Link [ pkgsrc | NetBSD | pkgsrc git mirror | PR fulltext-search | netbsd commit viewer ]


   
        usage: [branch:branch] [user:user] [path[@revision]] keyword [... [-excludekeyword [...]]] (e.g. branch:MAIN pkgtools/pkg)


[ 1 ]


switch to index mode

recent branches: MAIN (4m)  pkgsrc-2024Q1 (6h)  pkgsrc-2023Q4 (68d)  pkgsrc-2023Q2 (100d) 

2024-06-07 20:04:41 UTC Now

2013-02-22 16:20:48 UTC MAIN commitmail json YAML

pkgsrc/lang/ruby/rubyversion.mk@1.95 / diff
pkgsrc/lang/ruby193-base/Makefile@1.26 / diff
pkgsrc/lang/ruby193-base/distinfo@1.18 / diff
pkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_add_core.rb deleted
pkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_common.rb deleted
pkgsrc/lang/ruby193-base/patches/patch-ext_json_lib_json_version.rb deleted
pkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.c deleted
pkgsrc/lang/ruby193-base/patches/patch-ext_json_parser_parser.rl deleted
pkgsrc/lang/ruby193-base/patches/patch-test_json_test__json.rb deleted
pkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__addition.rb deleted
pkgsrc/lang/ruby193-base/patches/patch-test_json_test__json__string__matching.rb deleted

Update ruby193-base package (and related) to 1.9.3-p392.
Security problem of CVE-2013-0269 was already handled but REXML security
problem is fixed by this package.

Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

This release includes security fixes about bundled JSON and REXML.

* Denial of Service and Unsafe Object Creation Vulnerability in JSON
  (CVE-2013-0269)
* Entity expansion DoS vulnerability in REXML (XML bomb)

And some small bugfixes are also included.

(taca)

[ 1 ]