2021-02-11 15:30:08 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/ruby-rails60: update to 6.0.3.5
databases/ruby-activerecord60:
## Rails 6.0.3.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
www/ruby-actionpack60
## Rails 6.0.3.5 (February 10, 2021) ##
* Prevent open redirect when allowed host starts with a dot
[CVE-2021-22881]
Thanks to @tktech (https://hackerone.com/tktech) for reporting this
issue and the patch!
*Aaron Patterson*
|
2021-02-11 15:23:42 by Takahiro Kambe | Files touched by this commit (12) | |
Log message:
www/rails52: update to 5.2.4.5
## Rails 5.2.4.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
|
2021-01-11 12:21:31 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
lang/ruby: add GEM_PLUGINSDIR support
* Add GEM_PLUGINSDIR support required by rubygems 3.2 and later.
* GEM_EXTSDIR is required unconditonally.
|
2021-01-11 07:51:27 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
lang/ruby: add RUBYGEM_VERBOSE
Add RUBYGEM_VERBOSE user-settable variable. It is useful for developers.
RUBYGEM_VERBOSE
Execute gem with verbose option.
Possible values: Yes No
Default: No
|
2020-12-30 15:15:03 by Takahiro Kambe | Files touched by this commit (1) | |
Log message:
lang/ruby: correct list of commands
Correctly update list of commands.
Bump PKGREVISION.
|
2020-12-19 15:41:16 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
lang/ruby: try removing extra directory
Try removing extra directory and make "make print-PLIST" happy a little.
|
2020-10-19 16:50:32 by Takahiro Kambe | Files touched by this commit (15) | |
Log message:
www/ruby-rails60: update to 6.0.3.4
Update Ruby on Rails 6.0 related packages to 6.0.3.4.
This is security fix for ruby-actionpack60.
## Rails 6.0.3.4 (October 07, 2020) ##
* [CVE-2020-8264] Prevent XSS in Actionable Exceptions
|
2020-10-04 06:28:35 by Takahiro Kambe | Files touched by this commit (1) | |
Log message:
lang/ruby: update version for Ruby 2.7.2
Update versions for Ruby 2.7.2, it should be commited along with update
to Ruby 2.7.2. Noted by Ryo ONODERA.
|
2020-09-10 18:53:03 by Takahiro Kambe | Files touched by this commit (1) |
Log message:
lang/ruby: drop support for Ruby on Rails 5.1
* Drop support for Ruby on Rails 5.1.
* Remove useless conditional (i.e. always true after remove of Rails 4.2).
|
2020-09-10 16:30:03 by Takahiro Kambe | Files touched by this commit (14) | |
Log message:
www/ruby-rails60: update to 6.0.3.3
Update Ruby on Rails 60 to 6.0.3.3.
Security fix in ruby-actionview60.
## Rails 6.0.3.3 (September 09, 2020) ##
* [CVE-2020-8185] Fix potential XSS vulnerability in the `translate`/`t` helper.
*Jonathan Hefner*
|