---
- branch: pkgsrc-2019Q3
  date: Sat Oct  5 10:13:20 UTC 2019
  files:
  - new: 1.208.2.1
    old: '1.208'
    path: pkgsrc/lang/ruby/rubyversion.mk
    pathrev: pkgsrc/lang/ruby/rubyversion.mk@1.208.2.1
    type: modified
  - new: 1.1.22.1
    old: '1.1'
    path: pkgsrc/lang/ruby24/Makefile
    pathrev: pkgsrc/lang/ruby24/Makefile@1.1.22.1
    type: modified
  - new: 1.1.22.1
    old: '1.1'
    path: pkgsrc/lang/ruby24-base/INSTALL
    pathrev: pkgsrc/lang/ruby24-base/INSTALL@1.1.22.1
    type: modified
  - new: 1.12.4.1
    old: '1.12'
    path: pkgsrc/lang/ruby24-base/Makefile
    pathrev: pkgsrc/lang/ruby24-base/Makefile@1.12.4.1
    type: modified
  - new: 1.14.2.1
    old: '1.14'
    path: pkgsrc/lang/ruby24-base/distinfo
    pathrev: pkgsrc/lang/ruby24-base/distinfo@1.14.2.1
    type: modified
  id: 20191005T101320Z.4d34ef93e7684b25810bd834f48dd566627a758a
  log: "Pullup ticket #6064 - requested by taca\nlang/ruby24-base: security fix\n\nRevisions
    pulled up:\n- lang/ruby/rubyversion.mk                                      1.209\n-
    lang/ruby24-base/INSTALL                                      1.2\n- lang/ruby24-base/Makefile
    \                                    1.13\n- lang/ruby24-base/distinfo                                     1.15\n-
    lang/ruby24/Makefile                                          1.2\n\n---\n   Module
    Name:\tpkgsrc\n   Committed By:\ttaca\n   Date:\t\tWed Oct  2 13:31:48 UTC 2019\n\n
    \  Modified Files:\n   \tpkgsrc/lang/ruby: rubyversion.mk\n   \tpkgsrc/lang/ruby24:
    Makefile\n   \tpkgsrc/lang/ruby24-base: INSTALL Makefile distinfo\n\n   Log Message:\n
    \  lang/ruby24: update to 2.4.9\n\n   Update ruby24-base and related packges to
    2.4.9.\n\n   pkgsrc chagnes\n\n   * fix warnings of pkglint.\n\n   Quote from
    release announce:\n\n   Ruby 2.4.8 (2019-10-01)\n\n   This release includes security
    fixes. Please check the topics below for\n   details.\n\n   * CVE-2019-16255:
    A code injection vulnerability of Shell#[] and Shell#test\n   * CVE-2019-16254:
    HTTP response splitting in WEBrick (Additional fix)\n   * CVE-2019-15845: A NUL
    injection vulnerability of File.fnmatch and\n     File.fnmatch?\n   * CVE-2019-16201:
    Regular Expression Denial of Service vulnerability of\n     WEBrick's Digest access
    authentication\n\n   Ruby 2.4.9 (2019-10-02)\n\n   This release is a re-package
    of 2.4.8 because the previous Ruby 2.4.8\n   release tarball does not install.
    (See [Bug #16197] in detail.) There are no\n   essential change except their version
    numbers between 2.4.8 and 2.4.9.\n\n   Ruby 2.4 is now under the state of the
    security maintenance phase, until the\n   end of March of 2020. After that date,
    maintenance of Ruby 2.4 will be\n   ended. We recommend you start planning the
    migration to newer versions of\n   Ruby, such as 2.6 or 2.5.\n"
  module: pkgsrc
  subject: 'CVS commit: [pkgsrc-2019Q3] pkgsrc/lang'
  unixtime: '1570270400'
  user: bsiegert