diff options
author | taca <taca@pkgsrc.org> | 2018-03-29 03:11:58 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2018-03-29 03:11:58 +0000 |
commit | e8b711b846dcad35a6ebf194375519c5be208fa1 (patch) | |
tree | 3c37fd7b57bb01ee690ab3e57d61be7db9ef9da2 /lang | |
parent | fde2081f2deeb21d5d86cacb49613947bb21b847 (diff) | |
download | pkgsrc-e8b711b846dcad35a6ebf194375519c5be208fa1.tar.gz |
lang/ruby22-base: update to 2.2.10, security release
Ruby 2.2.10 Released Posted by usa on 28 Mar 2018
Ruby 2.2.10 has been released. This release includes several security
fixes. Please check the topics below for details.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
Ruby 2.2 is under the state of the security maintenance phase, until the end
of the March of 2018. After the date, maintenance of Ruby 2.2 will be ended.
So, this release is expected to be the last release of Ruby 2.2. We will
never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious
regression bug. We recommend you migrating to newer versions of Ruby, such as
2.5.
Diffstat (limited to 'lang')
-rw-r--r-- | lang/ruby/rubyversion.mk | 4 | ||||
-rw-r--r-- | lang/ruby22-base/Makefile | 7 | ||||
-rw-r--r-- | lang/ruby22-base/distinfo | 10 |
3 files changed, 8 insertions, 13 deletions
diff --git a/lang/ruby/rubyversion.mk b/lang/ruby/rubyversion.mk index d0562c46206..96443628e0c 100644 --- a/lang/ruby/rubyversion.mk +++ b/lang/ruby/rubyversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: rubyversion.mk,v 1.194 2018/03/29 03:09:35 taca Exp $ +# $NetBSD: rubyversion.mk,v 1.195 2018/03/29 03:11:58 taca Exp $ # # This file determines which Ruby version is used as a dependency for @@ -214,7 +214,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/ruby([0-9][0-9])-.*/\1/} .endif # current supported Ruby's version -RUBY22_VERSION= 2.2.9 +RUBY22_VERSION= 2.2.10 RUBY23_VERSION= 2.3.7 RUBY24_VERSION= 2.4.4 RUBY25_VERSION= 2.5.1 diff --git a/lang/ruby22-base/Makefile b/lang/ruby22-base/Makefile index 7ff12d2c134..f1cda908fe2 100644 --- a/lang/ruby22-base/Makefile +++ b/lang/ruby22-base/Makefile @@ -1,15 +1,10 @@ -# $NetBSD: Makefile,v 1.22 2018/02/23 15:26:14 wiz Exp $ +# $NetBSD: Makefile,v 1.23 2018/03/29 03:11:58 taca Exp $ DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION} -PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} -PATCH_SITES= https://bugs.ruby-lang.org/attachments/download/7030/ -PATCHFILES= rubygems-276-for-ruby22.patch -PATCH_DIST_STRIP= -p0 - MAINTAINER= taca@NetBSD.org HOMEPAGE= ${RUBY_HOMEPAGE} COMMENT= Ruby ${RUBY_VERSION} release minimum base package diff --git a/lang/ruby22-base/distinfo b/lang/ruby22-base/distinfo index 32ac24d8e75..e0909cda32b 100644 --- a/lang/ruby22-base/distinfo +++ b/lang/ruby22-base/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.23 2018/02/19 16:47:53 taca Exp $ +$NetBSD: distinfo,v 1.24 2018/03/29 03:11:58 taca Exp $ -SHA1 (ruby-2.2.9.tar.bz2) = 773ba9b51bde612866f656c4531f59660e2b0087 -RMD160 (ruby-2.2.9.tar.bz2) = 0973ec6a23ec909af7dec7c7152ca0a4e79fe959 -SHA512 (ruby-2.2.9.tar.bz2) = 2a8c8770fda20a22b79c9115b6f468f8e7ea1092c84a5089af7a3122163e5ad298b493e6637e4d93ba02d899d8a619c94064dda8ac98cf3b93f64f45d5401085 -Size (ruby-2.2.9.tar.bz2) = 13371232 bytes +SHA1 (ruby-2.2.10.tar.bz2) = 72ee1dcfd96199d2c3092b77db7a7f439c0abd08 +RMD160 (ruby-2.2.10.tar.bz2) = b766f369db78f002c6bdf4d54592af6dbc7d0295 +SHA512 (ruby-2.2.10.tar.bz2) = f8ec96c2a5f4ecf22052ee0b1029989ded52d7bf5d41be24fef67e732e76f72119302240bca08f0547510a9cd29e941a32e263cad9c8a2bf80023d6bc97b2373 +Size (ruby-2.2.10.tar.bz2) = 13365461 bytes SHA1 (rubygems-276-for-ruby22.patch) = a705fc2290c062aebc907fddb0f83e2589356371 RMD160 (rubygems-276-for-ruby22.patch) = 6d694ea1f5e1bf70143a4ad6924547302db262ec SHA512 (rubygems-276-for-ruby22.patch) = dfe12d7d2744cc6034cecd330258943bc6ae2bfd363375e2250b913c242c49b204de561e3aa6c55cd827fbe6e487d4f4038f72ec73fcc68c954d7d844743fa4d |