From a6e9fa57a875b0c67dd4b999ed5c57cb3beabd28 Mon Sep 17 00:00:00 2001
From: taca <taca@pkgsrc.org>
Date: Thu, 11 Feb 2021 14:23:41 +0000
Subject: www/rails52: update to 5.2.4.5

## Rails 5.2.4.5 (February 10, 2021) ##

*   Fix possible DoS vector in PostgreSQL money type

    Carefully crafted input can cause a DoS via the regular expressions used
    for validating the money format in the PostgreSQL adapter.  This patch
    fixes the regexp.

    Thanks to @dee-see from Hackerone for this patch!

    [CVE-2021-22880]

    *Aaron Patterson*
---
 lang/ruby/rails.mk | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lang/ruby')

diff --git a/lang/ruby/rails.mk b/lang/ruby/rails.mk
index 0ed013f67ae..980e625fdab 100644
--- a/lang/ruby/rails.mk
+++ b/lang/ruby/rails.mk
@@ -1,4 +1,4 @@
-# $NetBSD: rails.mk,v 1.91 2020/10/19 14:50:31 taca Exp $
+# $NetBSD: rails.mk,v 1.92 2021/02/11 14:23:41 taca Exp $
 
 .if !defined(_RUBY_RAILS_MK)
 _RUBY_RAILS_MK=	# defined
@@ -47,7 +47,7 @@ _RUBY_RAILS_MK=	# defined
 #
 # current Ruby on Rails versions.
 #
-RUBY_RAILS52_VERSION?=	5.2.4.4
+RUBY_RAILS52_VERSION?=	5.2.4.5
 RUBY_RAILS60_VERSION?=	6.0.3.4
 
 RUBY_RAILS_ACCEPTED?=	# defined
-- 
cgit v1.2.3