diff options
author | taca <taca@pkgsrc.org> | 2021-05-08 14:08:55 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2021-05-08 14:08:55 +0000 |
commit | 394305b6ca5c37a607e0496e28fbcc8c56fb29bb (patch) | |
tree | ddf6973bb09146b6e3b7e179a2462d88c25c9ae9 /lang/ruby | |
parent | f2dede17b31ca2d7c374a5f5ac21637c4c6fb768 (diff) | |
download | pkgsrc-394305b6ca5c37a607e0496e28fbcc8c56fb29bb.tar.gz |
www/ruby-rails61: update to 6.1.3.2
Real changes are in www/ruby-actionpack61 only.
## Rails 6.1.3.2 (May 05, 2021) ##
* Prevent open redirects by correctly escaping the host allow list
CVE-2021-22903
* Prevent catastrophic backtracking during mime parsing
CVE-2021-22902
* Prevent regex DoS in HTTP token authentication
CVE-2021-22904
* Prevent string polymorphic route arguments.
`url_for` supports building polymorphic URLs via an array
of arguments (usually symbols and records). If a developer passes a
user input array, strings can result in unwanted route helper calls.
CVE-2021-22885
*Gannon McGibbon*
Diffstat (limited to 'lang/ruby')
-rw-r--r-- | lang/ruby/rails.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lang/ruby/rails.mk b/lang/ruby/rails.mk index 17fcd4983d3..a3a8616075d 100644 --- a/lang/ruby/rails.mk +++ b/lang/ruby/rails.mk @@ -1,4 +1,4 @@ -# $NetBSD: rails.mk,v 1.99 2021/05/08 14:02:33 taca Exp $ +# $NetBSD: rails.mk,v 1.100 2021/05/08 14:08:55 taca Exp $ .if !defined(_RUBY_RAILS_MK) _RUBY_RAILS_MK= # defined @@ -49,7 +49,7 @@ _RUBY_RAILS_MK= # defined # RUBY_RAILS52_VERSION?= 5.2.5 RUBY_RAILS60_VERSION?= 6.0.3.7 -RUBY_RAILS61_VERSION?= 6.1.3.1 +RUBY_RAILS61_VERSION?= 6.1.3.2 RUBY_RAILS_ACCEPTED?= # defined RUBY_RAILS_DEFAULT?= 52 |