Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified)) by mollari.NetBSD.org (Postfix) with ESMTPS id EC62F1A9239 for ; Sat, 27 Nov 2021 21:53:15 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 1B85284EB9; Sat, 27 Nov 2021 21:53:15 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 5754684EAD for ; Sat, 27 Nov 2021 21:53:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id aHsxHpIn4FF6 for ; Sat, 27 Nov 2021 21:53:13 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id AF5D684CEA for ; Sat, 27 Nov 2021 21:53:13 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id A8D82FAEC; Sat, 27 Nov 2021 21:53:13 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1638049993156760" MIME-Version: 1.0 Date: Sat, 27 Nov 2021 21:53:13 +0000 From: "Thomas Merkel" Subject: CVS commit: [pkgsrc-2021Q3] pkgsrc/lang To: pkgsrc-changes@NetBSD.org Reply-To: tm@netbsd.org X-Mailer: log_accum Message-Id: <20211127215313.A8D82FAEC@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1638049993156760 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: tm Date: Sat Nov 27 21:53:13 UTC 2021 Modified Files: pkgsrc/lang/ruby [pkgsrc-2021Q3]: rubyversion.mk pkgsrc/lang/ruby26-base [pkgsrc-2021Q3]: distinfo Log Message: Pullup ticket #6545 - requested by taca lang/ruby26-base: security fix Revisions pulled up: - lang/ruby/rubyversion.mk 1.238 - lang/ruby26-base/distinfo 1.15 --- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 15:51:08 UTC 2021 Modified Files: pkgsrc/lang/ruby: rubyversion.mk pkgsrc/lang/ruby26-base: distinfo Log Message: lang/ruby26-base: update to 2.6.9 Ruby 2.6.9 Released Posted by usa on 24 Nov 2021 Ruby 2.6.9 has been released. This release includes security fixes. Please check the topics below for details. * CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods * CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit logs for details. Ruby 2.6 is now under the state of the security maintenance phase, until the end of March of 2022. After that date, maintenance of Ruby 2.6 will be ended. We recommend you start planning the migration to newer versions of Ruby, such as 3.0 or 2.7. To generate a diff of this commit: cvs rdiff -u -r1.237 -r1.237.2.1 pkgsrc/lang/ruby/rubyversion.mk cvs rdiff -u -r1.11 -r1.11.2.1 pkgsrc/lang/ruby26-base/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1638049993156760 Content-Disposition: inline Content-Length: 2267 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/lang/ruby/rubyversion.mk diff -u pkgsrc/lang/ruby/rubyversion.mk:1.237 pkgsrc/lang/ruby/rubyversion.mk:1.237.2.1 --- pkgsrc/lang/ruby/rubyversion.mk:1.237 Sat Sep 25 00:47:26 2021 +++ pkgsrc/lang/ruby/rubyversion.mk Sat Nov 27 21:53:13 2021 @@ -1,4 +1,4 @@ -# $NetBSD: rubyversion.mk,v 1.237 2021/09/25 00:47:26 dholland Exp $ +# $NetBSD: rubyversion.mk,v 1.237.2.1 2021/11/27 21:53:13 tm Exp $ # # This file determines which Ruby version is used as a dependency for @@ -213,7 +213,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/rub .endif # current supported Ruby's version -RUBY26_VERSION= 2.6.8 +RUBY26_VERSION= 2.6.9 RUBY27_VERSION= 2.7.4 RUBY30_VERSION= 3.0.2 @@ -286,7 +286,7 @@ RUBY_BIGDECIMAL_VERSION= 1.4.1 RUBY_BUNDLER_VERSION= 1.17.2 RUBY_CMATH_VERSION= 1.0.0 RUBY_CSV_VERSION= 3.0.9 -RUBY_DATE_VERSION= 2.0.0 +RUBY_DATE_VERSION= 2.0.2 RUBY_DBM_VERSION= 1.0.0 RUBY_E2MMAP_VERSION= 0.1.0 RUBY_ETC_VERSION= 1.0.1 Index: pkgsrc/lang/ruby26-base/distinfo diff -u pkgsrc/lang/ruby26-base/distinfo:1.11 pkgsrc/lang/ruby26-base/distinfo:1.11.2.1 --- pkgsrc/lang/ruby26-base/distinfo:1.11 Wed Jul 7 15:15:19 2021 +++ pkgsrc/lang/ruby26-base/distinfo Sat Nov 27 21:53:13 2021 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.11 2021/07/07 15:15:19 taca Exp $ +$NetBSD: distinfo,v 1.11.2.1 2021/11/27 21:53:13 tm Exp $ -SHA1 (ruby-2.6.8.tar.xz) = fa5ad518ef31bbf5c3386dbcec7b57196a1e618e -RMD160 (ruby-2.6.8.tar.xz) = d2604765e5d360efa21f55e6eca90a6e026a52c1 -SHA512 (ruby-2.6.8.tar.xz) = d040ad2238523587d8f356fcb796b8b6ad7f8caff7dd6df09e3f7efcbfa0369e33600e78c7f2bc713ae77c040757cce5c4fec223cb9070209f2bf741899c556d -Size (ruby-2.6.8.tar.xz) = 11599488 bytes +SHA1 (ruby-2.6.9.tar.xz) = fc67ca162010aac4af49d73a8c48be5cb2fb5907 +RMD160 (ruby-2.6.9.tar.xz) = 0686248d52eacbebe0c54cc8b7d15cf9bc6fee32 +SHA512 (ruby-2.6.9.tar.xz) = f60aa89e685cea324185eb0d13e6b44caef4e4f761cbf9ea1386ae70e39faf3866ac01e4bb5354574f2583e74290b8c80eaf63d126040d52368be6c771476451 +Size (ruby-2.6.9.tar.xz) = 11590064 bytes SHA1 (patch-configure) = ccfad7b5e35e87308e187e6c5fb3ffea57ad763d SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e --_----------=_1638049993156760--