Next | Query returned 40 messages, browsing 11 to 20 | Previous

History of commit frequency

CVS Commit History:


   2018-01-16 15:53:28 by Jonathan Perkin | Files touched by this commit (8)
Log message:
ruby*-base: Don't add SSP flags, leave that to pkgsrc.
   2017-12-15 04:26:03 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
lang/ruby22-base: update to 2.2.9

Ruby 2.2.9 Released
Posted by usa on 14 Dec 2017

Ruby 2.2.9 has been released. This release includes several security
fixes. Please check the topics below for details.

* CVE-2017-17405: Command injection vulnerability in Net::FTP
* Unsafe Object Deserialization Vulnerability in RubyGems

Ruby 2.2 is now under the state of the security maintenance phase, until the
end of the March of 2018. After the date, maintenance of Ruby 2.2 will be
ended. We recommend you start planning migration to newer versions of Ruby,
such as 2.4 or 2.3.
   2017-09-15 02:33:59 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Update ruby22-base and ruby22 packages to 2.2.8.

pkgsrc change: clean up PILST.

Ruby 2.2.8 Released			Posted by usa on 14 Sep 2017

Ruby 2.2.8 has been released. This release includes several security
fixes. Please check the topics below for details.

* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
  authentication of WEBrick

* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docode

* CVE-2017-14064: Heap exposure vulnerability in generating JSON

* Multiple vulnerabilities in RubyGems

* Updated bundled libyaml to version 0.1.7

Ruby 2.2 is now under the state of the security maintenance phase, until the
endo of the March of 2018. After the date, maintenance of Ruby 2.2 will be
ended. We recommend you start planning migration to newer versions of Ruby,
such as 2.4 or 2.3.
   2017-08-30 05:32:55 by Takahiro Kambe | Files touched by this commit (2)
Log message:
Add patch to fix vulnerabilities of rubygems.

https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

* a DNS request hijacking vulnerability
* an ANSI escape sequence vulnerability
* a DoS vulernerability in the query command
* a vulnerability in the gem installer that allowed a malicious gem to
  overwrite arbitrary files

Bump PKGREVISION.
   2017-07-06 18:35:05 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Fix build problem when PKGSRC_USE_RELRO is not "no".

* Pass LDFLAGS to LIBRUBY_DLDFLAGS via DLDFLAGS as Ruby 2.4 dose.
   2017-05-30 17:46:22 by Takahiro Kambe | Files touched by this commit (10)
Log message:
Replace RUBY_VERSION_FULL with RUBY_VERSION since there is no
RUBY_VERSION_FULL contains Ruby's patchlevel.
   2017-04-09 17:49:50 by Takahiro Kambe | Files touched by this commit (9) | Package removed
Log message:
Update ruby22-base and ruby22 to 2.2.7.

Ruby 2.2.7 Released					2017/3/28

Ruby 2.2.7 has been released.

This release includes about 70 bug fixes after the previous release. See the
ChangeLog for details.

After this release, we will end the normal maintenance phase of Ruby 2.2, and
start the security maintenance phase of it.  This means that after the release
of 2.2.7 we will never backport any bug fixes to 2.2 except security fixes.
The term of the security maintenance phase is scheduled for 1 year.  By the
end of this term, official support of Ruby 2.2 will be over.  Therefore, we
recommend that you start planning to upgrade to Ruby 2.4 or 2.3.
   2016-12-05 16:02:25 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Update ruby22{,-base,gdbm,fiddle,readline,tk} to 2.2.6.

pkgsrc change: rubygems dose not blame open-ended dependency unless verbose
option is enabled.

Ruby 2.2.6 Released				Posted by usa on 15 Nov 2016

Ruby 2.2.6 has been released.

This release includes new SSL certificates for RubyGems. And, this also
includes about 80 bug fixes after the previous release. See the ChangeLog for
details.
   2016-11-13 16:14:20 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Trying to move common configuration to common place.
   2016-09-08 17:19:19 by Joerg Sonnenberger | Files touched by this commit (42)
Log message:
Rename RUBY_VERSION_SUPPORTED into _RUBY_VERSIONS_ACCEPTED to follow the
naming scheme of the other multi-version packages. Add support for the
coorresponding RUBY_VERSIONS_INCOMPATIBLE list.

Next | Query returned 40 messages, browsing 11 to 20 | Previous