Path to this page:
Subject: CVS commit: [pkgsrc-2019Q3] pkgsrc/lang
From: Benny Siegert
Date: 2019-10-05 21:53:04
Message id: 20191005195304.7362AFBF4@cvs.NetBSD.org
Log Message:
Pullup ticket #6066 - requested by taca
lang/ruby26-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.211
- lang/ruby26-base/Makefile 1.4
- lang/ruby26-base/distinfo 1.7
- lang/ruby26/Makefile 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Oct 2 13:44:34 UTC 2019
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26: Makefile
pkgsrc/lang/ruby26-base: Makefile distinfo
Log Message:
lang/ruby26: update to 2.6.5
Update ruby26-base and ruby26 packges to 2.6.5
pkgsrc chagnes
* fix warnings of pkglint.
Quote from release announce:
Ruby 2.6.5 (2019-10-01)
This release includes security fixes. Please check the topics below for
details.
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick's Digest access authentication
Files: