Navigation:
Browse pkgsrc
(this page)Log Message: Update rubygems to 2.0.8. This includes a fix for CVE-2013-4287 in rubygems. === 2.0.8 / 2013-09-09 Security fixes: * RubyGems 2.0.7 and earlier are vulnerable to excessive CPU usage due to a backtracking in Gem::Version validation. See CVE-2013-4287 for full details including vulnerable APIs. Fixed versions include 2.0.8, 1.8.26 and 1.8.23.1 (for Ruby 1.9.3). Issue #626 by Damir Sharipov. Bug fixes: * Fixed Gem.clear_paths when Security is defined at top-level. Pull request #625 by elarkin === 2.0.7 / 2013-08-15 * Extensions may now be built in parallel (therefore gems may be installed in parallel). Bug #607 by Hemant Kumar. * Changed broken link to RubyGems Bookshelf to point to RubyGems guides. Ruby pull request #369 by è¬è´é¦. * Fixed various test failures due to platform differences or poor tests. Patches by Yui Naruse and Koichi Sasada. * Fixed documentation for Kernel#require. === 2.0.6 / 2013-07-24 Bug fixes: * Fixed the `--no-install` and `-I` options to `gem list` and friends. Bug #593 by Blargel. * Fixed crash when installing gems with extensions under the `-V` flag. Bug #601 by Nick Hoffman. * Fixed race condition retrieving HTTP connections in Gem::Request on JRuby. Bug #597 by Hemant Kumar. * Fixed building extensions on ruby 1.9.3 under mingw. Bug #594 by jonforums, Bug #599 by Chris Riesbeck * Restored default of remote search to `gem search`. === 2.0.5 / 2013-07-11 Bug fixes: * Fixed building of extensions that run ruby in their makefiles. Bug #589 by Zachary Salzbank. === 2.0.4 / 2013-07-09 Bug fixes: * Fixed error caused by gem install not finding the right platform for your platform. Bug #576 by John Anderson * Fixed pushing gems with the default host. Bug #495 by Utkarsh Kukreti * Improved unhelpful error message from `gem owner --remove`. Bug #488 by Steve Klabnik * Fixed typo in `gem spec` help. Pull request #563 by oooooooo * Fixed creation of build_info with --install-dir. Bug #457 by VÃt Ondruch. * RubyGems converts non-string dependency names to strings now. Bug #505 by Terence Lee * Outdated prerelease versions are now listed in `gem outdated`. * RubyGems now only calls fsync() on the specification when installing, not every file from the gem. This improves the performance of gem installation on some systems. Pull Request #556 by Grzesiek Kolodziejczyk * Removed surprise search term anchoring in `gem search` to restore 1.8-like search behavior while still defaulting to --remote. Pull request #562 by Ben Bleything * Fixed handling of DESTDIR when building extensions. Pull request #573 by Akinori MUSHA * Fixed documentation of `gem pristine` defaults (--all is not a default). Pull request #577 by Shannon Skipper * Fixed a windows extension-building test failure. Pull request #575 by Hiroshi Shirosaki * Fixed issue with `gem update` where it would attempt to use a Version instead of a Requirement to find the latest gem. Fixes #570 by Nick Cox. * RubyGems now ignores an empty but set RUBYGEMS_HOST environment variable. Based on pull request #558 by Robin Dupret. * Removed duplicate creation of gem subdirectories in Gem::DependencyInstaller. Pull Request #456 by VÃt Ondruch * RubyGems now works with Ruby built with `--with-ruby-version=''`. Pull Request #455 by VÃt Ondruch * Fixed race condition when two threads require the same gem. Ruby bug report #8374 by Joel VanderWerf * Cleaned up siteconf between extension build and extension install. Pull request #587 by Dominic Cleal * Fix deprecation warnings when converting gemspecs to yaml. Ruby commit r41148 by Yui Naruse
New packages: