diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2021-04-15 07:04:00 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2021-04-15 07:04:00 +0000 |
| commit | 9639b993f3e0cb28ddaaa595252162d96a62d5e3 (patch) | |
| tree | 1cc920acfd99f2e31793edc98d4c23242773cca9 | |
| parent | e5d8254d68ed1ea54f4a99665b5542f59f3ed5ab (diff) | |
| download | pkgsrc-9639b993f3e0cb28ddaaa595252162d96a62d5e3.tar.gz | |
Pullup ticket #6442 - requested by taca
lang/ruby25-base: security fix
(via patch)
--
Ruby 2.5.9 has been released.
This release includes security fixes. Please check the topics below
for details.
* CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in
WEBrick
* CVE-2021-28965: XML round-trip vulnerability in REXML
See the commit logs for details.
After this release, Ruby 2.5 reaches EOL. In other words, this is the
last release of Ruby 2.5 series. We will not release Ruby 2.5.10 even
if a security vulnerability is found. We recommend all Ruby 2.5 users
to upgrade to Ruby 3.0, 2.7 or 2.6 immediately.
--
| -rw-r--r-- | lang/ruby/rubyversion.mk | 4 | ||||
| -rw-r--r-- | lang/ruby25-base/Makefile | 3 | ||||
| -rw-r--r-- | lang/ruby25-base/PLIST | 9 | ||||
| -rw-r--r-- | lang/ruby25-base/distinfo | 11 |
4 files changed, 12 insertions, 15 deletions
diff --git a/lang/ruby/rubyversion.mk b/lang/ruby/rubyversion.mk index e764974e2c5..b5c71c77528 100644 --- a/lang/ruby/rubyversion.mk +++ b/lang/ruby/rubyversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: rubyversion.mk,v 1.225 2021/03/21 12:39:52 taca Exp $ +# $NetBSD: rubyversion.mk,v 1.225.2.1 2021/04/15 07:04:00 bsiegert Exp $ # # This file determines which Ruby version is used as a dependency for @@ -213,7 +213,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/ruby([0-9][0-9])-.*/\1/} .endif # current supported Ruby's version -RUBY25_VERSION= 2.5.8 +RUBY25_VERSION= 2.5.9 RUBY26_VERSION= 2.6.6 RUBY27_VERSION= 2.7.2 RUBY30_VERSION= 3.0.0 diff --git a/lang/ruby25-base/Makefile b/lang/ruby25-base/Makefile index 2fb072ef649..4b27389d91c 100644 --- a/lang/ruby25-base/Makefile +++ b/lang/ruby25-base/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.18 2021/02/14 15:30:19 taca Exp $ +# $NetBSD: Makefile,v 1.18.2.1 2021/04/15 07:04:00 bsiegert Exp $ DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION} -PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} diff --git a/lang/ruby25-base/PLIST b/lang/ruby25-base/PLIST index e0849c3edf9..0f7451c2e66 100644 --- a/lang/ruby25-base/PLIST +++ b/lang/ruby25-base/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.4 2020/04/01 15:25:26 taca Exp $ +@comment $NetBSD: PLIST,v 1.4.8.1 2021/04/15 07:04:00 bsiegert Exp $ bin/erb${RUBY_SUFFIX} bin/gem${RUBY_SUFFIX} bin/irb${RUBY_SUFFIX} @@ -676,9 +676,8 @@ ${RUBY_LIB}/rubygems/source_local.rb ${RUBY_LIB}/rubygems/source_specific_file.rb ${RUBY_LIB}/rubygems/spec_fetcher.rb ${RUBY_LIB}/rubygems/specification.rb -${RUBY_LIB}/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem -${RUBY_LIB}/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem -${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem +${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem +${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem ${RUBY_LIB}/rubygems/stub_specification.rb ${RUBY_LIB}/rubygems/syck_hack.rb ${RUBY_LIB}/rubygems/test_case.rb @@ -1197,7 +1196,7 @@ ${GEM_HOME}/specifications/default/scanf-1.0.0.gemspec ${GEM_HOME}/specifications/default/sdbm-1.0.0.gemspec ${GEM_HOME}/specifications/default/stringio-0.0.1.gemspec ${GEM_HOME}/specifications/default/strscan-1.0.0.gemspec -${GEM_HOME}/specifications/default/webrick-1.4.2.gemspec +${GEM_HOME}/specifications/default/webrick-1.4.2.1.gemspec ${GEM_HOME}/specifications/default/zlib-1.0.0.gemspec ${GEM_HOME}/specifications/did_you_mean-${RUBY_DID_YOU_MEAN_VERSION}.gemspec ${GEM_HOME}/specifications/minitest-${RUBY_MINITEST_VERSION}.gemspec diff --git a/lang/ruby25-base/distinfo b/lang/ruby25-base/distinfo index 563a35ea900..67eff237447 100644 --- a/lang/ruby25-base/distinfo +++ b/lang/ruby25-base/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.14 2020/10/04 03:45:26 taca Exp $ +$NetBSD: distinfo,v 1.14.4.1 2021/04/15 07:04:00 bsiegert Exp $ -SHA1 (ruby-2.5.8.tar.xz) = d5ef8e8f28c098e6b7ea24924e0b0fee6e2f766c -RMD160 (ruby-2.5.8.tar.xz) = 885ffaf5c394ff8779bbc4ee5e6cf0976aa3d6cf -SHA512 (ruby-2.5.8.tar.xz) = 2886be764a454425c5beef2777c64a70ee0d048b07896b327633d904f5077fea4299526689f9e2ac4dcd2fc4811cf9a6c8ce75367ed35d29dfe1a54222872e0d -Size (ruby-2.5.8.tar.xz) = 11298404 bytes +SHA1 (ruby-2.5.9.tar.xz) = 7be8dc2e6e534eb36bfdf9f017af512996ec99a6 +RMD160 (ruby-2.5.9.tar.xz) = 02536c6db7f40edd19f88d004458480372076f9e +SHA512 (ruby-2.5.9.tar.xz) = 239f73eb4049ae2654b648ab927b1f74643d38a5f29572e4bd4e6aa3c53c1df29e0a995fd90d4ab9d4b2ff073fd809b12df820ccb1ddf395684bba6be1855b7a +Size (ruby-2.5.9.tar.xz) = 11314448 bytes SHA1 (patch-configure) = 965f31ec3ae2fb91479f02cb3b19ea7518685718 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e @@ -17,5 +17,4 @@ SHA1 (patch-lib_rubygems_install__update__options.rb) = 1e953b5a517a805fd7184e35 SHA1 (patch-lib_rubygems_installer.rb) = 7a9cfbd5d05c8901132d2bbf4555efa05e6363ec SHA1 (patch-lib_rubygems_platform.rb) = a208bf6bce28a687511bace5ff8a773fb6bcf87d SHA1 (patch-lib_rubygems_specification.rb) = e2ef2e6de4838168d11efef92f65d87d22c65ae4 -SHA1 (patch-lib_webrick_httprequest.rb) = 6e9eedbdceee3a1e6d8e5ec2f160ce8f705237ea SHA1 (patch-test_rubygems_test__gem.rb) = 80d646b95df81bacca6d277d2801dba16df291f5 |