Next | Query returned 29 messages, browsing 21 to 30 | previous

History of commit frequency

CVS Commit History:


   2018-02-19 17:46:58 by Takahiro Kambe | Files touched by this commit (2)
Log message:
lang/ruby24-base: rubygem security fix

Add an patch to fix security problem of rubygems.

Bump PKGREVISION.
   2018-01-26 14:22:58 by Jonathan Perkin | Files touched by this commit (3)
Log message:
ruby24-base: Put -std= in CFLAGS not CPPFLAGS.  Bump PKGREVISION.
   2018-01-16 15:53:28 by Jonathan Perkin | Files touched by this commit (8)
Log message:
ruby*-base: Don't add SSP flags, leave that to pkgsrc.
   2017-12-15 04:23:29 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
lang/ruby24-base: update to 2.4.3

Update ruby24-base/ruby24 to 2.4.3.

Ruby 2.4.3 Released
Posted by nagachika on 14 Dec 2017

Ruby 2.4.3 has been released.

This release includes some bug fixes and a security fix.

* CVE-2017-17405: Command injection vulnerability in Net::FTP

There are also som bug fixes. See commit logs for more details.
   2017-09-15 02:39:46 by Takahiro Kambe | Files touched by this commit (4)
Log message:
ruby24-base: Update ruby24-base and ruby24 to 2.4.2.

Ruby 2.4.2 Released			Posted by nagachika on 14 Sep 2017

We are pleased to announce the release of Ruby 2.4.2. This release contains
some security fixes.

* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
  authentication of WEBrick

* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docod

* CVE-2017-14064: Heap exposure in generating JSON

* Multiple vulnerabilities in RubyGems

* Update bundled libyaml to version 0.1.7.

There are also many bug-fixes. See commit logs for more details.
   2017-08-30 05:33:39 by Takahiro Kambe | Files touched by this commit (2)
Log message:
Add patch to fix vulnerabilities of rubygems.

https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

* a DNS request hijacking vulnerability
* an ANSI escape sequence vulnerability
* a DoS vulernerability in the query command
* a vulnerability in the gem installer that allowed a malicious gem to
  overwrite arbitrary files

Bump PKGREVISION.
   2017-06-27 17:25:19 by Jonathan Perkin | Files touched by this commit (3)
Log message:
Ruby changed the primary -std flag for enabling C99 from iso9899:1999 to
gnu99 but left an existing SunOS test to only check for iso9899:1999.  This
resulted in CPPFLAGS not being set correctly for modules which require
native compilation - those should now all be fixed.  Bump PKGREVISION.
   2017-06-19 13:11:34 by Jonathan Perkin | Files touched by this commit (1)
Log message:
Requires c99 for signbit().
   2017-06-18 15:45:11 by Takahiro Kambe | Files touched by this commit (29)
Log message:
Add ruby24-base (Ruby 2.4.1 core) to pkgsrc.

Ruby 2.4.1						22 Mar 2017

Ruby 2.4.1 is the first TEENY version release of the stable 2.4 series.

See commit logs for details:
	https://github.com/ruby/ruby/compare/v2_4_0...v2_4_1

Ruby 2.4.0						25 Dec 2016

o Introduce hash table improvement (by Vladimir Makarov)

  Improve the internal structure of hash table (st_table) by introducing open
  addressing and an inclusion order array. This improvement has been discussed
  with many people, especially with Yura Sokolov.

o Binding#irb: Start a REPL session similar to binding.pry

  While you are debugging, you may often use p to see the value of
  variables. With pry you can use binding.pry in your application to launch a
  REPL and run any Ruby code. r56624 introduces binding.irb which behaves like
  that with irb.

o Unify Fixnum and Bignum into Integer

  Though ISO/IEC 30170:2012 doesn¡Çt specify details of the Integer class,
  Ruby had two visible Integer classes: Fixnum and Bignum. Ruby 2.4 unifies
  them into Integer. All C extensions which touch the Fixnum or Bignum class
  need to be fixed.

  See also the ticket and akr¡Çs slides.

o String supports Unicode case mappings

  String/Symbol#upcase/downcase/swapcase/capitalize(!) now handle Unicode case
  mappings instead of only ASCII case mappings.

o Performance improvements

  Ruby 2.4 also contains the following performance improvements including
  language changes:

  * Array#max, Array#min

    [x, y].max and [x, y].min are optimized to not create a temporary array
    under certain conditions.

  * Regexp#match?

    Added Regexp#match?, which executes a regexp match without creating a back
    reference object and changing $~ to reduce object allocation.

  * Other performance improvements

    - speed up instance variable access

o Debugging

  * Thread#report_on_exception and Thread.report_on_exception

    Ruby ignores exceptions in threads unless another thread explicitly joins
    them. With report_on_exception = true, you can notice if a thread has died
    due to an unhandled exception.

    Send us feedback what should be the default for report_on_exception and
    about report-on-GC, which shows a report when a thread is garbage
    collected without join.

  * Thread deadlock detection now shows threads with their backtrace and
    dependency

    Ruby has deadlock detection around waiting threads, but its report
    doesn¡Çt include enough information for debugging. Ruby 2.4¡Çs deadlock
    detection shows threads with their backtrace and dependent threads.

o Other notable changes since 2.3

  * Support OpenSSL 1.1.0 (drop support for 0.9.7 or prior)
  * ext/tk is now removed from stdlib Feature #8539
  * XMLRPC is now removed from stdlib Feature #12160

  See NEWS or commit logs for details.

Next | Query returned 29 messages, browsing 21 to 30 | previous