Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1667115836254300"
MIME-Version: 1.0
Date: Sun, 30 Oct 2022 07:43:56 +0000
From: "Izumi Tsutsui" <tsutsui@netbsd.org>
Subject: CVS commit: pkgsrc/textproc/ruby-nokogiri
To: pkgsrc-changes@NetBSD.org
Reply-To: tsutsui@netbsd.org
Message-Id: <20221030074356.81C67FA90@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1667115836254300
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	tsutsui
Date:		Sun Oct 30 07:43:56 UTC 2022

Modified Files:
	pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo

Log Message:
ruby-nokogiri: update to 1.13.9.

Upstream changes:
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.9

1.13.9 / 2022-10-18

Security

  * [CRuby] Vendored libxml2 is updated to address CVE-2022-2309,
    CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for more
    information.
  * [CRuby] Vendored zlib is updated to address CVE-2022-37434.
    Nokogiri was not affected by this vulnerability, but this version
    of zlib was being flagged up by some vulnerability scanners,
    see #2626 for more information.

Dependencies

  * [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
  * [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
  * [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13.
    (See LICENSE-DEPENDENCIES.md for details on which packages redistribute
    this library.)

Fixed

  * [CRuby] Nokogiri::XML::Namespace objects, when compacted, update
    their internal struct's reference to the Ruby object wrapper.
    Previously, with GC compaction enabled, a segmentation fault was
    possible after compaction was
    triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)
  * [CRuby] Document#remove_namespaces! now defers freeing the underlying
    xmlNs struct until the Document is GCed. Previously, maintaining a
    reference to a Namespace object that was removed in this way could
    lead to a segfault. [#2658]


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/textproc/ruby-nokogiri/Makefile
cvs rdiff -u -r1.37 -r1.38 pkgsrc/textproc/ruby-nokogiri/PLIST
cvs rdiff -u -r1.52 -r1.53 pkgsrc/textproc/ruby-nokogiri/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1667115836254300
Content-Disposition: inline
Content-Length: 3320
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/textproc/ruby-nokogiri/Makefile
diff -u pkgsrc/textproc/ruby-nokogiri/Makefile:1.73 pkgsrc/textproc/ruby-nokogiri/Makefile:1.74
--- pkgsrc/textproc/ruby-nokogiri/Makefile:1.73	Mon Oct 10 03:42:14 2022
+++ pkgsrc/textproc/ruby-nokogiri/Makefile	Sun Oct 30 07:43:56 2022
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.73 2022/10/10 03:42:14 taca Exp $
+# $NetBSD: Makefile,v 1.74 2022/10/30 07:43:56 tsutsui Exp $
 
-DISTNAME=	nokogiri-1.13.8
+DISTNAME=	nokogiri-1.13.9
 CATEGORIES=	textproc
 
 MAINTAINER=	tsutsui@NetBSD.org
@@ -14,8 +14,8 @@ USE_GCC_RUNTIME=	yes
 USE_TOOLS+=		pkg-config
 MAKE_ENV+=		NOKOGIRI_USE_SYSTEM_LIBRARIES=yes
 RUBYGEM_OPTIONS+=	--format-executable
-OVERRIDE_GEMSPEC+=	:files ports/archives/libxml2-2.9.14.tar.gz= \
-			ports/archives/libxslt-1.1.35.tar.gz=
+OVERRIDE_GEMSPEC+=	:files ports/archives/libxml2-2.10.3.tar.gz= \
+			ports/archives/libxslt-1.1.37.tar.gz=
 
 # XXX: work around bug in bootstrap-mk-files, remove when fixed
 MAKE_ENV.SunOS+=	ARFLAGS=rcv

Index: pkgsrc/textproc/ruby-nokogiri/PLIST
diff -u pkgsrc/textproc/ruby-nokogiri/PLIST:1.37 pkgsrc/textproc/ruby-nokogiri/PLIST:1.38
--- pkgsrc/textproc/ruby-nokogiri/PLIST:1.37	Sat May 14 14:33:31 2022
+++ pkgsrc/textproc/ruby-nokogiri/PLIST	Sun Oct 30 07:43:56 2022
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.37 2022/05/14 14:33:31 tsutsui Exp $
+@comment $NetBSD: PLIST,v 1.38 2022/10/30 07:43:56 tsutsui Exp $
 bin/nokogiri${RUBY_SUFFIX}
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_EXTSDIR}/gem.build_complete
@@ -170,10 +170,7 @@ ${GEM_LIBDIR}/lib/xsd/xmlparser/nokogiri
 ${GEM_LIBDIR}/patches/libxml2/0001-Remove-script-macro-support.patch
 ${GEM_LIBDIR}/patches/libxml2/0002-Update-entities-to-remove-handling-of-ssi.patch
 ${GEM_LIBDIR}/patches/libxml2/0003-libxml2.la-is-in-top_builddir.patch
-${GEM_LIBDIR}/patches/libxml2/0004-use-glibc-strlen.patch
 ${GEM_LIBDIR}/patches/libxml2/0005-avoid-isnan-isinf.patch
-${GEM_LIBDIR}/patches/libxml2/0006-update-automake-files-for-arm64.patch
-${GEM_LIBDIR}/patches/libxml2/0008-htmlParseComment-handle-abruptly-closed-comments.patch
 ${GEM_LIBDIR}/patches/libxml2/0009-allow-wildcard-namespaces.patch
 ${GEM_LIBDIR}/patches/libxslt/0001-update-automake-files-for-arm64.patch
 ${GEM_HOME}/specifications/${GEM_NAME}.gemspec

Index: pkgsrc/textproc/ruby-nokogiri/distinfo
diff -u pkgsrc/textproc/ruby-nokogiri/distinfo:1.52 pkgsrc/textproc/ruby-nokogiri/distinfo:1.53
--- pkgsrc/textproc/ruby-nokogiri/distinfo:1.52	Thu Aug 18 15:13:07 2022
+++ pkgsrc/textproc/ruby-nokogiri/distinfo	Sun Oct 30 07:43:56 2022
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.52 2022/08/18 15:13:07 tsutsui Exp $
+$NetBSD: distinfo,v 1.53 2022/10/30 07:43:56 tsutsui Exp $
 
-BLAKE2s (nokogiri-1.13.8.gem) = 0393cd4d2ca0b97bfd6403727a9d48327c1f0573cbdc0e814605824470f0c311
-SHA512 (nokogiri-1.13.8.gem) = 5fd9a62e76e7b59342245ae41b15b46a408eabd289afa0ef6238b3d01af5c44c737c1ffd7f17791d7501dd240aa1c53e6d49c2e97580fc226de90f5a60b62e33
-Size (nokogiri-1.13.8.gem) = 5379584 bytes
+BLAKE2s (nokogiri-1.13.9.gem) = b2c1942e508f6fa52e309690d4e9eedce4931e8455f02d57f83c9d2fc27b8758
+SHA512 (nokogiri-1.13.9.gem) = 207161fcf74aa1d1550841765268746e72d74b7516b34daf61cc5e7dc6af8fec4866f2734cd53afaf17fc546c92c3709a72f9e72da13071f65465855abf89bfa
+Size (nokogiri-1.13.9.gem) = 4634624 bytes


--_----------=_1667115836254300--