Received: by mail.netbsd.org (Postfix, from userid 605)
	id 016ED84E8D; Sun,  2 Apr 2023 06:04:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 3390384DBF
	for <pkgsrc-changes@NetBSD.org>; Sun,  2 Apr 2023 06:04:48 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id XW5T-qoWLVN6 for <pkgsrc-changes@netbsd.org>;
	Sun,  2 Apr 2023 06:04:47 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 4947A84D47
	for <pkgsrc-changes@NetBSD.org>; Sun,  2 Apr 2023 06:04:47 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id DD615FA81; Sun,  2 Apr 2023 06:04:46 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1680415486163130"
MIME-Version: 1.0
Date: Sun, 2 Apr 2023 06:04:46 +0000
From: "S.P.Zeidler" <spz@netbsd.org>
Subject: CVS commit: [pkgsrc-2023Q1] pkgsrc/lang
To: pkgsrc-changes@NetBSD.org
Reply-To: spz@netbsd.org
X-Mailer: log_accum
Message-Id: <20230402060446.DD615FA81@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1680415486163130
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"

Module Name:	pkgsrc
Committed By:	spz
Date:		Sun Apr  2 06:04:46 UTC 2023

Modified Files:
	pkgsrc/lang/ruby [pkgsrc-2023Q1]: rubyversion.mk
	pkgsrc/lang/ruby32-base [pkgsrc-2023Q1]: PLIST distinfo

Log Message:
Pullup ticket #6748 - requested by taca
lang/ruby32-base: security update

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.264
- lang/ruby32-base/PLIST                                        1.3
- lang/ruby32-base/distinfo                                     1.4

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Apr  1 09:26:58 UTC 2023

   Modified Files:
   	pkgsrc/lang/ruby: rubyversion.mk
   	pkgsrc/lang/ruby32-base: PLIST distinfo

   Log Message:
   lang/ruby32: update to 3.2.2

   Ruby 3.2.2 Released			Posted by naruse on 30 Mar 2023

   Ruby 3.2.2 has been released.

   This release includes security fixes.  Please check the topics below for
   details.

   * CVE-2023-28755: ReDoS vulnerability in URI
   * CVE-2023-28756: ReDoS vulnerability in Time

   What's Changed

   * Backport [Bug #19158] for Ruby 3.2 by hsbt · Pull Request #7356
   * Bug #19415: Incorrect circularity warning for concurrent requires
   * Bug #19400: YJIT fails to boot on ARM64 systems with 64 KiB pages
   * Bug #19419: [BUG] try to mark T_NONE object in ibf_dump_mark
   * Bug #19444: YJIT String#+@ miscompilations
   * Bug #19445: Segmentation fault with Numeric#step
   * Bug #19439: Marshal.load doesn't load Regexp instance variables
   * Bug #19459: Is length of IO::Buffer#read required or optional?
   * Bug #19464: YJIT miscompiles BasicObject#__send__ to alias methods of send
   * Bug #19468: Ruby 3.2: net/http sets UTF-8 encoding for binary responses
   * Bug #19469: Crash when resizing generic iv list
   * Bug #19161: Cannot compile 3.0.5 or 3.1.3 on Red Hat Enterprise Linux 7
   * Bug #19467: Some linear_time regexp does not match in linear time
   * Bug #19476: Regexp unexpected partial match
   * Bug #19536: Frozen status loss when moving objects
   * Bug #19485: Unexpected behavior in squiggly heredocs
   * Bug #19471: Regexp::compile does not handle :timeout argument
   * Use URI-0.12.1 for Ruby 3.2 by hsbt · Pull Request #7603
   * Merge RubyGems-3.4.10 and Bundler-2.4.10 by hsbt · Pull Request #7479
   * Merge Time-0.2.2 by hsbt · Pull Request #7623

   Note: This list is automatically generated by tool/gen-github-release.rb.
   Because of this, some commits may be missing.

   To generate a diff of this commit:
   cvs rdiff -u -r1.263 -r1.264 pkgsrc/lang/ruby/rubyversion.mk
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby32-base/PLIST
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby32-base/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.260.2.3 -r1.260.2.4 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.2 -r1.2.2.1 pkgsrc/lang/ruby32-base/PLIST
cvs rdiff -u -r1.3 -r1.3.2.1 pkgsrc/lang/ruby32-base/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1680415486163130
Content-Disposition: inline
Content-Length: 4361
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/lang/ruby/rubyversion.mk
diff -u pkgsrc/lang/ruby/rubyversion.mk:1.260.2.3 pkgsrc/lang/ruby/rubyversion.mk:1.260.2.4
--- pkgsrc/lang/ruby/rubyversion.mk:1.260.2.3	Sat Apr  1 20:04:44 2023
+++ pkgsrc/lang/ruby/rubyversion.mk	Sun Apr  2 06:04:46 2023
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.260.2.3 2023/04/01 20:04:44 spz Exp $
+# $NetBSD: rubyversion.mk,v 1.260.2.4 2023/04/02 06:04:46 spz Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -216,7 +216,7 @@ RUBY_VERSION_REQD?=	${PKGNAME_REQD:C/rub
 RUBY27_VERSION=		2.7.8
 RUBY30_VERSION=		3.0.6
 RUBY31_VERSION=		3.1.4
-RUBY32_VERSION=		3.2.1
+RUBY32_VERSION=		3.2.2
 
 # current API compatible version; used for version of shared library
 RUBY27_API_VERSION=	2.7.0
@@ -535,7 +535,7 @@ RUBY_ABBREV_VER=		0.1.1
 RUBY_BASE64_VER=		0.1.1
 RUBY_BENCHMARK_VER=		0.2.1
 RUBY_BIGDECIMAL_VER=		3.1.3
-RUBY_BUNDLER_VER=		2.4.6
+RUBY_BUNDLER_VER=		2.4.10
 RUBY_CGI_VER=			0.3.6
 RUBY_CSV_VER=			3.2.6
 RUBY_DATE_VER=			3.3.3
@@ -593,12 +593,12 @@ RUBY_STRSCAN_VER=		3.0.5
 RUBY_SYSLOG_VER=		0.1.1
 RUBY_SYNTAX_SUGGEST_VER=	1.0.2
 RUBY_TEMPFILE_VER=		0.1.3
-RUBY_TIME_VER=			0.2.1
+RUBY_TIME_VER=			0.2.2
 RUBY_TIMEOUT_VER=		0.3.1
 RUBY_TMPDIR_VER=		0.1.3
 RUBY_TSORT_VER=			0.1.1
 RUBY_UN_VER=			0.2.1
-RUBY_URI_VER=			0.12.0
+RUBY_URI_VER=			0.12.1
 RUBY_WEAKREF_VER=		0.1.2
 RUBY_YAML_VER=			0.2.1
 RUBY_ZLIB_VER=			3.0.0

Index: pkgsrc/lang/ruby32-base/PLIST
diff -u pkgsrc/lang/ruby32-base/PLIST:1.2 pkgsrc/lang/ruby32-base/PLIST:1.2.2.1
--- pkgsrc/lang/ruby32-base/PLIST:1.2	Wed Feb  8 15:28:22 2023
+++ pkgsrc/lang/ruby32-base/PLIST	Sun Apr  2 06:04:46 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2023/02/08 15:28:22 taca Exp $
+@comment $NetBSD: PLIST,v 1.2.2.1 2023/04/02 06:04:46 spz Exp $
 bin/bundle${RUBY_SUFFIX}
 bin/bundler${RUBY_SUFFIX}
 bin/erb${RUBY_SUFFIX}
@@ -406,7 +406,6 @@ ${RUBY_LIB}/bundler/templates/Executable
 ${RUBY_LIB}/bundler/templates/Executable.bundler
 ${RUBY_LIB}/bundler/templates/Executable.standalone
 ${RUBY_LIB}/bundler/templates/Gemfile
-${RUBY_LIB}/bundler/templates/gems.rb
 ${RUBY_LIB}/bundler/templates/newgem/CHANGELOG.md.tt
 ${RUBY_LIB}/bundler/templates/newgem/CODE_OF_CONDUCT.md.tt
 ${RUBY_LIB}/bundler/templates/newgem/Cargo.toml.tt
@@ -445,6 +444,7 @@ ${RUBY_LIB}/bundler/ui/rg_proxy.rb
 ${RUBY_LIB}/bundler/ui/shell.rb
 ${RUBY_LIB}/bundler/ui/silent.rb
 ${RUBY_LIB}/bundler/uri_credentials_filter.rb
+${RUBY_LIB}/bundler/uri_normalizer.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb
 ${RUBY_LIB}/bundler/vendor/connection_pool/lib/connection_pool/version.rb
@@ -1022,6 +1022,7 @@ ${RUBY_LIB}/rubygems/commands/cleanup_co
 ${RUBY_LIB}/rubygems/commands/contents_command.rb
 ${RUBY_LIB}/rubygems/commands/dependency_command.rb
 ${RUBY_LIB}/rubygems/commands/environment_command.rb
+${RUBY_LIB}/rubygems/commands/exec_command.rb
 ${RUBY_LIB}/rubygems/commands/fetch_command.rb
 ${RUBY_LIB}/rubygems/commands/generate_index_command.rb
 ${RUBY_LIB}/rubygems/commands/help_command.rb

Index: pkgsrc/lang/ruby32-base/distinfo
diff -u pkgsrc/lang/ruby32-base/distinfo:1.3 pkgsrc/lang/ruby32-base/distinfo:1.3.2.1
--- pkgsrc/lang/ruby32-base/distinfo:1.3	Wed Feb  8 15:28:22 2023
+++ pkgsrc/lang/ruby32-base/distinfo	Sun Apr  2 06:04:46 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.3 2023/02/08 15:28:22 taca Exp $
+$NetBSD: distinfo,v 1.3.2.1 2023/04/02 06:04:46 spz Exp $
 
-BLAKE2s (ruby-3.2.1.tar.xz) = 7c7164f561f7887e662e3e8b1f02bc71356624d904fc7c795181d05a29c0e5f3
-SHA512 (ruby-3.2.1.tar.xz) = 69caadab9be6b56905ea4fc92fa0e36704f9fa6a0e7e7f4c6bdb79e9cbe8dc57c524f96d9c18802d61aa1ca578fed2e9758692f9d701bf0dba938f0206b721b3
-Size (ruby-3.2.1.tar.xz) = 15094384 bytes
+BLAKE2s (ruby-3.2.2.tar.xz) = 880e96fbdec90238299174d0abb7be507f04b8036386d70b61769d339bb2b609
+SHA512 (ruby-3.2.2.tar.xz) = a29f24cd80f563f6368952d06d6273f7241a409fa9ab2f60e03dde2ac58ca06bee1750715b6134caebf4c061d3503446dc37a6059e19860bb0010eef34951935
+Size (ruby-3.2.2.tar.xz) = 15118856 bytes
 SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
 SHA1 (patch-configure) = f3a143eda324bdfcaab51ee44274eaa445cf2767
 SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890


--_----------=_1680415486163130--