Navigation:
Browse pkgsrc
(this page) 2024-04-25 17:12:05 by Takahiro Kambe | Files touched by this commit (7) |  |
Log message: lang/ruby33: update to 3.3.1 This is security release. Note CVE-2024-27280 and CVE-2024-27281 were already fixed by ruby31-base-3.3.0nb1. 3.3.1 (2024-04-23) * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc |
| 2024-04-25 17:06:11 by Takahiro Kambe | Files touched by this commit (5) | |
Log message: lang/ruby32-base: update to 3.2.4 This is security release. Note CVE-2024-27280 and CVE-2024-27281 were already fixed by ruby31-base-3.2.3nb3. 3.2.4 (2024-04-23) * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc * CVE-2024-27280: Buffer overread vulnerability in StringIO |
| 2024-04-25 16:51:54 by Takahiro Kambe | Files touched by this commit (10) | |
Log message: lang/ruby31-base: update to 3.1.5 This is security release. Note CVE-2024-27280 and CVE-2024-27281 were already fixed by ruby31-base-3.1.4nb3. 3.1.5 (2024-04-23) Security release. * CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search * CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc * CVE-2024-27280: Buffer overread vulnerability in StringIO |
| 2024-03-23 16:15:52 by Takahiro Kambe | Files touched by this commit (5) |
Log message: lang/ruby33: fix CVE-2024-27281 Update rdoc to 6.6.3.1 to fix for CVE-2024-27281. Bump PKGREVISION. |
| 2024-03-23 15:47:13 by Takahiro Kambe | Files touched by this commit (5) |
Log message: lang/ruby32-base: fix CVE-2024-27281 Update rdoc to 6.5.1.1 to fix for CVE-2024-27281. Bump PKGREVISION. |
| 2024-03-23 15:28:48 by Takahiro Kambe | Files touched by this commit (7) |
Log message: lang/ruby31-base: fix CVE-2024-27280 and CVE-2024-27281 Update rdoc to 6.4.1.1 to fix for CVE-2024-27281. Update stringio to 3.0.1.2 to fix for CVE-2024-27280. Bump PKGREVISION. |
| 2024-02-24 15:55:27 by Takahiro Kambe | Files touched by this commit (15) | |
Log message: www/ruby-rails71: update to 7.1.3.2 Update Ruby on Rails 7.1 and related pacakges to 7.1.3.2 This includes security fix: CVE-2024-26142 for www/ruby-actionpack71 CVE-2024-26143 for www/ruby-actionpack71 Action Pack * Fix possible XSS vulnerability with the translate method in controllers CVE-2024-26143 * Fix ReDoS in Accept header parsing CVE-2024-26142 |
| 2024-02-24 15:49:29 by Takahiro Kambe | Files touched by this commit (16) | |
Log message: www/ruby-rails70: update to 7.0.8.1 Update Ruby on Rails 7.0 and related pacakges to 7.0.8.1 This includes security fix: CVE-2024-26144 for devel/ruby-activestorage70 CVE-2024-26146 for www/ruby-actionpack70 Action Pack * Fix possible XSS vulnerability with the translate method in controllers CVE-2024-26143 Active Storage * Disables the session in ActiveStorage::Blobs::ProxyController and ActiveStorage::Representations::ProxyController in order to allow caching by default in some CDNs as CloudFlare Fixes #44136 Bruno Prieto |
| 2024-02-24 15:42:41 by Takahiro Kambe | Files touched by this commit (17) | |
Log message: www/rails61: update to 6.1.7.7 Update rails61 and related pacakges to 6.1.7.7 This includes security fix for CVE-2024-26144, devel/ruby-activestorage61. Active Storage * Disables the session in ActiveStorage::Blobs::ProxyController and ActiveStorage::Representations::ProxyController in order to allow caching by default in some CDNs as CloudFlare Fixes #44136 Bruno Prieto |
| 2024-02-10 15:41:47 by Takahiro Kambe | Files touched by this commit (1) |
Log message: lang/ruby: switch default version to Ruby 3.2 Add missing Ruby 3.3 related value in comments, too. |
New packages: