Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc/www/ruby-puma
From: Benny Siegert
Date: 2020-06-08 19:52:41
Message id: 20200608175241.71A87FB27@cvs.NetBSD.org

Log Message:
Pullup ticket #6223 - requested by taca
www/ruby-puma: security fix

Revisions pulled up:
- www/ruby-puma/Makefile                                        1.23
- www/ruby-puma/distinfo                                        1.18

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun May 24 13:47:49 UTC 2020

   Modified Files:
   	pkgsrc/www/ruby-puma: Makefile distinfo

   Log Message:
   www/ruby-puma: update to 4.3.5

   Update ruby-puma to 4.3.5.

   4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22

   Each patchlevel release contains a separate security fix. We recommend
   simply upgrading to 4.3.5/3.12.6.

   * Security

     Fix: Fixed two separate HTTP smuggling vulnerabilities that used the
     Transfer-Encoding header. CVE-2020-11076 and CVE-2020-11077.

Files:
RevisionActionfile
1.22.2.1modifypkgsrc/www/ruby-puma/Makefile
1.17.2.1modifypkgsrc/www/ruby-puma/distinfo