Subject: CVS commit: [pkgsrc-2012Q4] pkgsrc/lang
From: Matthias Scheler
Date: 2013-02-25 17:55:28
Message id: 20130225165528.E379A175DD@cvs.netbsd.org

Log Message:
Pullup ticket #4080 - requested by taca
lang/ruby193-base: security update

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.95
- lang/ruby193-base/Makefile                                    1.26
- lang/ruby193-base/distinfo                                    1.18
- lang/ruby193-base/patches/patch-ext_json_lib_json_add_core.rb deleted
- lang/ruby193-base/patches/patch-ext_json_lib_json_common.rb   deleted
- lang/ruby193-base/patches/patch-ext_json_lib_json_version.rb  deleted
- lang/ruby193-base/patches/patch-ext_json_parser_parser.c      deleted
- lang/ruby193-base/patches/patch-ext_json_parser_parser.rl     deleted
- lang/ruby193-base/patches/patch-test_json_test__json.rb       deleted
- lang/ruby193-base/patches/patch-test_json_test__json__addition.rb deleted
- lang/ruby193-base/patches/patch-test_json_test__json__string__matching.rb deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Feb 22 16:20:48 UTC 2013

   Modified Files:
   	pkgsrc/lang/ruby: rubyversion.mk
   	pkgsrc/lang/ruby193-base: Makefile distinfo
   Removed Files:
   	pkgsrc/lang/ruby193-base/patches: patch-ext_json_lib_json_add_core.rb
   	    patch-ext_json_lib_json_common.rb
   	    patch-ext_json_lib_json_version.rb patch-ext_json_parser_parser.c
   	    patch-ext_json_parser_parser.rl patch-test_json_test__json.rb
   	    patch-test_json_test__json__addition.rb
   	    patch-test_json_test__json__string__matching.rb

   Log Message:
   Update ruby193-base package (and related) to 1.9.3-p392.
   Security problem of CVE-2013-0269 was already handled but REXML security
   problem is fixed by this package.

   Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

   This release includes security fixes about bundled JSON and REXML.

   * Denial of Service and Unsafe Object Creation Vulnerability in JSON
     (CVE-2013-0269)
   * Entity expansion DoS vulnerability in REXML (XML bomb)

   And some small bugfixes are also included.

Files:
RevisionActionfile
1.92.2.2modifypkgsrc/lang/ruby/rubyversion.mk
1.20.2.3modifypkgsrc/lang/ruby193-base/Makefile
1.13.2.3modifypkgsrc/lang/ruby193-base/distinfo
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_add_core.rb
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_common.rb
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_version.rb
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.c
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.rl
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json.rb
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__addition.rb
1.1.2.2removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__string__matching.rb