| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
www/ruby-actionpack32: security fix
Revisions pulled up:
- databases/ruby-activerecord32/distinfo 1.24
- devel/ruby-activemodel32/distinfo 1.24
- devel/ruby-activesupport32/distinfo 1.24
- devel/ruby-railties32/distinfo 1.24
- lang/ruby/rails.mk 1.55
- mail/ruby-actionmailer32/distinfo 1.24
- www/ruby-actionpack32/distinfo 1.24
- www/ruby-activeresource32/distinfo 1.24
- www/ruby-rails32/distinfo 1.24
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:55:08 UTC 2016
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
Start update of Ruby on Rails to 3.2.22.4.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:55:48 UTC 2016
Modified Files:
pkgsrc/devel/ruby-activesupport32: distinfo
Log Message:
Update ruby-activesupport32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:56:35 UTC 2016
Modified Files:
pkgsrc/devel/ruby-activemodel32: distinfo
Log Message:
Update ruby-activemodel32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:57:03 UTC 2016
Modified Files:
pkgsrc/databases/ruby-activerecord32: distinfo
Log Message:
Update ruby-activerecord32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:57:30 UTC 2016
Modified Files:
pkgsrc/www/ruby-activeresource32: distinfo
Log Message:
Update ruby-activeresource32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:58:46 UTC 2016
Modified Files:
pkgsrc/www/ruby-actionpack32: distinfo
Log Message:
Update ruby-actionpack32 to 3.2.22.4.
Fix CVE-2016-6316, XSS vulnerability in Action View.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:59:16 UTC 2016
Modified Files:
pkgsrc/mail/ruby-actionmailer32: distinfo
Log Message:
Update ruby-actionmailer32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 05:59:36 UTC 2016
Modified Files:
pkgsrc/devel/ruby-railties32: distinfo
Log Message:
Update ruby-railties32 to 3.2.22.4, no change except version.
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Aug 21 06:00:48 UTC 2016
Modified Files:
pkgsrc/www/ruby-rails32: distinfo
Log Message:
Update ruby-rails32 to 3.2.22.4, no change except version.
|
|
Ruby 2.3.1 Released Posted by nagachika on 26 Apr 2016
Ruby 2.3.1 has been released.
This is the first TEENY version release of the stable 2.3 series.
There are many bugfixes. See the ChangeLog for details.
|
|
Ruby 2.1.10 Released Posted by usa on 1 Apr 2016
Ruby 2.1.10 has been released. This release is not intended for production
use, but for compatibility tests with two-digit version numbers. You don¡Çt
have to replace Ruby 2.1.9 by 2.1.10 in normal use.
As announced in the 2.1.9 release post, Ruby 2.1.10 does not include any
changes from 2.1.9, except for its version number (and only one small related
change in its test suite). Please test your applications and/or libraries for
compatibility with two-digit version numbers.
Ruby 2.1.9 Released Posted by usa on 30 Mar 2016
Ruby 2.1.9 has been released.
This release includes many bug fixes. See ChangeLog for details.
As announced before, this is the last normal release of the Ruby 2.1
series. After this release we will never backport any bug fixes to 2.1 except
security fixes. We recommend that you start planning to upgrade to Ruby 2.3 or
2.2.
By the way, we are planning to release Ruby 2.1.10 in a few days. Ruby 2.1.10
will not include any changes from 2.1.9, except for its version number. You do
not have to use it on production, but you should test it because it has a
two-digit version number.
|
|
Ruby 2.2.5 Released Posted by usa on 26 Apr 2016
Ruby 2.2.5 has been released.
This release includes many bug fixes. See the ChangeLog for details.
|
|
|
|
USE_DESTDIR.
|
|
|
|
|
|
|
|
|
|
=== 4.2.2 / 2016-02-09
* Bug fixes
* Include lib/rdoc/generator/pot/* in built gem
|
|
4.2.1 / 2015-12-22
Bug fixes
* Fixed infinite loop with CR #339 by @nobu
* Allow rdoc run with disable-gems #340 by @luizluca
* Don't store full path in GZipped js files #341 by @voxik
* Fix relative path names for drive letters #367 by @nobu
* Fix for valid syntax `class C end` parsing #368 by @nobu
|
|
Also tweak _RAILS_{MAJOR,MINOR,TEENY} variable definition.
|
|
|
|
|
|
|
|
|
|
Ruby 2.2.4 Released
Posted by nagachika on 16 Dec 2015
Ruby 2.2.4 has been released.
This release includes a security fix for Fiddle extension. Please view the
topic below for more details.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
There are also some bugfixes. See ChangeLog for details.
|
|
Ruby 2.1.8 Released
Posted by usa on 16 Dec 2015
Ruby 2.1.8 has been released.
This release includes a security fix for Fiddle and DL extension. Please view the topic below for more details.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
And, many bug fixes are also included. See ChangeLog for details.
|
|
Ruby 2.0.0-p648 Released
Posted by usa on 16 Dec 2015
Ruby 2.0.0-p648 has been released.
This release includes a security fix for Fiddle and DL extension. Please view
the topic below for more details.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
Ruby 2.0.0 is now under the state of the security maintenance phase, until
Feb. 24th, 2016. After the date, maintenace of Ruby 2.0.0 will be ended. We
recommend you start planning migration to newer versions of Ruby, such as 2.1,
2.2 or 2.3 (scheduled to release within a few weeks).
|
|
The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
|
|
Really drop Ruby 1.9.3 support.
|
|
|
|
|
|
* Missing ruby22 and related.
* Update description of RUBY_SUFFIX.
|
|
Release note:
Ruby 2.2.3 Released
Posted by nagachika on 18 Aug 2015
We are pleased to announce the release of Ruby 2.2.3. This is a TEENY
version release of the stable 2.2 series.
This release includes the security fix for a RubyGems domain name
verification vulnerability.
CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
There are also some bugfixes. See ChangeLog for details.
|
|
Release announce:
Ruby 2.1.7 Released
Posted by usa on 18 Aug 2015
Ruby 2.1.7 has been released.
This release includes the security fix for a RubyGems domain name
verification vulnerability. Please view the topic below for more details.
CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
And, many bug fixes are also included. See tickets and ChangeLog for details.
|
|
Release announce:
Ruby 2.0.0-p647 Released
Posted by usa on 18 Aug 2015
We are pleased to announce the release of Ruby 2.0.0-p647.
This release includes the security fix for a RubyGems domain name
verification vulnerability. Please view the topic below for more details.
CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
And, this release also includes the fix for a regression of lib/resolv.rb.
Uninitialized constant bug introduced by typo in backport of [#10712]
Ruby 2.0.0 is now under the state of the security maintenance phase, until
Feb. 24th, 2016. After the date, maintenance of Ruby 2.0.0 will be ended. We
recommend you start planning migration to newer versions of Ruby, such as
2.1 or 2.2.
|
|
|
|
=== 2.4.8 / 2015-06-08
Bug fixes:
* Tightened API endpoint checks for CVE-2015-3900
=== 2.4.7 / 2015-05-14
Bug fixes:
* Backport: Limit API endpoint to original security domain for CVE-2015-3900.
Fix by claudijd
|
|
|
|
O.K. by taca@ on tech-pkg@.
|
|
|
|
From release announce:
We are pleased to announce the release of Ruby 2.2.2. This is a TEENY version
release of the stable 2.2 series.
This release includes the security fix for a OpenSSL extension¡Çs hostname
verification vulnerability.
CVE-2015-1855: Ruby OpenSSL Hostname Verification
There are also some bugfixes. See ChangeLog for details.
|
|
From release announce:
Ruby 2.1.6 has been released.
This release includes a security fix for OpenSSL extension. Please view the
topic below for more details.
CVE-2015-1855: Ruby OpenSSL Hostname Verification
And, many bug fixes are also included. See tickets and ChangeLog for details.
|
|
From release announce:
We are pleased to announce the release of Ruby 2.0.0-p645.
This release includes a security fix for OpenSSL extension. Please view the
topic below for more details.
CVE-2015-1855: Ruby OpenSSL Hostname Verification
Ruby 2.0.0 is now under the state of the security maintenance phase, until
Feb. 24th, 2016. After the date, maintenance of Ruby 2.0.0 will be ended. We
recommend you start planning migration to newer versions of Ruby, such as 2.1
or 2.2.
This release includes the security fix mentioned above along with small
changes required for test environment (that shouldn¡Çt affect normal users).
See ChangeLog for full details.
|
|
|
|
|
|
|
|
This is the last ordinal release of Ruby 2.0.0. Ruby 2.0.0 goes into the
state of the security maintenance phase, and will never be released unless
any critical regressions or security issues are found. This phase is planned
to be maintained for 1 year. Then, maintenance of Ruby 2.0.0 will be ended
at Feb. 24th, 2016. We recommend to start planning to migrate to newer
versions of Ruby, such as 2.1 or 2.2.
pkgsrc change:
* Change "os" of Gem::Platform, now it change the case of "netbsd" only.
* Reduce patches to builtin rubygems.
|
|
* Simplify Gem::Specification definition.
* Remove some pkgsrc specific modifications.
=== 2.4.6 / 2014-02-05
Bug fixes:
* Fixed resolving gems with both upper and lower requirement boundaries.
Issue #1141 by Jakub Jirutka.
* Moved extension directory after require_paths to fix missing constant bugs
in some gems with C extensions. Issue #784 by Andr«± Arko, pull request
#1137 by Barry Allard.
* Use Gem::Dependency#requirement when adding a dependency to an existing
dependency instance. Pull request #1101 by Josh Cheek.
* Fixed warning of shadowed local variable in Gem::Specification. Pull request
#1109 by Rohit Arondekar
* Gem::Requirement should always sort requirements before coercion to Hash.
Pull request #1139 by Eito Katagiri.
* The `gem open` command should change the current working directory before
opening the editor. Pull request #1142 by Alex Wood.
* Ensure quotes are stripped from the Windows launcher script used to install
gems. Pull request #1115 by Youngjun Song.
* Fixed errors when writing to NFS to to 0444 files. Issue #1161 by Emmanuel
Hadoux.
* Removed dead code in Gem::StreamUI. Pull request #1117 by mediaslave24.
* Fixed typos. Pull request #1096 by hakeda.
* Relaxed CMake dependency for RHEL 6 and CentOS 6. Pull request #1124 by V«¿t
Ondruch.
* Relaxed Psych dependency. Pull request #1128 by V«¿t Ondruch.
|
|
* Make GEM_EXTSDIR from output of gem command instead of derived from
RUBY_ARCH related variables.
|
|
2.2. It affects ruby 2.1 only.
* Binary packages' file name start with "ruby21-" instead of "ruby215-".
* ${PREFIX}/include/ruby-2.1.5 are changed from ${PREFIX}/include/ruby-2.1.5
to ${PREFIX}/include/ruby-2.1.0.
* ${PREFIX}/lib/ruby/2.1.5 and ${PREFIX}/lib/ruby/gem/2.1.5 are changed
to ${PREFIX}/lib/ruby/2.1.0 and ${PREFIX}/lib/ruby/gem/2.1.0.
|
|
It cause support for ruby18 unless explictly specified by
RUBY_VERSION_SUPPORTED in packages' Makefile.
|
|
Should fix build on all NetBSD earm*, noted by joerg@ on earmv7hf.
Shouldn't affect anything else.
XXX Revbump everything using RUBY_ARCH?
|
|
of rubygems except ruby18-base.
|
|
* Add RUBY_GEMS_PKGSRC_VERS and RUBY_RDOC_PKGSRC_VERS.
|
|
|
|
|
|
|
