Subject: CVS commit: pkgsrc/www/ruby-http
From: Takahiro Kambe
Date: 2015-03-28 05:32:15
Message id: 20150328043216.0BAF698@cvs.netbsd.org
Log Message:
Update ruby-http to 0.7.3, security fix.

## 0.7.3 (2015-03-24)

* SECURITY FIX: http.rb failed to call the #post_connection_check method
  on SSL connections. This method implements hostname verification, and
  without it http.rb was vulnerable to MitM attacks. The problem was
  corrected by calling #post_connection_check (CVE-2015-1828)
Files:
RevisionActionfile
1.5modifypkgsrc/www/ruby-http/Makefile
1.5modifypkgsrc/www/ruby-http/PLIST
1.5modifypkgsrc/www/ruby-http/distinfo