Next | Query returned 22 messages, browsing 11 to 20 | Previous

History of commit frequency

CVS Commit History:


   2022-05-05 05:31:02 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/ruby-activestorage61: update to 6.1.5.1

## Rails 6.1.5.1 (April 26, 2022) ##

*   No changes.

## Rails 6.1.5 (March 09, 2022) ##

*   Attachments can be deleted after their association is no longer defined.

    Fixes #42514

    *Don Sisco*
   2022-03-27 08:30:00 by Thomas Klausner | Files touched by this commit (24)
Log message:
ruby*: fix rails version in COMMENT
   2022-03-13 16:11:52 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.4.7

Ruby on Rails 6.1.4.7 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.

Changes are in devel/ruby-activestorage61 only.

## Rails 6.1.4.7 (March 08, 2022) ##

* Added image transformation validation via configurable allow-list.

 Variant now offers a configurable allow-list for
 transformation methods in addition to a configurable deny-list for arguments.

 [CVE-2022-21831]
   2022-02-13 08:35:06 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.4.6

This update contains security fix for CVE-2022-23633 in ruby-actionpack61.

Active Support 6.1.4.6 (2022-02-11)

* Fix Reloader method signature to work with the new Executor signature.

Action Pack 6.1.4.5 (2022-02-11)

* Under certain circumstances, the middleware isn't informed that the
  response body has been fully closed which result in request state
  not being fully reset before the next request.

  [CVE-2022-23633]

Other packages have no change.
   2021-12-19 06:27:53 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/ruby-activestorage61: update to 6.1.4.4

pkgsrc change: update comment outed dependency.

No change except version.
   2021-10-26 12:20:11 by Nia Alarie | Files touched by this commit (3016)
Log message:
archivers: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Could not be committed due to merge conflict:
devel/py-traitlets/distinfo

The following distfiles were unfetchable (note: some may be only fetched
conditionally):

./devel/pvs/distinfo pvs-3.2-solaris.tgz
./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip
   2021-10-07 15:44:44 by Nia Alarie | Files touched by this commit (3017)
Log message:
devel: Remove SHA1 hashes for distfiles
   2021-07-04 10:02:54 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/ruby-activestorage61: update to 6.1.4

Active Storage

* The parameters sent to ffmpeg for generating a video preview image
  are now configurable under
  config.active_storage.video_preview_arguments.  (Brendon Muir)

* Fix Active Storage update task when running in an engine.  (Justin
  Malčić*)

* Don't raise an error if the mime type is not recognized.  Fixes
  #41777.  (Alex Ghiculescu)

* ActiveStorage::PreviewError is raised when a previewer is unable to
  generate a preview image.  (Alex Robbin)

* respond with 404 given invalid variation key when asking for
  representations.  (George Claghorn)

* Blob creation shouldn't crash if no service selected.  (Alex
  Ghiculescu)
   2021-05-08 16:08:57 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.3.2

Real changes are in www/ruby-actionpack61 only.

## Rails 6.1.3.2 (May 05, 2021) ##

*   Prevent open redirects by correctly escaping the host allow list
    CVE-2021-22903

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*
   2021-04-11 15:28:02 by Takahiro Kambe | Files touched by this commit (15) | Package updated
Log message:
www/ruby-rails61: update to 6.1.3.1

Real changes are in devel/devel/ruby-activestorage61 only.

## Rails 6.1.3.1 (March 26, 2021) ##

*  Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
   mime types data.

   *George Claghorn*

Next | Query returned 22 messages, browsing 11 to 20 | Previous