From 99e3ce6770da40bb44571154a91a9fecccba0f90 Mon Sep 17 00:00:00 2001 From: taca Date: Fri, 22 Feb 2013 16:20:47 +0000 Subject: Update ruby193-base package (and related) to 1.9.3-p392. Security problem of CVE-2013-0269 was already handled but REXML security problem is fixed by this package. Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently. This release includes security fixes about bundled JSON and REXML. * Denial of Service and Unsafe Object Creation Vulnerability in JSON (CVE-2013-0269) * Entity expansion DoS vulnerability in REXML (XML bomb) And some small bugfixes are also included. --- lang/ruby/rubyversion.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lang/ruby') diff --git a/lang/ruby/rubyversion.mk b/lang/ruby/rubyversion.mk index 05518f26408..077aeba3d6c 100644 --- a/lang/ruby/rubyversion.mk +++ b/lang/ruby/rubyversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: rubyversion.mk,v 1.94 2013/02/06 15:48:30 taca Exp $ +# $NetBSD: rubyversion.mk,v 1.95 2013/02/22 16:20:47 taca Exp $ # # This file determines which Ruby version is used as a dependency for @@ -206,7 +206,7 @@ RUBY193_VERSION= 1.9.3 # patch RUBY18_PATCHLEVEL= pl371 -RUBY193_PATCHLEVEL= p385 +RUBY193_PATCHLEVEL= p392 # current API compatible version; used for version of shared library RUBY18_API_VERSION= 1.8.7 -- cgit v1.2.3