Subject: CVS commit: pkgsrc/lang
From: Takahiro Kambe
Date: 2013-02-22 17:20:48
Message id: 20130222162048.C30D5175DD@cvs.netbsd.org

Log Message:
Update ruby193-base package (and related) to 1.9.3-p392.
Security problem of CVE-2013-0269 was already handled but REXML security
problem is fixed by this package.

Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

This release includes security fixes about bundled JSON and REXML.

* Denial of Service and Unsafe Object Creation Vulnerability in JSON
  (CVE-2013-0269)
* Entity expansion DoS vulnerability in REXML (XML bomb)

And some small bugfixes are also included.

Files:
RevisionActionfile
1.95modifypkgsrc/lang/ruby/rubyversion.mk
1.26modifypkgsrc/lang/ruby193-base/Makefile
1.18modifypkgsrc/lang/ruby193-base/distinfo
1.1removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_add_core.rb
1.1removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_common.rb
1.1removepkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_version.rb
1.1removepkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.c
1.1removepkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.rl
1.1removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json.rb
1.1removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__addition.rb
1.1removepkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__string__matching.rb