Subject: CVS commit: pkgsrc
From: Takahiro Kambe
Date: 2021-05-08 16:08:57
Message id: 20210508140857.66F51FA95@cvs.NetBSD.org

Log Message:
www/ruby-rails61: update to 6.1.3.2

Real changes are in www/ruby-actionpack61 only.

## Rails 6.1.3.2 (May 05, 2021) ##

*   Prevent open redirects by correctly escaping the host allow list
    CVE-2021-22903

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*

Files:
RevisionActionfile
1.4modifypkgsrc/www/ruby-rails61/distinfo
1.4modifypkgsrc/www/ruby-actionview61/distinfo
1.4modifypkgsrc/www/ruby-actionpack61/distinfo
1.4modifypkgsrc/www/ruby-actioncable61/distinfo
1.4modifypkgsrc/textproc/ruby-actiontext61/distinfo
1.4modifypkgsrc/mail/ruby-actionmailer61/distinfo
1.4modifypkgsrc/mail/ruby-actionmailbox61/distinfo
1.100modifypkgsrc/lang/ruby/rails.mk
1.4modifypkgsrc/devel/ruby-railties61/distinfo
1.4modifypkgsrc/devel/ruby-activesupport61/distinfo
1.4modifypkgsrc/devel/ruby-activestorage61/distinfo
1.4modifypkgsrc/devel/ruby-activemodel61/distinfo
1.4modifypkgsrc/devel/ruby-activejob61/distinfo
1.4modifypkgsrc/databases/ruby-activerecord61/distinfo