Navigation:
Browse pkgsrc
(this page)
lang ruby24
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2019-10-05 12:13:20 by Benny Siegert | Files touched by this commit (5) |  |
Log message:
Pullup ticket #6064 - requested by taca
lang/ruby24-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.209
- lang/ruby24-base/INSTALL 1.2
- lang/ruby24-base/Makefile 1.13
- lang/ruby24-base/distinfo 1.15
- lang/ruby24/Makefile 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Oct 2 13:31:48 UTC 2019
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby24: Makefile
pkgsrc/lang/ruby24-base: INSTALL Makefile distinfo
Log message:
lang/ruby24: update to 2.4.9
Update ruby24-base and related packges to 2.4.9.
pkgsrc chagnes
* fix warnings of pkglint.
Quote from release announce:
Ruby 2.4.8 (2019-10-01)
This release includes security fixes. Please check the topics below for
details.
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick's Digest access authentication
Ruby 2.4.9 (2019-10-02)
This release is a re-package of 2.4.8 because the previous Ruby 2.4.8
release tarball does not install. (See [Bug #16197] in detail.) There are no
essential change except their version numbers between 2.4.8 and 2.4.9.
Ruby 2.4 is now under the state of the security maintenance phase, until the
end of March of 2020. After that date, maintenance of Ruby 2.4 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 2.6 or 2.5.
|
New packages: