Path to this page:
Subject: CVS commit: pkgsrc/lang
From: Takahiro Kambe
Date: 2021-07-07 17:15:19
Message id: 20210707151519.53DAAFA95@cvs.NetBSD.org
Log Message:
lang/ruby26-base: update to 2.6.8
Ruby 2.6.8 has been released.
This release includes security fixes. Please check the topics below
for details.
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
We ordinally do not fix Ruby 2.6 except security fixes, but this
release also includes some regressed bugs and build problem fixes.
See the commit logs for details.
Ruby 2.6 is now under the state of the security maintenance phase,
until the end of March of 2022. After that date, maintenance of Ruby
2.6 will be ended. We recommend you start planning the migration to
newer versions of Ruby, such as 3.0 or 2.7.
Files: