Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Pullup ticket #4802 - requested by taca
lang/ruby200-base: security update
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.145
- lang/ruby200-base/Makefile 1.20
- lang/ruby200-base/distinfo 1.27
- lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 20 15:22:16 UTC 2015
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby200-base: Makefile distinfo
Removed Files:
pkgsrc/lang/ruby200-base/patches: patch-lib_rubygems_remote__fetcher.rb
Log Message:
Update ruby200-base-2.0.0p647 to (Ruby 2.0.0-p647).
Release announce:
Ruby 2.0.0-p647 Released
Posted by usa on 18 Aug 2015
We are pleased to announce the release of Ruby 2.0.0-p647.
This release includes the security fix for a RubyGems domain name
verification vulnerability. Please view the topic below for more details.
CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
And, this release also includes the fix for a regression of lib/resolv.rb.
Uninitialized constant bug introduced by typo in backport of [#10712]
Ruby 2.0.0 is now under the state of the security maintenance phase, until
Feb. 24th, 2016. After the date, maintenance of Ruby 2.0.0 will be ended. We
recommend you start planning migration to newer versions of Ruby, such as
2.1 or 2.2.