Path to this page:
Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc/www/ruby-puma
From: Benny Siegert
Date: 2020-06-08 19:52:41
Message id: 20200608175241.71A87FB27@cvs.NetBSD.org
Log Message:
Pullup ticket #6223 - requested by taca
www/ruby-puma: security fix
Revisions pulled up:
- www/ruby-puma/Makefile 1.23
- www/ruby-puma/distinfo 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Sun May 24 13:47:49 UTC 2020
Modified Files:
pkgsrc/www/ruby-puma: Makefile distinfo
Log Message:
www/ruby-puma: update to 4.3.5
Update ruby-puma to 4.3.5.
4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22
Each patchlevel release contains a separate security fix. We recommend
simply upgrading to 4.3.5/3.12.6.
* Security
Fix: Fixed two separate HTTP smuggling vulnerabilities that used the
Transfer-Encoding header. CVE-2020-11076 and CVE-2020-11077.
Files: