pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/lang/ruby26-base
From: Takahiro Kambe
Date: 2019-03-12 05:19:09
Message id: 20190312041909.DEFAAFB16@cvs.NetBSD.org

Log Message:
lang/ruby26-base: Add security patch for rubygems

Add security patch for rubygems, fixing these problem.

* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors

Bump PKGREVISION.

Files:

Revision	Action	file
1.2	modify	pkgsrc/lang/ruby26-base/Makefile
1.2	modify	pkgsrc/lang/ruby26-base/distinfo