summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortaca <taca@pkgsrc.org>2012-04-29 16:11:17 +0000
committertaca <taca@pkgsrc.org>2012-04-29 16:11:17 +0000
commitd178ba6939a46194534a5a6be4d1a51876b55fc8 (patch)
tree4537c36b784cfec8fb6433af79f1d7a77f636150
parent93ad96561f0ee239d6a565739d488fe777c407f5 (diff)
downloadpkgsrc-d178ba6939a46194534a5a6be4d1a51876b55fc8.tar.gz
Update ruby-mechanize to 2.4.
=== 2.4 * Security fix: Mechanize#auth and Mechanize#basic_auth allowed disclosure of passwords to malicious servers and have been removed. In prior versions of mechanize only one set of HTTP authentication credentials were allowed for all connections. If a mechanize instance connected to more than one server then a malicious server detecting mechanize could ask for HTTP Basic authentication. This would expose the username and password intended only for one server. Mechanize#auth and Mechanize#basic_auth now warn when used. To fix the warning switch to Mechanize#add_auth which requires at the URI the credentials are intended for, the username and the password. Optionally an HTTP authentication realm or NTLM domain may be provided. * Minor enhancement * Improved exception messages for 401 Unauthorized responses. Mechanize now tells you if you were missing credentials, had an incorrect password, etc.
Diffstat
-rw-r--r--www/ruby-mechanize/Makefile12
-rw-r--r--www/ruby-mechanize/PLIST4
-rw-r--r--www/ruby-mechanize/distinfo8
3 files changed, 13 insertions, 11 deletions
diff --git a/www/ruby-mechanize/Makefile b/www/ruby-mechanize/Makefile
index e2cc41e43ce..ee3724ee3c9 100644
--- a/www/ruby-mechanize/Makefile
+++ b/www/ruby-mechanize/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.7 2012/03/01 01:24:48 minskim Exp $
+# $NetBSD: Makefile,v 1.8 2012/04/29 16:11:17 taca Exp $
-DISTNAME= mechanize-2.3
+DISTNAME= mechanize-2.4
CATEGORIES= www
MAINTAINER= minskim@NetBSD.org
@@ -10,12 +10,12 @@ LICENSE= mit
PKG_DESTDIR_SUPPORT= user-destdir
-DEPENDS+= ${RUBY_PKGPREFIX}-domain_name>=0.5.1:../../net/ruby-domain_name
-DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.17:../../mail/ruby-mime-types
+DEPENDS+= ${RUBY_PKGPREFIX}-domain_name>=0.5<1:../../net/ruby-domain_name
+DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.17<2:../../mail/ruby-mime-types
DEPENDS+= ${RUBY_PKGPREFIX}-net-http-digest_auth>=1.1<2:../../www/ruby-net-http-digest_auth
-DEPENDS+= ${RUBY_PKGPREFIX}-net-http-persistent>=2.5:../../www/ruby-net-http-persistent
+DEPENDS+= ${RUBY_PKGPREFIX}-net-http-persistent>=2.5<3:../../www/ruby-net-http-persistent
DEPENDS+= ${RUBY_PKGPREFIX}-nokogiri>=1.4<2:../../textproc/ruby-nokogiri
-DEPENDS+= ${RUBY_PKGPREFIX}-ntlm-http>=0.1.1:../../www/ruby-ntlm-http
+DEPENDS+= ${RUBY_PKGPREFIX}-ntlm-http>=0.1<1:../../www/ruby-ntlm-http
DEPENDS+= ${RUBY_PKGPREFIX}-webrobots>=0.0<1:../../www/ruby-webrobots
.include "../../lang/ruby/gem.mk"
diff --git a/www/ruby-mechanize/PLIST b/www/ruby-mechanize/PLIST
index 19ccbc5c230..1aa4adfbefe 100644
--- a/www/ruby-mechanize/PLIST
+++ b/www/ruby-mechanize/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7 2012/03/01 01:24:48 minskim Exp $
+@comment $NetBSD: PLIST,v 1.8 2012/04/29 16:11:17 taca Exp $
${GEM_HOME}/cache/${GEM_NAME}.gem
${GEM_LIBDIR}/.autotest
${GEM_LIBDIR}/.gemtest
@@ -49,6 +49,7 @@ ${GEM_LIBDIR}/lib/mechanize/http.rb
${GEM_LIBDIR}/lib/mechanize/http/agent.rb
${GEM_LIBDIR}/lib/mechanize/http/auth_challenge.rb
${GEM_LIBDIR}/lib/mechanize/http/auth_realm.rb
+${GEM_LIBDIR}/lib/mechanize/http/auth_store.rb
${GEM_LIBDIR}/lib/mechanize/http/content_disposition_parser.rb
${GEM_LIBDIR}/lib/mechanize/http/www_authenticate_parser.rb
${GEM_LIBDIR}/lib/mechanize/image.rb
@@ -148,6 +149,7 @@ ${GEM_LIBDIR}/test/test_mechanize_history.rb
${GEM_LIBDIR}/test/test_mechanize_http_agent.rb
${GEM_LIBDIR}/test/test_mechanize_http_auth_challenge.rb
${GEM_LIBDIR}/test/test_mechanize_http_auth_realm.rb
+${GEM_LIBDIR}/test/test_mechanize_http_auth_store.rb
${GEM_LIBDIR}/test/test_mechanize_http_content_disposition_parser.rb
${GEM_LIBDIR}/test/test_mechanize_http_www_authenticate_parser.rb
${GEM_LIBDIR}/test/test_mechanize_image.rb
diff --git a/www/ruby-mechanize/distinfo b/www/ruby-mechanize/distinfo
index eff86b4ee88..e66da17bb0e 100644
--- a/www/ruby-mechanize/distinfo
+++ b/www/ruby-mechanize/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.6 2012/03/01 01:24:48 minskim Exp $
+$NetBSD: distinfo,v 1.7 2012/04/29 16:11:17 taca Exp $
-SHA1 (mechanize-2.3.gem) = 316c852afcc832ed7b3be6893ec5ca11870c4c0a
-RMD160 (mechanize-2.3.gem) = 46d6e26c7e925605a9c9a60617f70ffc922a8770
-Size (mechanize-2.3.gem) = 121856 bytes
+SHA1 (mechanize-2.4.gem) = f98030962922b13af1d8a61086ed25efbb335b3b
+RMD160 (mechanize-2.4.gem) = 71a1d805e8cf0c5052f96533f57dcf629e0df72d
+Size (mechanize-2.4.gem) = 124928 bytes
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 05:54:46 +0000