---
- branch: MAIN
  date: Tue Mar 12 04:19:09 UTC 2019
  files:
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/lang/ruby26-base/Makefile
    pathrev: pkgsrc/lang/ruby26-base/Makefile@1.2
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/lang/ruby26-base/distinfo
    pathrev: pkgsrc/lang/ruby26-base/distinfo@1.2
    type: modified
  id: 20190312T041909Z.1b86214f0a6a1a36f4d40e28e2eacfc44976b4eb
  log: |
    lang/ruby26-base: Add security patch for rubygems

    Add security patch for rubygems, fixing these problem.

    * CVE-2019-8320: Delete directory using symlink when decompressing tar
    * CVE-2019-8321: Escape sequence injection vulnerability in verbose
    * CVE-2019-8322: Escape sequence injection vulnerability in gem owner
    * CVE-2019-8323: Escape sequence injection vulnerability in API response handling
    * CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
    * CVE-2019-8325: Escape sequence injection vulnerability in errors

    Bump PKGREVISION.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/lang/ruby26-base'
  unixtime: '1552364349'
  user: taca