--- - branch: pkgsrc-2023Q1 date: Sat Apr 1 19:57:14 UTC 2023 files: - new: 1.260.2.2 old: 1.260.2.1 path: pkgsrc/lang/ruby/rubyversion.mk pathrev: pkgsrc/lang/ruby/rubyversion.mk@1.260.2.2 type: modified - new: 1.11.4.1 old: '1.11' path: pkgsrc/lang/ruby30-base/distinfo pathrev: pkgsrc/lang/ruby30-base/distinfo@1.11.4.1 type: modified id: 20230401T195714Z.8b9b9331c076e09f1635ee228750c6dd74b86a9b log: "Pullup ticket #6746 - requested by taca\nlang/ruby30-base: security update\n\nRevisions pulled up:\n- lang/ruby/rubyversion.mk 1.262\n- lang/ruby30-base/distinfo 1.12\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tSat Apr 1 09:08:51 UTC 2023\n\n Modified Files:\n \tpkgsrc/lang/ruby: rubyversion.mk\n \tpkgsrc/lang/ruby30-base: distinfo\n\n Log Message:\n lang/ruby30: update to 3.0.6\n\n Ruby 3.0.6 Released\t\t\tPosted by usa on 30 Mar 2023\n\n Ruby 3.0.6 has been released.\n\n \ This release includes security fixes. Please check the topics below for\n details.\n\n \ * CVE-2023-28755: ReDoS vulnerability in URI\n * CVE-2023-28756: ReDoS vulnerability in Time\n\n This release also includes some bug fixes. See the GitHub releases for\n further details.\n\n After this release, we end the normal maintenance phase of Ruby 3.0, and\n Ruby 3.0 enters the security maintenance phase. This means that we will no\n longer backport any bug fixes to Ruby 3.0 except security fixes.\n\n The term of the security maintenance phase is scheduled for a year. \ Ruby\n 3.0 reaches EOL and its official support ends by the end of the security\n \ maintenance phase. Therefore, we recommend that you start to plan upgrade\n \ to Ruby 3.1 or 3.2.\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.261 -r1.262 pkgsrc/lang/ruby/rubyversion.mk\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/ruby30-base/distinfo\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2023Q1] pkgsrc/lang' unixtime: '1680379034' user: spz