CVS commit: [pkgsrc-2023Q1] pkgsrc/lang

["S.P.Zeidler" <spz%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   spz
Date:           Sun Apr  2 06:04:46 UTC 2023

Modified Files:
        pkgsrc/lang/ruby [pkgsrc-2023Q1]: rubyversion.mk
        pkgsrc/lang/ruby32-base [pkgsrc-2023Q1]: PLIST distinfo

Log Message:
Pullup ticket #6748 - requested by taca
lang/ruby32-base: security update

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.264
- lang/ruby32-base/PLIST                                        1.3
- lang/ruby32-base/distinfo                                     1.4

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Apr  1 09:26:58 UTC 2023

   Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby32-base: PLIST distinfo

   Log Message:
   lang/ruby32: update to 3.2.2

   Ruby 3.2.2 Released                  Posted by naruse on 30 Mar 2023

   Ruby 3.2.2 has been released.

   This release includes security fixes.  Please check the topics below for
   details.

   * CVE-2023-28755: ReDoS vulnerability in URI
   * CVE-2023-28756: ReDoS vulnerability in Time

   What's Changed

   * Backport [Bug #19158] for Ruby 3.2 by hsbt � Pull Request #7356
   * Bug #19415: Incorrect circularity warning for concurrent requires
   * Bug #19400: YJIT fails to boot on ARM64 systems with 64 KiB pages
   * Bug #19419: [BUG] try to mark T_NONE object in ibf_dump_mark
   * Bug #19444: YJIT String#+@ miscompilations
   * Bug #19445: Segmentation fault with Numeric#step
   * Bug #19439: Marshal.load doesn't load Regexp instance variables
   * Bug #19459: Is length of IO::Buffer#read required or optional?
   * Bug #19464: YJIT miscompiles BasicObject#__send__ to alias methods of send
   * Bug #19468: Ruby 3.2: net/http sets UTF-8 encoding for binary responses
   * Bug #19469: Crash when resizing generic iv list
   * Bug #19161: Cannot compile 3.0.5 or 3.1.3 on Red Hat Enterprise Linux 7
   * Bug #19467: Some linear_time regexp does not match in linear time
   * Bug #19476: Regexp unexpected partial match
   * Bug #19536: Frozen status loss when moving objects
   * Bug #19485: Unexpected behavior in squiggly heredocs
   * Bug #19471: Regexp::compile does not handle :timeout argument
   * Use URI-0.12.1 for Ruby 3.2 by hsbt � Pull Request #7603
   * Merge RubyGems-3.4.10 and Bundler-2.4.10 by hsbt � Pull Request #7479
   * Merge Time-0.2.2 by hsbt � Pull Request #7623

   Note: This list is automatically generated by tool/gen-github-release.rb.
   Because of this, some commits may be missing.

   To generate a diff of this commit:
   cvs rdiff -u -r1.263 -r1.264 pkgsrc/lang/ruby/rubyversion.mk
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby32-base/PLIST
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby32-base/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.260.2.3 -r1.260.2.4 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.2 -r1.2.2.1 pkgsrc/lang/ruby32-base/PLIST
cvs rdiff -u -r1.3 -r1.3.2.1 pkgsrc/lang/ruby32-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.260.2.3 pkgsrc/lang/ruby/rubyversion.mk:1.260.2.4
--- pkgsrc/lang/ruby/rubyversion.mk:1.260.2.3   Sat Apr  1 20:04:44 2023
+++ pkgsrc/lang/ruby/rubyversion.mk     Sun Apr  2 06:04:46 2023
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.260.2.3 2023/04/01 20:04:44 spz Exp $
+# $NetBSD: rubyversion.mk,v 1.260.2.4 2023/04/02 06:04:46 spz Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -216,7 +216,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub
 RUBY27_VERSION=                2.7.8
 RUBY30_VERSION=                3.0.6
 RUBY31_VERSION=                3.1.4
-RUBY32_VERSION=                3.2.1
+RUBY32_VERSION=                3.2.2
 
 # current API compatible version; used for version of shared library
 RUBY27_API_VERSION=    2.7.0
@@ -535,7 +535,7 @@ RUBY_ABBREV_VER=            0.1.1
 RUBY_BASE64_VER=               0.1.1
 RUBY_BENCHMARK_VER=            0.2.1
 RUBY_BIGDECIMAL_VER=           3.1.3
-RUBY_BUNDLER_VER=              2.4.6
+RUBY_BUNDLER_VER=              2.4.10
 RUBY_CGI_VER=                  0.3.6
 RUBY_CSV_VER=                  3.2.6
 RUBY_DATE_VER=                 3.3.3
@@ -593,12 +593,12 @@ RUBY_STRSCAN_VER=         3.0.5
 RUBY_SYSLOG_VER=               0.1.1
 RUBY_SYNTAX_SUGGEST_VER=       1.0.2
 RUBY_TEMPFILE_VER=             0.1.3
-RUBY_TIME_VER=                 0.2.1
+RUBY_TIME_VER=                 0.2.2
 RUBY_TIMEOUT_VER=              0.3.1
 RUBY_TMPDIR_VER=               0.1.3
 RUBY_TSORT_VER=                        0.1.1
 RUBY_UN_VER=                   0.2.1
-RUBY_URI_VER=                  0.12.0
+RUBY_URI_VER=                  0.12.1
 RUBY_WEAKREF_VER=              0.1.2
 RUBY_YAML_VER=                 0.2.1
 RUBY_ZLIB_VER=                 3.0.0

Index: pkgsrc/lang/ruby32-base/PLIST
diff -u pkgsrc/lang/ruby32-base/PLIST:1.2 pkgsrc/lang/ruby32-base/PLIST:1.2.2.1
--- pkgsrc/lang/ruby32-base/PLIST:1.2   Wed Feb  8 15:28:22 2023
+++ pkgsrc/lang/ruby32-base/PLIST       Sun Apr  2 06:04:46 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2023/02/08 15:28:22 taca Exp $
+@comment $NetBSD: PLIST,v 1.2.2.1 2023/04/02 06:04:46 spz Exp $
 bin/bundle${RUBY_SUFFIX}
 bin/bundler${RUBY_SUFFIX}
 bin/erb${RUBY_SUFFIX}
@@ -406,7 +406,6 @@ ${RUBY_LIB}/bundler/templates/Executable
 ${RUBY_LIB}/bundler/templates/Executable.bundler
 ${RUBY_LIB}/bundler/templates/Executable.standalone
 ${RUBY_LIB}/bundler/templates/Gemfile
-${RUBY_LIB}/bundler/templates/gems.rb
 ${RUBY_LIB}/bundler/templates/newgem/CHANGELOG.md.tt
 ${RUBY_LIB}/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt
 ${RUBY_LIB}/bundler/templates/newgem/Cargo.toml.tt
@@ -445,6 +444,7 @@ ${RUBY_LIB}/bundler/ui/rg_proxy.rb
 ${RUBY_LIB}/bundler/ui/shell.rb
 ${RUBY_LIB}/bundler/ui/silent.rb
 ${RUBY_LIB}/bundler/uri_credentials_filter.rb
+${RUBY_LIB}/bundler/uri_normalizer.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool/version.rb
@@ -1022,6 +1022,7 @@ ${RUBY_LIB}/rubygems/commands/cleanup_co
 ${RUBY_LIB}/rubygems/commands/contents_command.rb
 ${RUBY_LIB}/rubygems/commands/dependency_command.rb
 ${RUBY_LIB}/rubygems/commands/environment_command.rb
+${RUBY_LIB}/rubygems/commands/exec_command.rb
 ${RUBY_LIB}/rubygems/commands/fetch_command.rb
 ${RUBY_LIB}/rubygems/commands/generate_index_command.rb
 ${RUBY_LIB}/rubygems/commands/help_command.rb

Index: pkgsrc/lang/ruby32-base/distinfo
diff -u pkgsrc/lang/ruby32-base/distinfo:1.3 pkgsrc/lang/ruby32-base/distinfo:1.3.2.1
--- pkgsrc/lang/ruby32-base/distinfo:1.3        Wed Feb  8 15:28:22 2023
+++ pkgsrc/lang/ruby32-base/distinfo    Sun Apr  2 06:04:46 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.3 2023/02/08 15:28:22 taca Exp $
+$NetBSD: distinfo,v 1.3.2.1 2023/04/02 06:04:46 spz Exp $
 
-BLAKE2s (ruby-3.2.1.tar.xz) = 7c7164f561f7887e662e3e8b1f02bc71356624d904fc7c795181d05a29c0e5f3
-SHA512 (ruby-3.2.1.tar.xz) = 69caadab9be6b56905ea4fc92fa0e36704f9fa6a0e7e7f4c6bdb79e9cbe8dc57c524f96d9c18802d61aa1ca578fed2e9758692f9d701bf0dba938f0206b721b3
-Size (ruby-3.2.1.tar.xz) = 15094384 bytes
+BLAKE2s (ruby-3.2.2.tar.xz) = 880e96fbdec90238299174d0abb7be507f04b8036386d70b61769d339bb2b609
+SHA512 (ruby-3.2.2.tar.xz) = a29f24cd80f563f6368952d06d6273f7241a409fa9ab2f60e03dde2ac58ca06bee1750715b6134caebf4c061d3503446dc37a6059e19860bb0010eef34951935
+Size (ruby-3.2.2.tar.xz) = 15118856 bytes
 SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
 SHA1 (patch-configure) = f3a143eda324bdfcaab51ee44274eaa445cf2767
 SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890