---
- branch: MAIN
  date: Thu Jan 19 14:27:26 UTC 2023
  files:
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/databases/ruby-activerecord60/distinfo
    pathrev: pkgsrc/databases/ruby-activerecord60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/ruby-activejob60/distinfo
    pathrev: pkgsrc/devel/ruby-activejob60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/ruby-activemodel60/distinfo
    pathrev: pkgsrc/devel/ruby-activemodel60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/ruby-activestorage60/distinfo
    pathrev: pkgsrc/devel/ruby-activestorage60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/ruby-activesupport60/distinfo
    pathrev: pkgsrc/devel/ruby-activesupport60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/ruby-railties60/distinfo
    pathrev: pkgsrc/devel/ruby-railties60/distinfo@1.21
    type: modified
  - new: '1.138'
    old: '1.137'
    path: pkgsrc/lang/ruby/rails.mk
    pathrev: pkgsrc/lang/ruby/rails.mk@1.138
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/mail/ruby-actionmailbox60/distinfo
    pathrev: pkgsrc/mail/ruby-actionmailbox60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/mail/ruby-actionmailer60/distinfo
    pathrev: pkgsrc/mail/ruby-actionmailer60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/textproc/ruby-actiontext60/distinfo
    pathrev: pkgsrc/textproc/ruby-actiontext60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/www/ruby-actioncable60/distinfo
    pathrev: pkgsrc/www/ruby-actioncable60/distinfo@1.21
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/www/ruby-actionpack60/Makefile
    pathrev: pkgsrc/www/ruby-actionpack60/Makefile@1.5
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/www/ruby-actionpack60/distinfo
    pathrev: pkgsrc/www/ruby-actionpack60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/www/ruby-actionview60/distinfo
    pathrev: pkgsrc/www/ruby-actionview60/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/www/ruby-rails60/distinfo
    pathrev: pkgsrc/www/ruby-rails60/distinfo@1.21
    type: modified
  id: 20230119T142726Z.68148008648e3e8061d5241a5e376c73b03e955c
  log: |
    www/ruby-rails60: update to 6.0.6.1

    Only databases/ruby-activerecord61 has updated.

    Rails 6.0.6.1 (2023-01-17)

    * Make `sanitize_as_sql_comment` more strict

      Though this method was likely never meant to take user input, it was
      attempting sanitization. That sanitization could be bypassed with
      carefully crafted input.

      This commit makes the sanitization more robust by replacing any
      occurrances of "/*" or "*/" with "/ *" or "* /". It also performs a
      first pass to remove one surrounding comment to avoid compatibility
      issues for users relying on the existing removal.

      This also clarifies in the documentation of annotate that it should not
      be provided user input.

      [CVE-2023-22794]
  module: pkgsrc
  subject: 'CVS commit: pkgsrc'
  unixtime: '1674138446'
  user: taca