Subject: CVS commit: [pkgsrc-2021Q2] pkgsrc/lang
From: Benny Siegert
Date: 2021-07-12 14:40:18
Message id: 20210712124018.CF18FFA95@cvs.NetBSD.org

Log Message:
Pullup ticket #6483 - requested by taca
lang/ruby26: security fix

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.232
- lang/ruby26-base/distinfo                                     1.11

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jul  7 15:15:19 UTC 2021

   Modified Files:
   	pkgsrc/lang/ruby: rubyversion.mk
   	pkgsrc/lang/ruby26-base: distinfo

   Log Message:
   lang/ruby26-base: update to 2.6.8

   Ruby 2.6.8 has been released.

   This release includes security fixes.  Please check the topics below
   for details.

   * CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
   * CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
   * CVE-2021-31799: A command injection vulnerability in RDoc

   We ordinally do not fix Ruby 2.6 except security fixes, but this
   release also includes some regressed bugs and build problem fixes.
   See the commit logs for details.

   Ruby 2.6 is now under the state of the security maintenance phase,
   until the end of March of 2022.  After that date, maintenance of Ruby
   2.6 will be ended.  We recommend you start planning the migration to
   newer versions of Ruby, such as 3.0 or 2.7.

Files:
RevisionActionfile
1.231.2.1modifypkgsrc/lang/ruby/rubyversion.mk
1.10.2.1modifypkgsrc/lang/ruby26-base/distinfo