pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2021Q3]: pkgsrc/lang Pullup ticket #6545 - requested by taca



details:   https://anonhg.NetBSD.org/pkgsrc/rev/7f6d6fb69ac1
branches:  pkgsrc-2021Q3
changeset: 770216:7f6d6fb69ac1
user:      tm <tm%pkgsrc.org@localhost>
date:      Sat Nov 27 21:53:13 2021 +0000

description:
Pullup ticket #6545 - requested by taca
lang/ruby26-base: security fix

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.238
- lang/ruby26-base/distinfo                                     1.15

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Nov 25 15:51:08 UTC 2021

   Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby26-base: distinfo

   Log Message:
   lang/ruby26-base: update to 2.6.9

   Ruby 2.6.9 Released
   Posted by usa on 24 Nov 2021

   Ruby 2.6.9 has been released.

   This release includes security fixes.  Please check the topics below for
   details.

   * CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
     Parsing Methods

   * CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit
     logs for details.

   Ruby 2.6 is now under the state of the security maintenance phase, until the
   end of March of 2022.  After that date, maintenance of Ruby 2.6 will be
   ended.  We recommend you start planning the migration to newer versions of
   Ruby, such as 3.0 or 2.7.

diffstat:

 lang/ruby/rubyversion.mk  |   6 +++---
 lang/ruby26-base/distinfo |  10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diffs (45 lines):

diff -r cb4e129f19e0 -r 7f6d6fb69ac1 lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk  Sat Nov 27 21:45:23 2021 +0000
+++ b/lang/ruby/rubyversion.mk  Sat Nov 27 21:53:13 2021 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.237 2021/09/25 00:47:26 dholland Exp $
+# $NetBSD: rubyversion.mk,v 1.237.2.1 2021/11/27 21:53:13 tm Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -213,7 +213,7 @@
 .endif
 
 # current supported Ruby's version
-RUBY26_VERSION=                2.6.8
+RUBY26_VERSION=                2.6.9
 RUBY27_VERSION=                2.7.4
 RUBY30_VERSION=                3.0.2
 
@@ -286,7 +286,7 @@
 RUBY_BUNDLER_VERSION=          1.17.2
 RUBY_CMATH_VERSION=            1.0.0
 RUBY_CSV_VERSION=              3.0.9
-RUBY_DATE_VERSION=             2.0.0
+RUBY_DATE_VERSION=             2.0.2
 RUBY_DBM_VERSION=              1.0.0
 RUBY_E2MMAP_VERSION=           0.1.0
 RUBY_ETC_VERSION=              1.0.1
diff -r cb4e129f19e0 -r 7f6d6fb69ac1 lang/ruby26-base/distinfo
--- a/lang/ruby26-base/distinfo Sat Nov 27 21:45:23 2021 +0000
+++ b/lang/ruby26-base/distinfo Sat Nov 27 21:53:13 2021 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.11 2021/07/07 15:15:19 taca Exp $
+$NetBSD: distinfo,v 1.11.2.1 2021/11/27 21:53:13 tm Exp $
 
-SHA1 (ruby-2.6.8.tar.xz) = fa5ad518ef31bbf5c3386dbcec7b57196a1e618e
-RMD160 (ruby-2.6.8.tar.xz) = d2604765e5d360efa21f55e6eca90a6e026a52c1
-SHA512 (ruby-2.6.8.tar.xz) = d040ad2238523587d8f356fcb796b8b6ad7f8caff7dd6df09e3f7efcbfa0369e33600e78c7f2bc713ae77c040757cce5c4fec223cb9070209f2bf741899c556d
-Size (ruby-2.6.8.tar.xz) = 11599488 bytes
+SHA1 (ruby-2.6.9.tar.xz) = fc67ca162010aac4af49d73a8c48be5cb2fb5907
+RMD160 (ruby-2.6.9.tar.xz) = 0686248d52eacbebe0c54cc8b7d15cf9bc6fee32
+SHA512 (ruby-2.6.9.tar.xz) = f60aa89e685cea324185eb0d13e6b44caef4e4f761cbf9ea1386ae70e39faf3866ac01e4bb5354574f2583e74290b8c80eaf63d126040d52368be6c771476451
+Size (ruby-2.6.9.tar.xz) = 11590064 bytes
 SHA1 (patch-configure) = ccfad7b5e35e87308e187e6c5fb3ffea57ad763d
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e



Home | Main Index | Thread Index | Old Index