Path to this page:
Subject: CVS commit: pkgsrc/textproc/ruby-rexml
From: Takahiro Kambe
Date: 2021-06-01 17:33:58
Message id: 20210601153358.E3F65FA95@cvs.NetBSD.org
Log Message:
textproc/ruby-rexml: update to 3.2.5
3.2.5 (2021-04-05)
Improvements
* Add more validations to XPath parser.
* require "rexml/document" by default. [GitHub#36][Patch by Koichi ITO]
* Don't add #dclone method to core classes globally. [GitHub#37][Patch by
Akira Matsuda]
* Add more documentations. [Patch by Burdette Lamar]
* Added REXML::Elements#parent. [GitHub#52][Patch by Burdette Lamar]
Fixes
* Fixed a bug that REXML::DocType#clone doesn't copy external ID
information.
* Fixed round-trip vulnerability bugs. See also:
\
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
[HackerOne#1104077][CVE-2021-28965][Reported by Juho Nurminen]
Thanks
* Koichi ITO
* Akira Matsuda
* Burdette Lamar
* Juho Nurminen
Files: