Received: by mail.netbsd.org (Postfix, from userid 605)
	id 46B9684ED6; Wed, 21 Mar 2018 12:09:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id A81DF84D5E
	for <pkgsrc-changes@NetBSD.org>; Wed, 21 Mar 2018 12:09:40 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id KihPcT4QY7Ln for <pkgsrc-changes@netbsd.org>;
	Wed, 21 Mar 2018 12:09:40 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 0670584ED2
	for <pkgsrc-changes@NetBSD.org>; Wed, 21 Mar 2018 12:09:40 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 0383DFB40; Wed, 21 Mar 2018 12:09:40 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1521634179264700"
MIME-Version: 1.0
Date: Wed, 21 Mar 2018 12:09:39 +0000
From: "Takahiro Kambe" <taca@netbsd.org>
Subject: CVS commit: pkgsrc/www/ruby-loofah
To: pkgsrc-changes@NetBSD.org
Reply-To: taca@netbsd.org
X-Mailer: log_accum
Message-Id: <20180321120940.0383DFB40@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1521634179264700
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	taca
Date:		Wed Mar 21 12:09:39 UTC 2018

Modified Files:
	pkgsrc/www/ruby-loofah: Makefile PLIST distinfo

Log Message:
www/ruby-loofah: update to 2.2.1

## 2.2.1 / 2018-03-19

Addresses CVE-2018-8048. Loofah allowed non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments.

This CVE's public notice is at https://github.com/flavorjones/loofah/issues/144


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/ruby-loofah/Makefile \
    pkgsrc/www/ruby-loofah/PLIST pkgsrc/www/ruby-loofah/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1521634179264700
Content-Disposition: inline
Content-Length: 2634
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/www/ruby-loofah/Makefile
diff -u pkgsrc/www/ruby-loofah/Makefile:1.2 pkgsrc/www/ruby-loofah/Makefile:1.3
--- pkgsrc/www/ruby-loofah/Makefile:1.2	Sat Mar 17 16:21:48 2018
+++ pkgsrc/www/ruby-loofah/Makefile	Wed Mar 21 12:09:39 2018
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2018/03/17 16:21:48 taca Exp $
+# $NetBSD: Makefile,v 1.3 2018/03/21 12:09:39 taca Exp $
 
-DISTNAME=	loofah-2.2.0
+DISTNAME=	loofah-2.2.1
 CATEGORIES=	www
 
 MAINTAINER=	minskim@NetBSD.org
Index: pkgsrc/www/ruby-loofah/PLIST
diff -u pkgsrc/www/ruby-loofah/PLIST:1.2 pkgsrc/www/ruby-loofah/PLIST:1.3
--- pkgsrc/www/ruby-loofah/PLIST:1.2	Sat Mar 17 16:21:48 2018
+++ pkgsrc/www/ruby-loofah/PLIST	Wed Mar 21 12:09:39 2018
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2018/03/17 16:21:48 taca Exp $
+@comment $NetBSD: PLIST,v 1.3 2018/03/21 12:09:39 taca Exp $
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_LIBDIR}/.gemtest
 ${GEM_LIBDIR}/CHANGELOG.md
@@ -7,6 +7,7 @@ ${GEM_LIBDIR}/MIT-LICENSE.txt
 ${GEM_LIBDIR}/Manifest.txt
 ${GEM_LIBDIR}/README.md
 ${GEM_LIBDIR}/Rakefile
+${GEM_LIBDIR}/SECURITY.md
 ${GEM_LIBDIR}/benchmark/benchmark.rb
 ${GEM_LIBDIR}/benchmark/fragment.html
 ${GEM_LIBDIR}/benchmark/helper.rb
@@ -16,6 +17,7 @@ ${GEM_LIBDIR}/lib/loofah/elements.rb
 ${GEM_LIBDIR}/lib/loofah/helpers.rb
 ${GEM_LIBDIR}/lib/loofah/html/document.rb
 ${GEM_LIBDIR}/lib/loofah/html/document_fragment.rb
+${GEM_LIBDIR}/lib/loofah/html5/libxml2_workarounds.rb
 ${GEM_LIBDIR}/lib/loofah/html5/scrub.rb
 ${GEM_LIBDIR}/lib/loofah/html5/whitelist.rb
 ${GEM_LIBDIR}/lib/loofah/instance_methods.rb
Index: pkgsrc/www/ruby-loofah/distinfo
diff -u pkgsrc/www/ruby-loofah/distinfo:1.2 pkgsrc/www/ruby-loofah/distinfo:1.3
--- pkgsrc/www/ruby-loofah/distinfo:1.2	Sat Mar 17 16:21:48 2018
+++ pkgsrc/www/ruby-loofah/distinfo	Wed Mar 21 12:09:39 2018
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.2 2018/03/17 16:21:48 taca Exp $
+$NetBSD: distinfo,v 1.3 2018/03/21 12:09:39 taca Exp $
 
-SHA1 (loofah-2.2.0.gem) = f88958f42507da6fa611b66677e817c78ee6d987
-RMD160 (loofah-2.2.0.gem) = 4ae199c042e7cb6c18e8c4c219e0e36dd052cc6f
-SHA512 (loofah-2.2.0.gem) = cfee8bb8c138fb76b8fbbf76c3962729711bd1d69bac6eb3fb1b25e0677f9da83b906b4b8f031a92d7780ce43d55bcdec4584dd9a12a9e4d7efc07db0484362e
-Size (loofah-2.2.0.gem) = 62464 bytes
+SHA1 (loofah-2.2.1.gem) = 124094ccdb70f8ed7dbc899c828e5d902f3155c8
+RMD160 (loofah-2.2.1.gem) = cfb7ab71026d8952165ff316383653d8899f79af
+SHA512 (loofah-2.2.1.gem) = df971a1bee08f0ee0913af2b4b7baefa6d1ad04af82de796f6f0d505fab7749d52ce79db0118343d336bdae6fcfd4190fecb315019b2c821d81ac1c08d5b8e2a
+Size (loofah-2.2.1.gem) = 65024 bytes


--_----------=_1521634179264700--