./lang/ruby24-base, Ruby 2.4.5 release minimum base package

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.5, Package name: ruby24-base-2.4.5, Maintainer: taca

Ruby is the interpreted scripting language for quick and
easy object-oriented programming. It has many features to
process text files and to do system management tasks (as in
Perl). It is simple, straight-forward, and extensible.

Features of Ruby are shown below.

+ Simple Syntax
+ *Normal* Object-Oriented features (ex. class, method calls)
+ *Advanced* Object-Oriented features (ex. Mix-in, Singleton-method)
+ Operator Overloading
+ Exception Handling
+ Iterators and Closures
+ Garbage Collection
+ Dynamic Loading of Object files (on some architecture)
+ Highly Portable (works on many UNIX machines, and on DOS,
Windows, Mac, BeOS etc.)

This package is Ruby 2.4 release minimum base package.

DEINSTALL [+/-]

Required to run:
[textproc/libyaml]

Required to build:
[pkgtools/cwrappers]

Package options: ruby-build-ri-db

Master sites: (Expand)

SHA1: 0e1f184556507c22bc59054496c0af7cf28fb188
RMD160: 72478559b56856d77f2898148bfeb35f294c4dc1
Filesize: 12370.629 KB

Version history: (Expand)


CVS history: (Expand)


   2018-10-18 16:15:13 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/ruby24-base: update to 2.4.5

Ruby 2.4.5 Released

Ruby 2.4.5 has been released.

This release includes about 40 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.

* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
  String#unpack with some directives

* CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
  See the commit logs for details.
   2018-07-17 12:56:24 by Jonathan Perkin | Files touched by this commit (8)
Log message:
*: Add some required USE_GCC_RUNTIME.
   2018-03-29 05:04:47 by Takahiro Kambe | Files touched by this commit (7) | Package removed
Log message:
lang/ruby24-base: update to 2.4.4, security release

Ruby 2.4.4 Released			Posted by nagachika on 28 Mar 2018

Ruby 2.4.4 has been released.

This release includes some bug fixes and some security fixes.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

There are also some bug fixes. See commit logs for more details.
   2018-02-19 17:46:58 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/ruby24-base: rubygem security fix

Add an patch to fix security problem of rubygems.

Bump PKGREVISION.
   2018-01-26 14:22:58 by Jonathan Perkin | Files touched by this commit (3) | Package updated
Log message:
ruby24-base: Put -std= in CFLAGS not CPPFLAGS.  Bump PKGREVISION.
   2018-01-16 15:53:28 by Jonathan Perkin | Files touched by this commit (8)
Log message:
ruby*-base: Don't add SSP flags, leave that to pkgsrc.
   2017-12-15 04:23:29 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
lang/ruby24-base: update to 2.4.3

Update ruby24-base/ruby24 to 2.4.3.

Ruby 2.4.3 Released
Posted by nagachika on 14 Dec 2017

Ruby 2.4.3 has been released.

This release includes some bug fixes and a security fix.

* CVE-2017-17405: Command injection vulnerability in Net::FTP

There are also som bug fixes. See commit logs for more details.
   2017-09-15 02:39:46 by Takahiro Kambe | Files touched by this commit (4) | Package updated
Log message:
ruby24-base: Update ruby24-base and ruby24 to 2.4.2.

Ruby 2.4.2 Released			Posted by nagachika on 14 Sep 2017

We are pleased to announce the release of Ruby 2.4.2. This release contains
some security fixes.

* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
  authentication of WEBrick

* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docod

* CVE-2017-14064: Heap exposure in generating JSON

* Multiple vulnerabilities in RubyGems

* Update bundled libyaml to version 0.1.7.

There are also many bug-fixes. See commit logs for more details.