archivers/ruby-zip: update to 1.2.2

Various small bug fixes including CVE-2018-1000544 (absolute path
traversal).

3 files changed, 24 insertions, 8 deletions

diff --git a/archivers/ruby-zip/Makefile b/archivers/ruby-zip/Makefile
index 7d8e21d1085..268cd47b74c 100644
--- a/archivers/ruby-zip/Makefile
+++ b/archivers/ruby-zip/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.17 2017/03/11 15:34:46 taca Exp $
+# $NetBSD: Makefile,v 1.18 2018/09/23 13:49:00 taca Exp $
 
-DISTNAME=	rubyzip-1.2.1
+DISTNAME=	rubyzip-1.2.2
 PKGNAME=	${RUBY_PKGPREFIX}-${DISTNAME:S/ruby//}
 CATEGORIES=	archivers
 
diff --git a/archivers/ruby-zip/PLIST b/archivers/ruby-zip/PLIST
index f9d6d545ac1..8005144c0a8 100644
--- a/archivers/ruby-zip/PLIST
+++ b/archivers/ruby-zip/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2016/03/08 13:50:17 taca Exp $
+@comment $NetBSD: PLIST,v 1.13 2018/09/23 13:49:00 taca Exp $
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_LIBDIR}/README.md
 ${GEM_LIBDIR}/Rakefile
@@ -61,10 +61,25 @@ ${GEM_LIBDIR}/test/data/globTest.zip
 ${GEM_LIBDIR}/test/data/globTest/foo.txt
 ${GEM_LIBDIR}/test/data/globTest/foo/bar/baz/foo.txt
 ${GEM_LIBDIR}/test/data/globTest/food.txt
+${GEM_LIBDIR}/test/data/gpbit3stored.zip
 ${GEM_LIBDIR}/test/data/mimetype
 ${GEM_LIBDIR}/test/data/notzippedruby.rb
 ${GEM_LIBDIR}/test/data/ntfs.zip
 ${GEM_LIBDIR}/test/data/oddExtraField.zip
+${GEM_LIBDIR}/test/data/path_traversal/Makefile
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/README.md
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/absolute1.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/absolute2.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/dirsymlink.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/dirsymlink2a.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/dirsymlink2b.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/relative0.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/relative2.zip
+${GEM_LIBDIR}/test/data/path_traversal/jwilk/symlink.zip
+${GEM_LIBDIR}/test/data/path_traversal/relative1.zip
+${GEM_LIBDIR}/test/data/path_traversal/tuzovakaoff/README.md
+${GEM_LIBDIR}/test/data/path_traversal/tuzovakaoff/absolutepath.zip
+${GEM_LIBDIR}/test/data/path_traversal/tuzovakaoff/symlink.zip
 ${GEM_LIBDIR}/test/data/rubycode.zip
 ${GEM_LIBDIR}/test/data/rubycode2.zip
 ${GEM_LIBDIR}/test/data/test.xls
@@ -98,6 +113,7 @@ ${GEM_LIBDIR}/test/local_entry_test.rb
 ${GEM_LIBDIR}/test/output_stream_test.rb
 ${GEM_LIBDIR}/test/pass_thru_compressor_test.rb
 ${GEM_LIBDIR}/test/pass_thru_decompressor_test.rb
+${GEM_LIBDIR}/test/path_traversal_test.rb
 ${GEM_LIBDIR}/test/samples/example_recursive_test.rb
 ${GEM_LIBDIR}/test/settings_test.rb
 ${GEM_LIBDIR}/test/test_helper.rb
diff --git a/archivers/ruby-zip/distinfo b/archivers/ruby-zip/distinfo
index 5a7f4a17c60..97508a400a3 100644
--- a/archivers/ruby-zip/distinfo
+++ b/archivers/ruby-zip/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.15 2017/03/11 15:34:46 taca Exp $
+$NetBSD: distinfo,v 1.16 2018/09/23 13:49:00 taca Exp $
 
-SHA1 (rubyzip-1.2.1.gem) = 6db27c04c4051fdd163a759d294a66e89438ccbe
-RMD160 (rubyzip-1.2.1.gem) = 7706dd78f3f465d27b29971b28a6268a0dd3461f
-SHA512 (rubyzip-1.2.1.gem) = d2ce408dba3dfc6c005570504b58b11e3f3b17170734d34a1ce906c57e7f8c56beb856a1dbe66eeb854dd3d20a76108e347b9e596107d3693080d42a009eb95e
-Size (rubyzip-1.2.1.gem) = 149504 bytes
+SHA1 (rubyzip-1.2.2.gem) = c0e989661ce4e5cebf4c47e3e02a411521a55d1f
+RMD160 (rubyzip-1.2.2.gem) = d8295b7e2ec075087499baf9685af09a55c051b0
+SHA512 (rubyzip-1.2.2.gem) = 2adbf775e8480a90bd25de7fc9a4094079a7b1f81266a3866b163da47dcc5d5b08a39ec4e00f892212d3849bd8974ce9179b44c06d447d3b0f984dec305724b8
+Size (rubyzip-1.2.2.gem) = 152576 bytes