Path to this page:
Next | Query returned 2 messages, browsing 1 to 10 | previous
CVS Commit History:
2018-10-29 18:34:03 by S.P.Zeidler | Files touched by this commit (2) | |
Log message:
Pullup ticket #5862 - requested by taca
lang/ruby: security update
lang/ruby23-base: security update
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.198
- lang/ruby23-base/distinfo 1.17
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Oct 18 14:24:07 UTC 2018
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby23-base: distinfo
Log message:
lang/ruby23-base: update o 2.3.8
Ruby 2.3.8 Released
Ruby 2.3.8 has been released. This release includes several security
fixes. Please check the topics below for details.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
correctly This release also includes a non-security fix to support
Visual Studio 2014 with Windows 10 October 2018 Update for
maintenance reasons.
Ruby 2.3 is now under the state of the security maintenance phase,
until the end of the March of 2019. After the date, maintenance of
Ruby 2.3 will be ended. We recommend you start planning migration to
newer versions of Ruby, such as 2.5 or 2.4.
To generate a diff of this commit:
cvs rdiff -u -r1.197 -r1.198 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.16 -r1.17 pkgsrc/lang/ruby23-base/distinfo
|
2018-10-29 08:53:23 by S.P.Zeidler | Files touched by this commit (2) | |
Log message:
Pullup ticket #5861 - requested by taca
lang/ruby: security update
lang/ruby24-base: security update
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.196
- lang/ruby24-base/distinfo 1.10
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Oct 18 14:15:13 UTC 2018
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby24-base: distinfo
Log message:
lang/ruby24-base: update to 2.4.5
Ruby 2.4.5 Released
Ruby 2.4.5 has been released.
This release includes about 40 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
See the commit logs for details.
To generate a diff of this commit:
cvs rdiff -u -r1.195 -r1.196 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/ruby24-base/distinfo
|
Next | Query returned 2 messages, browsing 1 to 10 | previous