Log message:
www/ruby-rails61: update to 6.1.3.2

Real changes are in www/ruby-actionpack61 only.

## Rails 6.1.3.2 (May 05, 2021) ##

*   Prevent open redirects by correctly escaping the host allow list
    CVE-2021-22903

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*

Log message:
www/ruby-rails60: update to 6.0.3.7

Real changes are in www/ruby-actionpack60 only.

## Rails 6.0.3.7 (May 05, 2021) ##

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*

Log message:
lang/ruby/rubyversion.mk: require quote

Require proper quote for previous addition to MAKEFLAGS.

Log message:
www/ruby-rails61: update to 6.1.3.1

Real changes are in devel/devel/ruby-activestorage61 only.

## Rails 6.1.3.1 (March 26, 2021) ##

*  Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
   mime types data.

   *George Claghorn*

Log message:
www/ruby-rails60: update to 6.0.3.6

Real changes are in devel/ruby-activestorage60 only.

## Rails 6.0.3.6 (March 26, 2021) ##

*   Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
    mime types data.

    *George Claghorn*

Log message:
www/ruby-rails52: update to 5.2.5

Real changes are in devel/ruby-activestorage52 only.

## Rails 5.2.5 (March 26, 2021) ##

*   Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
    mime types data.

    *George Claghorn*

*   The Poppler PDF previewer renders a preview image using the original
    document's crop box rather than its media box, hiding print margins. This
    matches the behavior of the MuPDF previewer.

    *Vincent Robert*

Log message:
lang/ruby: reset PKGREVISION

Reset PKGREVISION with updates of all ruby{26,27,30}.

Log message:
lang/ruby30-base: update to 3.0.1

Ruby 3.0.1 Released (2021-04-05)

Ruby 3.0.1 has been released.

This release includes security fixes.  Please check the topics below
for details.

* CVE-2021-28965: XML round-trip vulnerability in REXML
* CVE-2021-28966: Path traversal in Tempfile on Windows

See the commit logs for details.

Log message:
lang/ruby27-base: update to 2.7.3

Ruby 2.7.3 Released (2021-04-05)

This release includes security fixes.  Please check the topics below for
details.

* CVE-2021-28965: XML round-trip vulnerability in REXML
* CVE-2021-28966: Path traversal in Tempfile on Windows

See the commit logs for details.

Log message:
lang/ruby26-base: update to 2.6.7

Ruby 2.6.7 Released (2021-04-05)

This release includes security fixes.  Please check the topics below for
details.

* CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in
  WEBrick
* CVE-2021-28965: XML round-trip vulnerability in REXML

See the commit logs for details.

By this release, we end the normal maintenance phase of Ruby 2.6, and Ruby
2.6 enters the security maintenance phase.  This means that we will no
longer backport any bug fixes to Ruby 2.6 except security fixes.  The term
of the security maintenance phase is scheduled for a year.  Ruby 2.6 reaches
EOL and its official support ends by the end of the security maintenance
phase.  Therefore, we recommend that you start to plan upgrade to Ruby 2.7
or 3.0.