0253abd8aa71f0065e2e0d0dedeb4c9b1e9982621e7cb
+SHA512 (ruby-3.1.5.tar.xz) = a9883f4d074825bb1f54ef3429a9a71341274bd2de1aa8ea32bce19b6b9c1bac5e5dc4c34a92b8e7caa73ba71d7ed7c546a6fec6f1fd3d8986974dce214f6d49
+Size (ruby-3.1.5.tar.xz) = 15293020 bytes
SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
SHA1 (patch-configure) = 7bce8e1de07e3ff81cc984faef9ba12518557b7a
SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890
@@ -11,8 +11,6 @@ SHA1 (patch-include_ruby_internal_static
SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335
SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
SHA1 (patch-lib_rdoc_ri_driver.rb) = f4d3e59e35b608acd4edc17916142c7f033e6198
-SHA1 (patch-lib_rdoc_store.rb) = 890352671278d21c0040f1b3bac34a8ac76ee0dc
-SHA1 (patch-lib_rdoc_version.rb) = fd715eb2cf9d9bbeaaca4ed407c497040394eacd
SHA1 (patch-lib_rubygems.rb) = 060549c43b84f73c77432a72cdcf22941be4eb17
SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 66c475a5308deb2ed5096b88cf65549732f87421
SHA1 (patch-lib_rubygems_dependency__installer.rb) = 1776508907f17547ffe93f637d6f18d335061d76
Home |
Main Index |
Thread Index |
Old Index