Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Pullup ticket #5862 - requested by taca
lang/ruby: security update
lang/ruby23-base: security update
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.198
- lang/ruby23-base/distinfo 1.17
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Oct 18 14:24:07 UTC 2018
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby23-base: distinfo
Log Message:
lang/ruby23-base: update o 2.3.8
Ruby 2.3.8 Released
Ruby 2.3.8 has been released. This release includes several security
fixes. Please check the topics below for details.
* CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
correctly This release also includes a non-security fix to support
Visual Studio 2014 with Windows 10 October 2018 Update for
maintenance reasons.
Ruby 2.3 is now under the state of the security maintenance phase,
until the end of the March of 2019. After the date, maintenance of
Ruby 2.3 will be ended. We recommend you start planning migration to
newer versions of Ruby, such as 2.5 or 2.4.
To generate a diff of this commit:
cvs rdiff -u -r1.197 -r1.198 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.16 -r1.17 pkgsrc/lang/ruby23-base/distinfo
| Revision | Action | file |
| 1.195.6.3 | modify | pkgsrc/lang/ruby/rubyversion.mk |
| 1.16.6.1 | modify | pkgsrc/lang/ruby23-base/distinfo |