Navigation:
Browse pkgsrc
(this page)
www ruby-rai..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030) |
Log message: www: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts): www/nghttp2/distinfo Unfetchable distfiles (almost certainly fetched conditionally...): ./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx-devel/distinfo naxsi-1.3.tar.gz ./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx-devel/distinfo njs-0.5.0.tar.gz ./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz ./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx/distinfo naxsi-1.3.tar.gz ./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx/distinfo njs-0.5.0.tar.gz ./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz |
| 2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033) |
Log message: www: Remove SHA1 hashes for distfiles |
2021-07-04 08:24:47 by Takahiro Kambe | Files touched by this commit (12) |  |
Log message: www/ruby-rails52: update to 5.2.6 Ruby on Rails 5.2.6 (2021-05-05) There are changes in www/ruby-actionpack52 only, including security fix. Action Pack * Accept base64_urlsafe CSRF tokens to make forward compatible. Base64 strict-encoded CSRF tokens are not inherently websafe, which makes them difficult to deal with. For example, the common practice of sending the CSRF token to a browser in a client-readable cookie does not work properly out of the box: the value has to be url-encoded and decoded to survive transport. In this version, we generate Base64 urlsafe-encoded CSRF tokens, which are inherently safe to transport. Validation accepts both urlsafe tokens, and strict-encoded tokens for backwards compatibility. How the tokes are encoded is controllr by the action_controller.urlsafe_csrf_tokens config. In Rails 5.2.5, the CSRF token format was accidentally changed to urlsafe-encoded. Atention: If you already upgraded your application to 5.2.5, set the config urlsafe_csrf_tokens to true, otherwise your form submission will start to fail during the deploy of this new version. Rails.application.config.action_controller.urlsafe_csrf_tokens = true If you are upgrading from 5.2.4.x, you don't need to change this configuration. Scott Blum, Étienne Barrié |
| 2021-04-11 15:20:09 by Takahiro Kambe | Files touched by this commit (13) | |
Log message:
www/ruby-rails52: update to 5.2.5
Real changes are in devel/ruby-activestorage52 only.
## Rails 5.2.5 (March 26, 2021) ##
* Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
mime types data.
*George Claghorn*
* The Poppler PDF previewer renders a preview image using the original
document's crop box rather than its media box, hiding print margins. This
matches the behavior of the MuPDF previewer.
*Vincent Robert*
|
| 2021-02-11 15:26:21 by Takahiro Kambe | Files touched by this commit (1) |
Log message: www/rails52: reset PKGREVISION |
| 2021-02-11 15:23:42 by Takahiro Kambe | Files touched by this commit (12) | |
Log message:
www/rails52: update to 5.2.4.5
## Rails 5.2.4.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
|
| 2020-09-13 16:52:32 by Takahiro Kambe | Files touched by this commit (1) | |
Log message: www/ruby-rails52: fix dependency * Fix dependency to to ruby-bundler, "RUBY_VER < 26" instead of "RUBY_VER != 26". * There is no need to stay on misc/ruby-bundler1 and switch to depends on misc/ruby-bundler. Bump PKGREVISION |
| 2020-09-10 16:13:12 by Takahiro Kambe | Files touched by this commit (12) | |
Log message:
www/ruby-rails52: update to 5.2.4.4
Update Ruby on Rails 52 to 5.2.4.4.
Security fix in ruby-actionview52.
## Rails 5.2.4.4 (September 09, 2020) ##
* [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper
*Jonathan Hefner*
|
New packages: