Path to this page:
Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc
From: Benny Siegert
Date: 2020-06-01 21:15:23
Message id: 20200601191523.2C9B2FB27@cvs.NetBSD.org
Log Message:
Pullup ticket #6213 - requested by taca
www/ruby-rails52: security fix
Revisions pulled up:
- lang/ruby/rails.mk patch
- databases/ruby-activerecord52/distinfo 1.4
- devel/ruby-activejob52/distinfo 1.4
- devel/ruby-activemodel52/distinfo 1.4
- devel/ruby-activestorage52/distinfo 1.4
- devel/ruby-activesupport52/distinfo 1.4
- devel/ruby-railties52/distinfo 1.4
- mail/ruby-actionmailer52/distinfo 1.4
- www/ruby-actioncable52/distinfo 1.4
- www/ruby-actionpack52/distinfo 1.4
- www/ruby-actionview52/distinfo 1.4
- www/ruby-rails52/distinfo 1.4
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:33:41 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport52: distinfo
Log Message:
devel/ruby-activesupport52: update to 5.2.4.3
Update ruby-activesupport52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:34:47 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel52: distinfo
Log Message:
devel/ruby-activemodel52: update to 5.2.4.3
Update ruby-activemodel52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:35:30 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob52: distinfo
Log Message:
devel/ruby-activejob52: update to 5.2.4.3
Update ruby-activejob52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:18 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview52: distinfo
Log Message:
www/ruby-actionview52: update to 5.2.4.3
Update ruby-actionview52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF \
token in XHRs
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:58 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack52: distinfo
Log Message:
www/ruby-actionpack52: update to 5.2.4.3
Update ruby-actionpack52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be \
used to reconstruct a per-form token
* [CVE-2020-8164] Return self when calling #each, #each_pair, and \
#each_value instead of the raw @parameters hash
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:37:46 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable52: distinfo
Log Message:
www/ruby-actioncable52: update to 5.2.4.3
Update ruby-actioncable52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:38:35 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord52: distinfo
Log Message:
databases/ruby-activerecord52: update to 5.2.4.3
Update ruby-activerecord52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:12 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage52: distinfo
Log Message:
devel/ruby-activestorage52: update to 5.2.4.3
Update ruby-activestorage52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage \
direct upload
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:54 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer52: distinfo
Log Message:
mail/ruby-actionmailer52: update to 5.2.4.3
Update ruby-actionmailer52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:40:32 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties52: distinfo
Log Message:
devel/ruby-railties52: update to 5.2.4.3
Update ruby-railties52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:41:07 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails52: distinfo
Log Message:
www/ruby-rails52: update to 5.2.4.3
Finally, update ruby-rails52 to 5.2.4.3.
Files: