diff options
author | taca <taca@pkgsrc.org> | 2013-09-30 03:12:59 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2013-09-30 03:12:59 +0000 |
commit | d62528f334be53165376b87e58adb10e036a0298 (patch) | |
tree | 266a5203b565aa18e88cac974b9d9f016e55fa67 | |
parent | 13f193e9c23b6a271d4c64d7aa7ea9abc33bc090 (diff) | |
download | pkgsrc-d62528f334be53165376b87e58adb10e036a0298.tar.gz |
Update rubygems package to 2.0.10. This is security fix for CVE-2013-4363.
=== 2.0.10 / 2013-09-24
Security fixes:
* RubyGems 2.1.4 and earlier are vulnerable to excessive CPU usage due to a
backtracking in Gem::Version validation. See CVE-2013-4363 for full details
including vulnerable APIs. Fixed versions include 2.1.5, 2.0.10, 1.8.27 and
1.8.23.2 (for Ruby 1.9.3).
=== 2.0.9 / 2013-09-13
Bug fixes:
* Gem fetch now fetches the newest (not oldest) gem when --version is given.
Issue #643 by Brian Shirai.
* Fixed credential creation for `gem push` when `--host` is not given. Pull
request #622 by Arthur Nogueira Neves
-rw-r--r-- | misc/rubygems/Makefile | 4 | ||||
-rw-r--r-- | misc/rubygems/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/misc/rubygems/Makefile b/misc/rubygems/Makefile index d6192f3e651..0a3b247de33 100644 --- a/misc/rubygems/Makefile +++ b/misc/rubygems/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.54 2013/09/10 16:33:29 taca Exp $ +# $NetBSD: Makefile,v 1.55 2013/09/30 03:12:59 taca Exp $ -DISTNAME= rubygems-2.0.8 +DISTNAME= rubygems-2.0.10 CATEGORIES= misc ruby MASTER_SITES= http://production.cf.rubygems.org/rubygems/ EXTRACT_SUFX= .tgz diff --git a/misc/rubygems/distinfo b/misc/rubygems/distinfo index 6ce5a094f8c..d714311008e 100644 --- a/misc/rubygems/distinfo +++ b/misc/rubygems/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.43 2013/09/10 16:33:29 taca Exp $ +$NetBSD: distinfo,v 1.44 2013/09/30 03:12:59 taca Exp $ -SHA1 (rubygems-2.0.8.tgz) = 429f40e6f119197da281e98c1c9c5052df20f7f4 -RMD160 (rubygems-2.0.8.tgz) = 04046acc310ee3a143a3b01a7ea4b10be31e6de8 -Size (rubygems-2.0.8.tgz) = 337735 bytes +SHA1 (rubygems-2.0.10.tgz) = e4119824649771958038b2347485df85c3a09fc6 +RMD160 (rubygems-2.0.10.tgz) = cc6c5adb29464217067eeab6e06bbb1b67d6cf42 +Size (rubygems-2.0.10.tgz) = 338280 bytes SHA1 (patch-aa) = ec1af229bb7cf9b36b0b5669b8c6f3d97f7ea15e SHA1 (patch-ab) = d9fd51322581d0d176479fb6a8f0507ad7cd2b13 SHA1 (patch-ac) = 1a59a5d2fc090dfcf6d3bd3b9c133f0ce4a1feee |