Now
MAIN commitmail json YAML
pkgsrc/textproc/ruby-yard/Makefile@1.11
/
diff
pkgsrc/textproc/ruby-yard/PLIST@1.9 / diff
pkgsrc/textproc/ruby-yard/distinfo@1.9 / diff
pkgsrc/textproc/ruby-yard/PLIST@1.9 / diff
pkgsrc/textproc/ruby-yard/distinfo@1.9 / diff
textproc/ruby-yard: update to 0.9.20
Update ruby-yard to 0.9.20, fixing CVE-2019-14369.
# 0.9.20 - June 27th, 2019
[0.9.20]: https://github.com/lsegal/yard/compare/v0.9.19...v0.9.20
- Fix parsing of stringified Symbols in Ruby source (#1256).
- Fix path traversal vulnerability in `yard server`. This bug would allow
unsanitized HTTP requests to access arbitrary files on the machine of a
`yard server` host under certain conditions. Thanks to CuongMX from
Viettel Cyber Security for discovering this vulnerability.
# 0.9.19 - April 2nd, 2019
[0.9.19]: https://github.com/lsegal/yard/compare/v0.9.16...v0.9.19
- Fixed bug in browser back button (#1071, #1228)
- Fixed handling of ArgumentError in ExtraFileObject (#1198)
- Fixed double return tag displaying on boolean methods (#1226)
- Removed unused `Module#namespace_name` function (#1229)
- Fixed parsing order of README files. YARD will now prefer README over
README.md over README.x.md or README-x.md (and the like). READMEs will now
also be ordered by filename; the first README is still chosen unless
`--readme` is provided.
- Updated AsciiDoc markup support to use non-deprecated calls.
Update ruby-yard to 0.9.20, fixing CVE-2019-14369.
# 0.9.20 - June 27th, 2019
[0.9.20]: https://github.com/lsegal/yard/compare/v0.9.19...v0.9.20
- Fix parsing of stringified Symbols in Ruby source (#1256).
- Fix path traversal vulnerability in `yard server`. This bug would allow
unsanitized HTTP requests to access arbitrary files on the machine of a
`yard server` host under certain conditions. Thanks to CuongMX from
Viettel Cyber Security for discovering this vulnerability.
# 0.9.19 - April 2nd, 2019
[0.9.19]: https://github.com/lsegal/yard/compare/v0.9.16...v0.9.19
- Fixed bug in browser back button (#1071, #1228)
- Fixed handling of ArgumentError in ExtraFileObject (#1198)
- Fixed double return tag displaying on boolean methods (#1226)
- Removed unused `Module#namespace_name` function (#1229)
- Fixed parsing order of README files. YARD will now prefer README over
README.md over README.x.md or README-x.md (and the like). READMEs will now
also be ordered by filename; the first README is still chosen unless
`--readme` is provided.
- Updated AsciiDoc markup support to use non-deprecated calls.