Subject: CVS commit: pkgsrc/lang
From: Takahiro Kambe
Date: 2018-10-18 16:24:07
Message id: 20181018142407.6850FFBEE@cvs.NetBSD.org

Log Message:
lang/ruby23-base: update o 2.3.8

Ruby 2.3.8 Released

Ruby 2.3.8 has been released. This release includes several security
fixes. Please check the topics below for details.

* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
  String#unpack with some directives

* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
  correctly This release also includes a non-security fix to support
  Visual Studio 2014 with Windows 10 October 2018 Update for
  maintenance reasons.

Ruby 2.3 is now under the state of the security maintenance phase,
until the end of the March of 2019. After the date, maintenance of
Ruby 2.3 will be ended. We recommend you start planning migration to
newer versions of Ruby, such as 2.5 or 2.4.

Files:
RevisionActionfile
1.198modifypkgsrc/lang/ruby/rubyversion.mk
1.17modifypkgsrc/lang/ruby23-base/distinfo