---
- branch: MAIN
  date: Thu Mar 29 03:11:58 UTC 2018
  files:
  - new: '1.195'
    old: '1.194'
    path: pkgsrc/lang/ruby/rubyversion.mk
    pathrev: pkgsrc/lang/ruby/rubyversion.mk@1.195
    type: modified
  - new: '1.23'
    old: '1.22'
    path: pkgsrc/lang/ruby22-base/Makefile
    pathrev: pkgsrc/lang/ruby22-base/Makefile@1.23
    type: modified
  - new: '1.24'
    old: '1.23'
    path: pkgsrc/lang/ruby22-base/distinfo
    pathrev: pkgsrc/lang/ruby22-base/distinfo@1.24
    type: modified
  id: 20180329T031158Z.f436a19e9fbcd55c9d40d0c47f66c0049d75c54b
  log: "lang/ruby22-base: update to 2.2.10, security release\n\nRuby 2.2.10 Released\t\t\t\tPosted
    by usa on 28 Mar 2018\n\nRuby 2.2.10 has been released.  This release includes
    several security\nfixes. Please check the topics below for details.\n\n* CVE-2017-17742:
    HTTP response splitting in WEBrick\n* CVE-2018-8777: DoS by large request in WEBrick\n*
    CVE-2018-6914: Unintentional file and directory creation with directory\n  traversal
    in tempfile and tmpdir\n* CVE-2018-8778: Buffer under-read in String#unpack\n*
    CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in\n  UNIXServer
    and UNIXSocket\n* CVE-2018-8780: Unintentional directory traversal by poisoned
    NUL byte in Dir\n* Multiple vulnerabilities in RubyGems\n\nRuby 2.2 is under the
    state of the security maintenance phase, until the end\nof the March of 2018.
    \ After the date, maintenance of Ruby 2.2 will be ended.\nSo, this release is
    expected to be the last release of Ruby 2.2.  We will\nnever make a new release
    of Ruby 2.2 unless Ruby 2.2.10 has a serious\nregression bug.  We recommend you
    migrating to newer versions of Ruby, such as\n2.5.\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/lang'
  unixtime: '1522293118'
  user: taca