diff options
| author | taca <taca@pkgsrc.org> | 2019-03-12 04:19:09 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2019-03-12 04:19:09 +0000 |
| commit | 0bd202ea4f5d0e7c48290b18e8863f39eef2a9e3 (patch) | |
| tree | 2bb353d3850d69cad558c2d4eda82888eee2efeb /lang/ruby26-base | |
| parent | b39b8ab63037ca18618c21890e587c719e536cbd (diff) | |
| download | pkgsrc-0bd202ea4f5d0e7c48290b18e8863f39eef2a9e3.tar.gz | |
lang/ruby26-base: Add security patch for rubygems
Add security patch for rubygems, fixing these problem.
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
Bump PKGREVISION.
Diffstat (limited to 'lang/ruby26-base')
| -rw-r--r-- | lang/ruby26-base/Makefile | 6 | ||||
| -rw-r--r-- | lang/ruby26-base/distinfo | 6 |
2 files changed, 10 insertions, 2 deletions
diff --git a/lang/ruby26-base/Makefile b/lang/ruby26-base/Makefile index d8562180d32..786d44985e0 100644 --- a/lang/ruby26-base/Makefile +++ b/lang/ruby26-base/Makefile @@ -1,10 +1,14 @@ -# $NetBSD: Makefile,v 1.1 2019/02/03 13:41:33 taca Exp $ +# $NetBSD: Makefile,v 1.2 2019/03/12 04:19:09 taca Exp $ DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION} +PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} +PATCHFILES= ruby-2.6.1-rubygems.patch +PATCH_SITES= https://bugs.ruby-lang.org/attachments/download/7664/ + MAINTAINER= taca@NetBSD.org HOMEPAGE= ${RUBY_HOMEPAGE} COMMENT= Ruby ${RUBY_VERSION} release minimum base package diff --git a/lang/ruby26-base/distinfo b/lang/ruby26-base/distinfo index e579d830739..cdbddf13ada 100644 --- a/lang/ruby26-base/distinfo +++ b/lang/ruby26-base/distinfo @@ -1,5 +1,9 @@ -$NetBSD: distinfo,v 1.1 2019/02/03 13:41:33 taca Exp $ +$NetBSD: distinfo,v 1.2 2019/03/12 04:19:09 taca Exp $ +SHA1 (ruby-2.6.1-rubygems.patch) = a12386ef79715b4693e02ad0c00034558b669181 +RMD160 (ruby-2.6.1-rubygems.patch) = f733d14223b8e4270b1114524b0e33f634a822ab +SHA512 (ruby-2.6.1-rubygems.patch) = 2684ed9c326a989cc75ec25e976f7ffef107d10ccaa54cc83ad48b3fe6f36a1526e6f4bd3a45e29401908d2155e9c3f82b3be14a24ab8c7bef3431f1a0cbbd39 +Size (ruby-2.6.1-rubygems.patch) = 18026 bytes SHA1 (ruby-2.6.1.tar.xz) = ba5f4338bb642e3836dd80b73a9df0d1b6e079ae RMD160 (ruby-2.6.1.tar.xz) = adccca8036dfc34d00ea71d5a59a2a968de5187b SHA512 (ruby-2.6.1.tar.xz) = fb36289a955f0596c683cdadf1e4a9a9fd35222b1e1c6160c2e7cd82e5befd40a7aa4361e55f7a8f83c06ee899ec493821c7db34a60c4ac3bca0e874d33ef1a9 |