diff options
| author | taca <taca> | 2015-03-28 04:12:16 +0000 |
|---|---|---|
| committer | taca <taca> | 2015-03-28 04:12:16 +0000 |
| commit | 39d60652224f4d30c72dc4a8134274b4cc03f548 (patch) | |
| tree | aeb9244aede9ebdccaca3237b0b64f9e115bd6f7 /www | |
| parent | 650c8d8973961c7e8fc855445a0efd8118ebf701 (diff) | |
| download | pkgsrc-39d60652224f4d30c72dc4a8134274b4cc03f548.tar.gz | |
Update ruby-rest-client to 1.8.0, security fix.
# 1.8.0
- Security: implement standards compliant cookie handling by adding a
dependency on http-cookie. This breaks compatibility, but was necessary to
address a session fixation / cookie disclosure vulnerability.
(#369 / CVE-2015-1820)
Previously, any Set-Cookie headers found in an HTTP 30x response would be
sent to the redirection target, regardless of domain. Responses now expose a
cookie jar and respect standards compliant domain / path flags in Set-Cookie
headers.
Diffstat (limited to 'www')
| -rw-r--r-- | www/ruby-rest-client/Makefile | 5 | ||||
| -rw-r--r-- | www/ruby-rest-client/distinfo | 8 |
2 files changed, 7 insertions, 6 deletions
diff --git a/www/ruby-rest-client/Makefile b/www/ruby-rest-client/Makefile index 8a9a885d088..b4feacbc62d 100644 --- a/www/ruby-rest-client/Makefile +++ b/www/ruby-rest-client/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.2 2015/03/13 17:36:10 taca Exp $ +# $NetBSD: Makefile,v 1.3 2015/03/28 04:12:16 taca Exp $ -DISTNAME= rest-client-1.7.3 +DISTNAME= rest-client-1.8.0 CATEGORIES= www MAINTAINER= pkgsrc-users@NetBSD.org @@ -11,6 +11,7 @@ LICENSE= mit DEPENDS+= ${RUBY_PKGPREFIX}-readline>=${RUBY_VERSION}:../../devel/ruby-readline DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.16<3.0:../../mail/ruby-mime-types DEPENDS+= ${RUBY_PKGPREFIX}-netrc>=0.7<1:../../net/ruby-netrc +DEPENDS+= ${RUBY_PKGPREFIX}-http-cookie>=1.0.2<2:../../www/ruby-http-cookie .include "../../lang/ruby/gem.mk" .include "../../mk/bsd.pkg.mk" diff --git a/www/ruby-rest-client/distinfo b/www/ruby-rest-client/distinfo index fc7116a6ecb..d1ccd7e556a 100644 --- a/www/ruby-rest-client/distinfo +++ b/www/ruby-rest-client/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.2 2015/03/13 17:36:10 taca Exp $ +$NetBSD: distinfo,v 1.3 2015/03/28 04:12:16 taca Exp $ -SHA1 (rest-client-1.7.3.gem) = c080632d602ece2d8f1f579090da64234101c484 -RMD160 (rest-client-1.7.3.gem) = e4ede7aaa321aa9be5e4f1e80ba5a33781ba4b6c -Size (rest-client-1.7.3.gem) = 124416 bytes +SHA1 (rest-client-1.8.0.gem) = 271b57e37e69afbc1a02b455391d171379bdda8a +RMD160 (rest-client-1.8.0.gem) = be9fab9a89955c9db281adbe9b1692d9f17a8b15 +Size (rest-client-1.8.0.gem) = 124928 bytes |