From 5c9cf5e0421b9bd7b369d6b86ac25de6e6cc2be3 Mon Sep 17 00:00:00 2001 From: tsutsui Date: Sun, 10 Jan 2016 11:55:44 +0000 Subject: Update ruby-nokogiri to 1.6.7.1. pkgsrc changes: * Fix DEPENDS on required ${RUBY_PKGPREFIX}-mini_portile2>=2.0.0 Upstream changes: === 1.6.7.1 / 2015-12-16 This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 See also http://www.ubuntu.com/usn/usn-2834-1/ --- textproc/ruby-nokogiri/Makefile | 9 +++++---- textproc/ruby-nokogiri/PLIST | 10 +++++++++- textproc/ruby-nokogiri/distinfo | 10 +++++----- 3 files changed, 19 insertions(+), 10 deletions(-) (limited to 'textproc/ruby-nokogiri') diff --git a/textproc/ruby-nokogiri/Makefile b/textproc/ruby-nokogiri/Makefile index 43ec99bec25..f45e6017440 100644 --- a/textproc/ruby-nokogiri/Makefile +++ b/textproc/ruby-nokogiri/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.29 2015/12/13 15:26:42 taca Exp $ +# $NetBSD: Makefile,v 1.30 2016/01/10 11:55:44 tsutsui Exp $ -DISTNAME= nokogiri-1.6.7 +DISTNAME= nokogiri-1.6.7.1 CATEGORIES= textproc MAINTAINER= pkgsrc-users@NetBSD.org @@ -8,13 +8,14 @@ HOMEPAGE= http://nokogiri.org/ COMMENT= HTML, XML, SAX, and Reader parser with XPath and CSS selector support LICENSE= mit -DEPENDS+= ${RUBY_PKGPREFIX}-mini_portile>=0.6.0<0.7:../../misc/ruby-mini_portile +DEPENDS+= ${RUBY_PKGPREFIX}-mini_portile2>=2.0.0:../../misc/ruby-mini_portile2 +OVERRIDE_GEMSPEC= mini_portile2>=2.0.0 USE_GCC_RUNTIME= yes USE_TOOLS+= pkg-config MAKE_ENV+= NOKOGIRI_USE_SYSTEM_LIBRARIES=yes RUBYGEM_OPTIONS+= --format-executable -OVERRIDE_GEMSPEC= :files ports/archives/libxml2-2.9.2.tar.gz= \ +OVERRIDE_GEMSPEC+= :files ports/archives/libxml2-2.9.2.tar.gz= \ ports/archives/libxslt-1.1.28.tar.gz= .include "../../textproc/libxml2/buildlink3.mk" diff --git a/textproc/ruby-nokogiri/PLIST b/textproc/ruby-nokogiri/PLIST index d1622d17a22..33ed514ec97 100644 --- a/textproc/ruby-nokogiri/PLIST +++ b/textproc/ruby-nokogiri/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.17 2015/12/13 15:26:42 taca Exp $ +@comment $NetBSD: PLIST,v 1.18 2016/01/10 11:55:44 tsutsui Exp $ bin/nokogiri${RUBY_SUFFIX} ${GEM_HOME}/cache/${GEM_NAME}.gem ${GEM_EXTSDIR}/gem.build_complete @@ -166,6 +166,14 @@ ${GEM_LIBDIR}/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section- ${GEM_LIBDIR}/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch ${GEM_LIBDIR}/patches/libxml2/0009-Updated-config.guess.patch ${GEM_LIBDIR}/patches/libxml2/0010-Fix-parsering-short-unclosed-comment-uninitialized-access.patch +${GEM_LIBDIR}/patches/libxml2/0011-Avoid-extra-processing-of-MarkupDecl-when-EOF.patch +${GEM_LIBDIR}/patches/libxml2/0012-Avoid-processing-entities-after-encoding-conversion-.patch +${GEM_LIBDIR}/patches/libxml2/0013-CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch +${GEM_LIBDIR}/patches/libxml2/0014-CVE-2015-5312-Another-entity-expansion-issue.patch +${GEM_LIBDIR}/patches/libxml2/0015-Add-xmlHaltParser-to-stop-the-parser.patch +${GEM_LIBDIR}/patches/libxml2/0016-Detect-incoherency-on-GROW.patch +${GEM_LIBDIR}/patches/libxml2/0017-CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch +${GEM_LIBDIR}/patches/libxml2/0018-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-pus.patch ${GEM_LIBDIR}/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch ${GEM_LIBDIR}/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch ${GEM_LIBDIR}/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch diff --git a/textproc/ruby-nokogiri/distinfo b/textproc/ruby-nokogiri/distinfo index 63726d49a6b..e4cabe5515e 100644 --- a/textproc/ruby-nokogiri/distinfo +++ b/textproc/ruby-nokogiri/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.19 2015/12/13 15:26:42 taca Exp $ +$NetBSD: distinfo,v 1.20 2016/01/10 11:55:44 tsutsui Exp $ -SHA1 (nokogiri-1.6.7.gem) = 24ff324c9a8ca10e30e50f18198310b26676a25f -RMD160 (nokogiri-1.6.7.gem) = 5583d136e176ef46f9915c34466f23bb2523fe9a -SHA512 (nokogiri-1.6.7.gem) = 387dd7d653310464cb1fc9b6718ce82355704fa98c8d02c89be1f1105198f01de9772d436806caa7ea96a0d48b351b3caff594e044cdee65206ea61a9f9528e7 -Size (nokogiri-1.6.7.gem) = 9269248 bytes +SHA1 (nokogiri-1.6.7.1.gem) = 5891d05b0ed63825f2955418a9282ca5cd61436e +RMD160 (nokogiri-1.6.7.1.gem) = df79c4c80e7df6d9af45fb544bad482e4a182a68 +SHA512 (nokogiri-1.6.7.1.gem) = 85212317ac44ab4b08f7c35d9fb930402146a4576b03c2b23aa84901a7684c7a7e128af77dc7427f458606fd54250b95cbb13fc27d8097e8e8dc688db1220304 +Size (nokogiri-1.6.7.1.gem) = 9274368 bytes -- cgit v1.2.3