Next | Query returned 28 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2019-04-14 17:36:24 by Takahiro Kambe | Files touched by this commit (26) | Package removed
Log message:
lang/ruby23-base: remove ruby23-base package

Remove ruby23-base package, now it is EOL.
   2019-01-03 06:19:03 by Takahiro Kambe | Files touched by this commit (5)
Log message:
lang/ruby: switch to use distfiles in '.xz' format

Switch to use distfiles in '.xz' format.
   2018-10-18 16:24:07 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/ruby23-base: update o 2.3.8

Ruby 2.3.8 Released

Ruby 2.3.8 has been released. This release includes several security
fixes. Please check the topics below for details.

* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
  String#unpack with some directives

* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
  correctly This release also includes a non-security fix to support
  Visual Studio 2014 with Windows 10 October 2018 Update for
  maintenance reasons.

Ruby 2.3 is now under the state of the security maintenance phase,
until the end of the March of 2019. After the date, maintenance of
Ruby 2.3 will be ended. We recommend you start planning migration to
newer versions of Ruby, such as 2.5 or 2.4.
   2018-07-17 12:56:24 by Jonathan Perkin | Files touched by this commit (8)
Log message:
*: Add some required USE_GCC_RUNTIME.
   2018-03-29 05:09:35 by Takahiro Kambe | Files touched by this commit (7) | Package removed
Log message:
lang/ruby23-base: update to 2.3.7, security release

Ruby 2.3.7 Released				Posted by usa on 28 Mar 2018

Ruby 2.3.7 has been released.

This release includes about 70 bug fixes after the previous release, and also
includes several security fixes.  Please check the topics below for details.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

See the ChangeLog for details.

After this release, we will end the normal maintenance phase of Ruby 2.3, and
start the security maintenance phase of it.  This means that after the release
of 2.3.7 we will never backport any bug fixes to 2.3 except security fixes.
The term of the security maintenance phase is scheduled for 1 year.  By the
end of this term, official support of Ruby 2.3 will be over.  Therefore, we
recommend that you start planning to upgrade to Ruby 2.5 or 2.4.
   2018-02-23 16:26:15 by Thomas Klausner | Files touched by this commit (4)
Log message:
lang/*: remove BROKEN markers for known openssl-1.1 breakage

Requested by joerg.
   2018-02-20 07:43:32 by Thomas Klausner | Files touched by this commit (1)
Log message:
ruby23: mark as broken on NetBSD-current due to openssl-1.1
   2018-02-19 17:46:26 by Takahiro Kambe | Files touched by this commit (2)
Log message:
lang/ruby23-base: rubygem security fix

Add an patch to fix security problem of rubygems.

Bump PKGREVISION.
   2018-01-26 12:53:09 by Jonathan Perkin | Files touched by this commit (2)
Log message:
ruby23-base: Change previous to set CFLAGS instead, ride revbump.
   2018-01-26 11:54:15 by Jonathan Perkin | Files touched by this commit (3)
Log message:
ruby23-base: Don't add -std=iso9899:1999 to CPPFLAGS, invalid for C++.

Bump PKGREVISION.

Next | Query returned 28 messages, browsing 1 to 10 | Previous