--- - branch: pkgsrc-2023Q1 date: Sat Apr 1 20:04:44 UTC 2023 files: - new: 1.260.2.3 old: 1.260.2.2 path: pkgsrc/lang/ruby/rubyversion.mk pathrev: pkgsrc/lang/ruby/rubyversion.mk@1.260.2.3 type: modified - new: 1.9.4.1 old: '1.9' path: pkgsrc/lang/ruby31-base/distinfo pathrev: pkgsrc/lang/ruby31-base/distinfo@1.9.4.1 type: modified id: 20230401T200444Z.72fa128e1c74d990249a721f19193aef8132d224 log: "Pullup ticket #6747 - requested by taca\nlang/ruby31-base: security update\n\nRevisions pulled up:\n- lang/ruby/rubyversion.mk 1.263\n- lang/ruby31-base/distinfo 1.10\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tSat Apr 1 09:17:15 UTC 2023\n\n Modified Files:\n \tpkgsrc/lang/ruby: rubyversion.mk\n \tpkgsrc/lang/ruby31-base: distinfo\n\n Log Message:\n lang/ruby31: update to 3.1.4\n\n Ruby 3.1.4 Released\t\t\tPosted by nagachika on 30 Mar 2023\n\n Ruby 3.1.4 has been released.\n\n \ This release includes security fixes. Please check the topics below for\n \ details.\n\n * CVE-2023-28755: ReDoS vulnerability in URI\n * CVE-2023-28756: ReDoS vulnerability in Time\n\n What's Changed\n\n * Bug #19187: Ruby 3.1.3 testsuite fails after timezone 2022g update is\n applied\n * Bug #19153: Since 2.7.7 CGI::Cookie raises ArgumentError when cookie\n domains is prefixed with a dot\n * Bug #18629: block args array splatting assigns to higher scope _ var\n * Bug #18765: Wrong description introduced by\n https://github.com/ruby/ruby/pull/4938/files\n \ * Bug #19189: Ruby 3.1.3/3.2.x can no longer find pkg-config if not present\n \ at buildtime\n * Bug #19292: Time object's wday, yday, and isdst returns broken value (and\n so does to_a) when kwarg in: 'UTC' was given\n * Bug #19305: TracePoint#parameters segfaults when certain method creation\n pattern is used\n * Bug #19319: Crash in rb_str_casemap\n * Bug #19316: YJIT crash in 3.2.0\n * Bug #19284: Integer overflow when using RUBY_GC_HEAP_INIT_SLOTS\n \ environment variable\n * Bug #19320: Crash during compaction while traversing the stack\n * Bug #19389: StringIO gets(..., chomp: true) behaves differently to File/IO.\n * Bug #19284: Integer overflow when using RUBY_GC_HEAP_INIT_SLOTS\n \ environment variable\n * Bug #19398: Memory leak in WeakMap\n * Bug #19403: Unable to Build Native Gems on Mac with Ruby 3.1.0+\n * Bug #19415: Incorrect circularity warning for concurrent requires\n * Bug #19419: [BUG] try to mark T_NONE object in ibf_dump_mark\n * Bug #19445: Segmentation fault with Numeric#step\n \ * Bug #19161: Cannot compile 3.0.5 or 3.1.3 on Red Hat Enterprise Linux 7\n \ * Bug #18989: Backport f229b36087f1b387d77af8f3fa50f9bffd2fd44e to ruby_3_1\n \ * Bug #18748: Range#cover? returns true for beginless range of different\n \ type\n * Bug #18827: __ENCODING__ is not set to the source encoding when saving\n script lines\n * Bug #19242: Circular cause by Marshal\n * Bug #19243: Windows: Dir.home returns string in wrong encoding\n * Bug #19115: RubyGems fails to detect OpenSSL in --with-static-linked-ext\n builds\n * Bug #18464: RUBY_INTERNAL_EVENT_NEWOBJ tracepoint causes an interpreter\n crash when combined with Ractors\n * Bug #19529: [BUG] ObjectSpace::WeakMap can segfault after compaction\n \ * Bug #19485: Unexpected behavior in squiggly heredocs\n\n Note: This list is automatically generated by tool/gen-github-release.rb.\n Because of this, some commits may be missing.\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.262 -r1.263 pkgsrc/lang/ruby/rubyversion.mk\n cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/ruby31-base/distinfo\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2023Q1] pkgsrc/lang' unixtime: '1680379484' user: spz