[pkgsrc/trunk]: pkgsrc/devel/ruby-redmine50 devel/ruby-redmine50: update to 5...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/devel/ruby-redmine50 devel/ruby-redmine50: update to 5...
From: taca <taca%pkgsrc.org@localhost>
Date: Sat, 03 Dec 2022 08:04:22 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/d59f0ce89c3a
branches:  trunk
changeset: 389285:d59f0ce89c3a
user:      taca <taca%pkgsrc.org@localhost>
date:      Sat Dec 03 06:41:42 2022 +0000

description:
devel/ruby-redmine50: update to 5.0.4

5.0.4 (2022-12-01)

This is security release.

* Fix CVE-2022-44030: Access Control Issue in attachments#download_all
  (#37772)

* Fix CVE-2022-44031: Persistent XSS in textile formatting due to blockquote
  citation (#37751)

* Fix CVE-2021-44637: Redmine contains a cross-site scripting vulnerability
  (#37767)

* Open Redirect in attachments#download_all (#37880)

diffstat:

 devel/ruby-redmine50/Makefile              |   4 ++--
 devel/ruby-redmine50/distinfo              |  10 +++++-----
 devel/ruby-redmine50/patches/patch-Gemfile |  12 +++++-------
 3 files changed, 12 insertions(+), 14 deletions(-)

diffs (79 lines):

diff -r 56e5273e6fcf -r d59f0ce89c3a devel/ruby-redmine50/Makefile
--- a/devel/ruby-redmine50/Makefile     Sat Dec 03 06:40:35 2022 +0000
+++ b/devel/ruby-redmine50/Makefile     Sat Dec 03 06:41:42 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.5 2022/12/01 12:19:09 jperkin Exp $
+# $NetBSD: Makefile,v 1.6 2022/12/03 06:41:42 taca Exp $
 
 DISTNAME=      redmine-${RM_VERSION}
 PKGNAME=       ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/}
@@ -10,7 +10,7 @@
 COMMENT=       Flexible project management web application
 LICENSE=       gnu-gpl-v2 # and so on.
 
-RM_VERSION=    5.0.3
+RM_VERSION=    5.0.4
 
 NO_BUILD=      yes
 
diff -r 56e5273e6fcf -r d59f0ce89c3a devel/ruby-redmine50/distinfo
--- a/devel/ruby-redmine50/distinfo     Sat Dec 03 06:40:35 2022 +0000
+++ b/devel/ruby-redmine50/distinfo     Sat Dec 03 06:41:42 2022 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.3 2022/10/09 15:32:55 taca Exp $
+$NetBSD: distinfo,v 1.4 2022/12/03 06:41:42 taca Exp $
 
-BLAKE2s (redmine-5.0.3.tar.gz) = 47710138cd38b6d442ad952d4bb1e3cdd016b6bd64bf172ce8636311a219b550
-SHA512 (redmine-5.0.3.tar.gz) = ad790e1674485c7a2e9c59d6f653de7b90dcc673fb979d0433bf275bcdc2a794fe9cf78788fce928a111e3e8cbc296230a57702d9e0ea8f317f7a00cc3d8481b
-Size (redmine-5.0.3.tar.gz) = 3113409 bytes
-SHA1 (patch-Gemfile) = e98a0dd810e1b55daf8ea4f70c35b96dba619035
+BLAKE2s (redmine-5.0.4.tar.gz) = e33640331e7045baf015ff373c1fae06689a28db5eb25cddfd3cfbbfb1710bc2
+SHA512 (redmine-5.0.4.tar.gz) = e1c0693ae1d4c71de7bef8d78b42e2d81cd53a2bd0bdfa83778528f40b5d43bb118e8e22f29112130f3082ddafd0c8931b05d5409e7a3f8a23dc619c5d84cf78
+Size (redmine-5.0.4.tar.gz) = 3114593 bytes
+SHA1 (patch-Gemfile) = 97e7503de8194ea68e72c499bbcccaaa037e0332
 SHA1 (patch-config_additional__environment.rb.example) = 7ad913800c5f31fdd9b71aa92294bdbeea7b77fe
 SHA1 (patch-lib_tasks_initializers.rake) = 73c4594c94abd28e628bbd172565b161f0e54fff
diff -r 56e5273e6fcf -r d59f0ce89c3a devel/ruby-redmine50/patches/patch-Gemfile
--- a/devel/ruby-redmine50/patches/patch-Gemfile        Sat Dec 03 06:40:35 2022 +0000
+++ b/devel/ruby-redmine50/patches/patch-Gemfile        Sat Dec 03 06:41:42 2022 +0000
@@ -1,9 +1,9 @@
-$NetBSD: patch-Gemfile,v 1.3 2022/10/09 15:32:55 taca Exp $
+$NetBSD: patch-Gemfile,v 1.4 2022/12/03 06:41:42 taca Exp $
 
 * Relax dependency.
 * Do not load gem for developemt and test.
 
---- Gemfile.orig       2022-10-02 20:10:35.000000000 +0000
+--- Gemfile.orig       2022-12-01 15:40:32.000000000 +0000
 +++ Gemfile
 @@ -3,9 +3,9 @@ source 'https://rubygems.org'
  ruby '>= 2.5.0', '< 3.2.0'
@@ -17,17 +17,15 @@
  gem 'request_store', '~> 1.5.0'
  gem 'mini_mime', '~> 1.1.0'
  gem "actionpack-xml_parser"
-@@ -48,8 +48,8 @@ gem 'redcarpet', '~> 3.5.1', groups: [:m
+@@ -48,7 +48,7 @@ gem 'redcarpet', '~> 3.5.1', groups: [:m
  
  # Optional CommonMark support, not for JRuby
  group :common_mark do
 -  gem "html-pipeline", "~> 2.13.2"
--  gem "commonmarker", (Gem.ruby_version < Gem::Version.new('2.6.0') ? '0.21.0' : '0.23.4')
 +  gem "html-pipeline", "~> 2.13"
-+  gem "commonmarker", (Gem.ruby_version < Gem::Version.new('2.6.0') ? '0.21.0' : '~> 0.23')
+   gem "commonmarker", (Gem.ruby_version < Gem::Version.new('2.6.0') ? '0.21.0' : '~> 0.23.6')
    gem "sanitize", "~> 6.0"
    gem 'deckar01-task_list', '2.3.2'
- end
 @@ -69,7 +69,7 @@ if File.exist?(database_file)
        when 'mysql2'
          gem "mysql2", "~> 0.5.0", :platforms => [:mri, :mingw, :x64_mingw]
@@ -45,7 +43,7 @@
  group :development do
    gem 'listen', '~> 3.3'
    gem "yard"
-@@ -106,6 +107,7 @@ group :test do
+@@ -107,6 +108,7 @@ group :test do
    gem 'rubocop-performance', '~> 1.13.0'
    gem 'rubocop-rails', '~> 2.14.0'
  end

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine42 to 4.2.9
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine50 to 5.0.4
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine42 to 4.2.9
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated devel/ruby-redmine50 to 5.0.4
Indexes:

Home | Main Index | Thread Index | Old Index