diff options
author | taca <taca@pkgsrc.org> | 2021-05-08 14:02:33 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2021-05-08 14:02:33 +0000 |
commit | d31768e9f1527a3d0e25e7d1567b2a0edba1c14b (patch) | |
tree | ff09b7c2f1cdac2d4d8306b97d7c6f865a7afd76 /lang/ruby | |
parent | 1b999035d5aa6308e3874498b9cbf47d24d3069f (diff) | |
download | pkgsrc-d31768e9f1527a3d0e25e7d1567b2a0edba1c14b.tar.gz |
www/ruby-rails60: update to 6.0.3.7
Real changes are in www/ruby-actionpack60 only.
## Rails 6.0.3.7 (May 05, 2021) ##
* Prevent catastrophic backtracking during mime parsing
CVE-2021-22902
* Prevent regex DoS in HTTP token authentication
CVE-2021-22904
* Prevent string polymorphic route arguments.
`url_for` supports building polymorphic URLs via an array
of arguments (usually symbols and records). If a developer passes a
user input array, strings can result in unwanted route helper calls.
CVE-2021-22885
*Gannon McGibbon*
Diffstat (limited to 'lang/ruby')
-rw-r--r-- | lang/ruby/rails.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lang/ruby/rails.mk b/lang/ruby/rails.mk index 579f4a4fd64..17fcd4983d3 100644 --- a/lang/ruby/rails.mk +++ b/lang/ruby/rails.mk @@ -1,4 +1,4 @@ -# $NetBSD: rails.mk,v 1.98 2021/04/11 13:28:01 taca Exp $ +# $NetBSD: rails.mk,v 1.99 2021/05/08 14:02:33 taca Exp $ .if !defined(_RUBY_RAILS_MK) _RUBY_RAILS_MK= # defined @@ -48,7 +48,7 @@ _RUBY_RAILS_MK= # defined # current Ruby on Rails versions. # RUBY_RAILS52_VERSION?= 5.2.5 -RUBY_RAILS60_VERSION?= 6.0.3.6 +RUBY_RAILS60_VERSION?= 6.0.3.7 RUBY_RAILS61_VERSION?= 6.1.3.1 RUBY_RAILS_ACCEPTED?= # defined |