Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2021-07-12 14:40:18 by Benny Siegert | Files touched by this commit (2) | |
Log message:
Pullup ticket #6483 - requested by taca
lang/ruby26: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.232
- lang/ruby26-base/distinfo 1.11
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jul 7 15:15:19 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26-base: distinfo
Log message:
lang/ruby26-base: update to 2.6.8
Ruby 2.6.8 has been released.
This release includes security fixes. Please check the topics below
for details.
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
We ordinally do not fix Ruby 2.6 except security fixes, but this
release also includes some regressed bugs and build problem fixes.
See the commit logs for details.
Ruby 2.6 is now under the state of the security maintenance phase,
until the end of March of 2022. After that date, maintenance of Ruby
2.6 will be ended. We recommend you start planning the migration to
newer versions of Ruby, such as 3.0 or 2.7.
|
Next | Query returned 1 messages, browsing 1 to 10 | previous