Now
pkgsrc-2021Q3 commitmail json YAML
Pullup ticket #6545 - requested by taca
lang/ruby26-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.238
- lang/ruby26-base/distinfo 1.15
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 15:51:08 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26-base: distinfo
Log Message:
lang/ruby26-base: update to 2.6.9
Ruby 2.6.9 Released
Posted by usa on 24 Nov 2021
Ruby 2.6.9 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit
logs for details.
Ruby 2.6 is now under the state of the security maintenance phase, until the
end of March of 2022. After that date, maintenance of Ruby 2.6 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 3.0 or 2.7.
lang/ruby26-base: security fix
Revisions pulled up:
- lang/ruby/rubyversion.mk 1.238
- lang/ruby26-base/distinfo 1.15
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 15:51:08 UTC 2021
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby26-base: distinfo
Log Message:
lang/ruby26-base: update to 2.6.9
Ruby 2.6.9 Released
Posted by usa on 24 Nov 2021
Ruby 2.6.9 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit
logs for details.
Ruby 2.6 is now under the state of the security maintenance phase, until the
end of March of 2022. After that date, maintenance of Ruby 2.6 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 3.0 or 2.7.