Navigation:
Browse pkgsrc
(this page) 2019-04-14 17:36:24 by Takahiro Kambe | Files touched by this commit (26) |  |
Log message: lang/ruby23-base: remove ruby23-base package Remove ruby23-base package, now it is EOL. |
| 2019-01-03 06:19:03 by Takahiro Kambe | Files touched by this commit (5) |
Log message: lang/ruby: switch to use distfiles in '.xz' format Switch to use distfiles in '.xz' format. |
2018-10-18 16:24:07 by Takahiro Kambe | Files touched by this commit (2) |  |
Log message: lang/ruby23-base: update o 2.3.8 Ruby 2.3.8 Released Ruby 2.3.8 has been released. This release includes several security fixes. Please check the topics below for details. * CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives * CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly This release also includes a non-security fix to support Visual Studio 2014 with Windows 10 October 2018 Update for maintenance reasons. Ruby 2.3 is now under the state of the security maintenance phase, until the end of the March of 2019. After the date, maintenance of Ruby 2.3 will be ended. We recommend you start planning migration to newer versions of Ruby, such as 2.5 or 2.4. |
| 2018-07-17 12:56:24 by Jonathan Perkin | Files touched by this commit (8) |
Log message: *: Add some required USE_GCC_RUNTIME. |
| 2018-03-29 05:09:35 by Takahiro Kambe | Files touched by this commit (7) | |
Log message: lang/ruby23-base: update to 2.3.7, security release Ruby 2.3.7 Released Posted by usa on 28 Mar 2018 Ruby 2.3.7 has been released. This release includes about 70 bug fixes after the previous release, and also includes several security fixes. Please check the topics below for details. * CVE-2017-17742: HTTP response splitting in WEBrick * CVE-2018-8777: DoS by large request in WEBrick * CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir * CVE-2018-8778: Buffer under-read in String#unpack * CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket * CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir * Multiple vulnerabilities in RubyGems See the ChangeLog for details. After this release, we will end the normal maintenance phase of Ruby 2.3, and start the security maintenance phase of it. This means that after the release of 2.3.7 we will never backport any bug fixes to 2.3 except security fixes. The term of the security maintenance phase is scheduled for 1 year. By the end of this term, official support of Ruby 2.3 will be over. Therefore, we recommend that you start planning to upgrade to Ruby 2.5 or 2.4. |
| 2018-02-23 16:26:15 by Thomas Klausner | Files touched by this commit (4) |
Log message: lang/*: remove BROKEN markers for known openssl-1.1 breakage Requested by joerg. |
| 2018-02-20 07:43:32 by Thomas Klausner | Files touched by this commit (1) |
Log message: ruby23: mark as broken on NetBSD-current due to openssl-1.1 |
| 2018-02-19 17:46:26 by Takahiro Kambe | Files touched by this commit (2) |
Log message: lang/ruby23-base: rubygem security fix Add an patch to fix security problem of rubygems. Bump PKGREVISION. |
| 2018-01-26 12:53:09 by Jonathan Perkin | Files touched by this commit (2) |
Log message: ruby23-base: Change previous to set CFLAGS instead, ride revbump. |
| 2018-01-26 11:54:15 by Jonathan Perkin | Files touched by this commit (3) |
Log message: ruby23-base: Don't add -std=iso9899:1999 to CPPFLAGS, invalid for C++. Bump PKGREVISION. |
New packages: