2018-01-16 15:53:28 by Jonathan Perkin | Files touched by this commit (8) |
Log message:
ruby*-base: Don't add SSP flags, leave that to pkgsrc.
|
2017-12-15 04:19:29 by Takahiro Kambe | Files touched by this commit (3) |
Log message:
lang/ruby23-base: Update to 2.3.6
Update ruby23-base/ruby23 to 2.3.6.
Ruby 2.3.6 has been released.
This release includes about 10 bug fixes after the previous release,
and also includes several security fixes. Please check the topics
below for details.
* CVE-2017-17405: Command injection vulnerability in Net::FTP
* Unsafe Object Deserialization Vulnerability in RubyGems
See the ChangeLog for details.
|
2017-09-15 02:36:17 by Takahiro Kambe | Files touched by this commit (6) |
Log message:
Update ruby23-base, ruby-gdbm, ruby-fiddle, ruby-readline, ruby-tk and
ruby23 packages to 2.3.5.
pkgsrc change: clean up PLIST.
Ruby 2.3.5 Released Posted by usa on 14 Sep 2017
Ruby 2.3.5 has been released.
This release includes about 70 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
authentication of WEBrick
* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docode
* CVE-2017-14064: Heap exposure vulnerability in generating JSON
* Multiple vulnerabilities in RubyGems
* Updated bundled libyaml to version 0.1.7
See the ChangeLog for details.
|
2017-08-30 05:33:17 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Add patch to fix vulnerabilities of rubygems.
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
* a DNS request hijacking vulnerability
* an ANSI escape sequence vulnerability
* a DoS vulernerability in the query command
* a vulnerability in the gem installer that allowed a malicious gem to
overwrite arbitrary files
Bump PKGREVISION.
|
2017-07-24 15:38:42 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Fix build problem when set PKGSRC_USE_STACK_CHECK to "yes", which reported
by wiz@ via private mail.
The problem exists basic use of auto variable.
|
2017-07-06 18:35:05 by Takahiro Kambe | Files touched by this commit (4) |
Log message:
Fix build problem when PKGSRC_USE_RELRO is not "no".
* Pass LDFLAGS to LIBRUBY_DLDFLAGS via DLDFLAGS as Ruby 2.4 dose.
|
2017-05-30 17:46:22 by Takahiro Kambe | Files touched by this commit (10) |
Log message:
Replace RUBY_VERSION_FULL with RUBY_VERSION since there is no
RUBY_VERSION_FULL contains Ruby's patchlevel.
|
2017-04-09 17:57:01 by Takahiro Kambe | Files touched by this commit (8) | |
Log message:
Update ruby23-base and related packages to 2.3.4.
Ruby 2.3.4 Released 2017/3/30
Ruby 2.3.4 has been released.
This release contains about 80 bug fixes after the previous release. See the
commit logs for details.
And this release contains a bug fix of Symbol#hash to be non-deterministic.
This is a regression on the 2.3 series before 2.3.4. See Bug #13376 for more
details.
|
2016-12-05 16:11:58 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
Update ruby23{,-base} to 2.3.3.
pkgsrc change: rubygems dose not blame open-ended dependency unless verbose
option is enabled.
Ruby 2.3.2 Released Posted by nagachika on 15 Nov 2016
Ruby 2.3.2 has been released.
This is the TEENY version release of the stable 2.3 series.
This release contains update of RubyGems 2.5.2 and update of included ssl
certificates.
Ruby 2.3.3 Released Posted by nagachika on 21 Nov 2016
Ruby 2.3.3 has been released.
This release contains a bug fix about Refinements and Module#prepend. The
mixture use of Module#refine and Module#prepend to the same Class could cause
unexpected NoMethodError. This is a regression on Ruby 2.3.2 released last
week. See [Bug #12920] for details.
There are some bugfixes too. See the ChangeLog for details.
|
2016-11-13 16:14:20 by Takahiro Kambe | Files touched by this commit (4) |
Log message:
Trying to move common configuration to common place.
|