Pullup ticket #6444 - requested by taca

lang/ruby27-base: security fix, bugfix Revisions pulled up: - lang/ruby/rubyversion.mk 1.229 - lang/ruby27-base/ALTERNATIVES 1.2 - lang/ruby27-base/PLIST 1.4 - lang/ruby27-base/distinfo 1.4 - lang/ruby27-base/patches/patch-configure 1.2 - lang/ruby27-base/patches/patch-lib_rubygems.rb 1.2 --- Module Name: pkgsrc Committed By: taca Date: Sun Apr 11 12:32:03 UTC 2021 Modified Files: pkgsrc/lang/ruby: rubyversion.mk pkgsrc/lang/ruby27-base: PLIST distinfo pkgsrc/lang/ruby27-base/patches: patch-configure patch-lib_rubygems.rb Log Message: lang/ruby27-base: update to 2.7.3 Ruby 2.7.3 Released (2021-04-05) This release includes security fixes. Please check the topics below for details. * CVE-2021-28965: XML round-trip vulnerability in REXML * CVE-2021-28966: Path traversal in Tempfile on Windows See the commit logs for details. --- Module Name: pkgsrc Committed By: taca Date: Sun Apr 11 13:00:38 UTC 2021 Modified Files: pkgsrc/lang/ruby27-base: ALTERNATIVES Log Message: lang/ruby27-base: fix ALTERNATIVES file
author: bsiegert <bsiegert@pkgsrc.org> 2021-04-15 07:38:17 +0000
committer: bsiegert <bsiegert@pkgsrc.org> 2021-04-15 07:38:17 +0000
commit: 12288c605acfc5812d40c616a832999a7c0e2177 (patch)
tree: fd6c08fca49294dd45fb3f23c2a9e93700aa8a14
parent: 9571220f23a5f05df0c6c96f3c9281eb8289dcc7 (diff)
download: pkgsrc-12288c605acfc5812d40c616a832999a7c0e2177.tar.gz
6 files changed, 40 insertions, 44 deletions
diff --git a/lang/ruby/rubyversion.mk b/lang/ruby/rubyversion.mk
index a74de8fe9ad..ba42b61f098 100644
--- a/lang/ruby/rubyversion.mk
+++ b/lang/ruby/rubyversion.mk
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.225.2.2 2021/04/15 07:10:45 bsiegert Exp $
+# $NetBSD: rubyversion.mk,v 1.225.2.3 2021/04/15 07:38:17 bsiegert Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -215,7 +215,7 @@ RUBY_VERSION_REQD?=	${PKGNAME_REQD:C/ruby([0-9][0-9])-.*/\1/}
 # current supported Ruby's version
 RUBY25_VERSION=		2.5.9
 RUBY26_VERSION=		2.6.7
-RUBY27_VERSION=		2.7.2
+RUBY27_VERSION=		2.7.3
 RUBY30_VERSION=		3.0.0
 
 # current API compatible version; used for version of shared library
@@ -388,13 +388,13 @@ RUBY_OPENSSL_VERSION=		2.1.2
 RUBY_OSTRUCT_VERSION=		0.2.0
 RUBY_PRIME_VERSION=		0.1.1
 RUBY_PSYCH_VERSION=		3.1.0
-RUBY_REXML_VERSION=		3.2.3
+RUBY_REXML_VERSION=		3.2.3.1
 RUBY_RSS_VERSION=		0.2.8
 RUBY_SDBM_VERSION=		1.0.0
 RUBY_STRINGIO_VERSION=		0.1.0
 RUBY_STRSCAN_VERSION=		1.0.3
 RUBY_TRACER_VERSION=		0.1.0
-RUBY_WEBRICK_VERSION=		1.6.0
+RUBY_WEBRICK_VERSION=		1.6.1
 RUBY_ZLIB_VERSION=		1.1.0
 
 RUBY_SUFFIX=	${_RUBY_VER_MAJOR}${_RUBY_VER_MINOR}
diff --git a/lang/ruby27-base/ALTERNATIVES b/lang/ruby27-base/ALTERNATIVES
index 46f591aa1dd..134164905bc 100644
--- a/lang/ruby27-base/ALTERNATIVES
+++ b/lang/ruby27-base/ALTERNATIVES
@@ -5,6 +5,7 @@ bin/gem @PREFIX@/bin/gem@RUBY_SUFFIX@
 bin/irb @PREFIX@/bin/irb@RUBY_SUFFIX@
 bin/racc @PREFIX@/bin/racc@RUBY_SUFFIX@
 bin/racc2y @PREFIX@/bin/racc2y@RUBY_SUFFIX@
+bin/rake @PREFIX@/bin/rake@RUBY_SUFFIX@
 bin/rdoc @PREFIX@/bin/rdoc@RUBY_SUFFIX@
 bin/ri @PREFIX@/bin/ri@RUBY_SUFFIX@
 bin/ruby @PREFIX@/bin/@RUBY_NAME@
diff --git a/lang/ruby27-base/PLIST b/lang/ruby27-base/PLIST
index c351280a54d..c1a79f5fd58 100644
--- a/lang/ruby27-base/PLIST
+++ b/lang/ruby27-base/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2020/10/04 03:29:25 taca Exp $
+@comment $NetBSD: PLIST,v 1.3.4.1 2021/04/15 07:38:17 bsiegert Exp $
 bin/bundle${RUBY_SUFFIX}
 bin/bundler${RUBY_SUFFIX}
 bin/erb${RUBY_SUFFIX}
@@ -348,6 +348,14 @@ ${RUBY_LIB}/drb/timeridconv.rb
 ${RUBY_LIB}/drb/unix.rb
 ${RUBY_LIB}/drb/weakidconv.rb
 ${RUBY_LIB}/erb.rb
+${RUBY_LIB}/exe/bundle
+${RUBY_LIB}/exe/bundler
+${RUBY_LIB}/exe/irb
+${RUBY_LIB}/exe/racc
+${RUBY_LIB}/exe/racc2y
+${RUBY_LIB}/exe/rdoc
+${RUBY_LIB}/exe/ri
+${RUBY_LIB}/exe/y2racc
 ${RUBY_LIB}/expect.rb
 ${RUBY_LIB}/fileutils.rb
 ${RUBY_LIB}/find.rb
@@ -1002,6 +1010,8 @@ ${RUBY_LIB}/rubygems/specification_policy.rb
 ${RUBY_LIB}/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem
 ${RUBY_LIB}/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem
 ${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem
 ${RUBY_LIB}/rubygems/stub_specification.rb
 ${RUBY_LIB}/rubygems/syck_hack.rb
 ${RUBY_LIB}/rubygems/test_case.rb
diff --git a/lang/ruby27-base/distinfo b/lang/ruby27-base/distinfo
index 5cd643274f7..c3b47a38be8 100644
--- a/lang/ruby27-base/distinfo
+++ b/lang/ruby27-base/distinfo
@@ -1,15 +1,15 @@
-$NetBSD: distinfo,v 1.3 2020/10/04 03:29:25 taca Exp $
+$NetBSD: distinfo,v 1.3.4.1 2021/04/15 07:38:17 bsiegert Exp $
 
-SHA1 (ruby-2.7.2.tar.xz) = 82a1fe683460caa8edb6199707f2905634e5ffcc
-RMD160 (ruby-2.7.2.tar.xz) = fa7fc107e0c2085bf997d7e4ec78ae5636c6bfe2
-SHA512 (ruby-2.7.2.tar.xz) = 7972278b096aa768c7adf2befd26003e18781a29ca317640317d30d93d6e963ded197724c8e2f1dfe1e838c5647176d414a74732a62e931fb50d6f2e0f777349
-Size (ruby-2.7.2.tar.xz) = 12037052 bytes
-SHA1 (patch-configure) = fd465910fe2cb6d6b1530e1071062591e84a9fd9
+SHA1 (ruby-2.7.3.tar.xz) = ce3d5203d5ab734df01e602c05f68f25249dc3e0
+RMD160 (ruby-2.7.3.tar.xz) = f02628d9137618e6d0833b450cd8e78a06579c31
+SHA512 (ruby-2.7.3.tar.xz) = b755d418b3bab2f9f6a8893afd13869269f17065643dde78b9e85ae3538a6d0617893db6e9c3908e00a40c7577a5c912a7c822d8f245cdcfb857be76dfb66c1e
+Size (ruby-2.7.3.tar.xz) = 12073568 bytes
+SHA1 (patch-configure) = 5ee800f6824b18efd06e56a659235ea784819f2e
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335
 SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
 SHA1 (patch-lib_rdoc_ri_driver.rb) = f4d3e59e35b608acd4edc17916142c7f033e6198
-SHA1 (patch-lib_rubygems.rb) = b38f58a852e920bed77a4be281d3703d26515ad0
+SHA1 (patch-lib_rubygems.rb) = 6f5ff6ca504c38ec3a521027dc4df8fa9d6683c3
 SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 181bb7554d760182588b0e1b0aafb84c317f41ad
 SHA1 (patch-lib_rubygems_defaults.rb) = 79cc5bb308d5ad4ee88f4fbcbb6f40663c05c05d
 SHA1 (patch-lib_rubygems_dependency__installer.rb) = 1776508907f17547ffe93f637d6f18d335061d76
diff --git a/lang/ruby27-base/patches/patch-configure b/lang/ruby27-base/patches/patch-configure
index 4811164ccb0..2bcb84c0f95 100644
--- a/lang/ruby27-base/patches/patch-configure
+++ b/lang/ruby27-base/patches/patch-configure
@@ -1,13 +1,12 @@
-$NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
+$NetBSD: patch-configure,v 1.1.10.1 2021/04/15 07:38:17 bsiegert Exp $
 
 * Adding Interix support.
 * Ignore doxygen.
 * Ignore VCS.
 * Handle SSP in pkgsrc.
 * Put -std= in CFLAGS not CPPFLAGS.
-* Fix argument for pthread_self() on NetBSD.
 
---- configure.orig	2019-12-17 15:08:45.000000000 +0000
+--- configure.orig	2021-04-05 12:39:40.000000000 +0000
 +++ configure
 @@ -6469,7 +6469,7 @@ else
      if test x"$target_alias" = x; then :
@@ -18,7 +17,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  
  	    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for real target cpu" >&5
  $as_echo_n "checking for real target cpu... " >&6; }
-@@ -8831,6 +8831,7 @@ fi
+@@ -8839,6 +8839,7 @@ fi
  	stack_protector=no
       ;; #(
    *) :
@@ -26,7 +25,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
       ;;
  esac
      if test -z "${stack_protector+set}"; then :
-@@ -10695,6 +10696,10 @@ esac
+@@ -10703,6 +10704,10 @@ esac
  
  			ac_cv_func___builtin_setjmp=no
  		 ;; #(
@@ -37,7 +36,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
    *) :
       ;;
  esac
-@@ -22269,6 +22274,8 @@ else
+@@ -22277,6 +22282,8 @@ else
  # ifdef _MSC_VER
  #  include <malloc.h>
  #  define alloca _alloca
@@ -46,21 +45,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  # else
  #  ifdef HAVE_ALLOCA_H
  #   include <alloca.h>
-@@ -26817,11 +26824,11 @@ if ${rb_cv_func_pthread_setname_np_argum
- else
-   rb_cv_func_pthread_setname_np_arguments=
- 	    # Linux,AIX,  (pthread_self(), name)
--	    # NetBSD (pthread_self(), name, \"%s\")
-+	    # NetBSD (pthread_self(), \"%s\", name)
- 	    # Darwin (name)
- 	    for mac in \
- 		"(pthread_self(), name)" \
--		"(pthread_self(), name, \"%s\")" \
-+		"(pthread_self(), \"%s\", name)" \
- 		"(name)" \
- 		; do
- 		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -27415,7 +27422,9 @@ fi
+@@ -27482,7 +27489,9 @@ fi
    interix*) :
      	: ${LDSHARED='$(CC) -shared'}
  			XLDFLAGS="$XLDFLAGS -Wl,-E"
@@ -70,7 +55,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  			rb_cv_dlopen=yes ;; #(
    freebsd*|dragonfly*) :
  
-@@ -28676,7 +28685,7 @@ fi
+@@ -28743,7 +28752,7 @@ fi
  	 ;; #(
    freebsd*|dragonfly*) :
  
@@ -79,7 +64,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  	LIBRUBY_SONAME='$(LIBRUBY_SO)'
  	if test "$rb_cv_binary_elf" != "yes" ; then :
  
-@@ -28755,9 +28764,10 @@ esac
+@@ -28822,9 +28831,10 @@ esac
  	 ;; #(
    darwin*) :
  
@@ -92,7 +77,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  	if test "$load_relative" = yes; then :
  
  	    libprefix="@executable_path/../${libdir_basename}"
-@@ -28778,7 +28788,12 @@ fi
+@@ -28845,7 +28855,12 @@ fi
  	 ;; #(
    interix*) :
  
@@ -106,7 +91,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
  	 ;; #(
    mingw*|cygwin*|mswin*) :
  
-@@ -28960,7 +28975,7 @@ if test "$enable_rpath" = yes; then :
+@@ -29027,7 +29042,7 @@ if test "$enable_rpath" = yes; then :
  esac
      rpathflag=`IFS="$PATH_SEPARATOR"
          echo x "$rpathflag" |
@@ -115,7 +100,7 @@ $NetBSD: patch-configure,v 1.1 2020/03/15 15:26:22 taca Exp $
      `
      LIBRUBY_RPATHFLAGS="$LIBRUBY_RPATHFLAGS${rpathflag}"
      LIBRUBYARG_SHARED="$LIBRUBY_RPATHFLAGS $LIBRUBYARG_SHARED"
-@@ -31684,19 +31699,7 @@ which seems to be undefined.  Please mak
+@@ -31751,19 +31766,7 @@ which seems to be undefined.  Please mak
      "Makefile":F)
      tmpmk=confmk$$.tmp
      {
diff --git a/lang/ruby27-base/patches/patch-lib_rubygems.rb b/lang/ruby27-base/patches/patch-lib_rubygems.rb
index 50d68c9cd10..89dd657d415 100644
--- a/lang/ruby27-base/patches/patch-lib_rubygems.rb
+++ b/lang/ruby27-base/patches/patch-lib_rubygems.rb
@@ -1,10 +1,10 @@
-$NetBSD: patch-lib_rubygems.rb,v 1.1 2020/03/15 15:26:22 taca Exp $
+$NetBSD: patch-lib_rubygems.rb,v 1.1.10.1 2021/04/15 07:38:17 bsiegert Exp $
 
 * Add install_root option for pkgsrc's rubygems support.
 
---- lib/rubygems.rb.orig	2018-12-23 00:20:49.000000000 +0000
+--- lib/rubygems.rb.orig	2021-04-05 12:39:38.000000000 +0000
 +++ lib/rubygems.rb
-@@ -317,10 +317,16 @@ module Gem
+@@ -311,10 +311,16 @@ module Gem
    ##
    # The path where gem executables are to be installed.
  
@@ -25,16 +25,16 @@ $NetBSD: patch-lib_rubygems.rb,v 1.1 2020/03/15 15:26:22 taca Exp $
    end
  
    ##
-@@ -661,7 +667,7 @@ An Array (#{env.inspect}) was passed in 
+@@ -657,7 +663,7 @@ An Array (#{env.inspect}) was passed in 
        return i if path.instance_variable_defined?(:@gem_prelude_index)
      end
  
 -    index = $LOAD_PATH.index RbConfig::CONFIG['sitelibdir']
 +    index = $LOAD_PATH.index RbConfig::CONFIG['vendordir']
  
-     index
+     index || 0
    end
-@@ -835,6 +841,7 @@ An Array (#{env.inspect}) was passed in 
+@@ -849,6 +855,7 @@ An Array (#{env.inspect}) was passed in 
      prefix = File.dirname RUBYGEMS_DIR
  
      if prefix != File.expand_path(RbConfig::CONFIG['sitelibdir']) and
author	bsiegert <bsiegert@pkgsrc.org>	2021-04-15 07:38:17 +0000
committer	bsiegert <bsiegert@pkgsrc.org>	2021-04-15 07:38:17 +0000
commit	12288c605acfc5812d40c616a832999a7c0e2177 (patch)
tree	fd6c08fca49294dd45fb3f23c2a9e93700aa8a14
parent	9571220f23a5f05df0c6c96f3c9281eb8289dcc7 (diff)
download	pkgsrc-12288c605acfc5812d40c616a832999a7c0e2177.tar.gz