pkgsrc.se | The NetBSD package collection

Subject: CVS commit: [pkgsrc-2017Q2] pkgsrc/lang/ruby24-base
From: S.P.Zeidler
Date: 2017-09-15 21:25:23
Message id: 20170915192523.B68BFFA98@cvs.NetBSD.org

Log Message:
Pullup ticket #5545 - requested by taca
lang/ruby24-base: security fix

Revisions pulled up:
- lang/ruby24-base/Makefile                                     1.4
- lang/ruby24-base/distinfo                                     1.3

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug 30 03:33:39 UTC 2017

   Modified Files:
   	pkgsrc/lang/ruby24-base: Makefile distinfo

   Log Message:
   Add patch to fix vulnerabilities of rubygems.

   https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

   * a DNS request hijacking vulnerability
   * an ANSI escape sequence vulnerability
   * a DoS vulernerability in the query command
   * a vulnerability in the gem installer that allowed a malicious gem to
     overwrite arbitrary files

   Bump PKGREVISION.

   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby24-base/Makefile
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby24-base/distinfo

Files:

Revision	Action	file
1.3.2.1	modify	pkgsrc/lang/ruby24-base/Makefile
1.2.2.1	modify	pkgsrc/lang/ruby24-base/distinfo