Sat Mar 28 04:12:16 2015 UTC ()
Update ruby-rest-client to 1.8.0, security fix.

# 1.8.0

- Security: implement standards compliant cookie handling by adding a
  dependency on http-cookie. This breaks compatibility, but was necessary to
  address a session fixation / cookie disclosure vulnerability.
  (#369 / CVE-2015-1820)

  Previously, any Set-Cookie headers found in an HTTP 30x response would be
  sent to the redirection target, regardless of domain. Responses now expose a
  cookie jar and respect standards compliant domain / path flags in Set-Cookie
  headers.


(taca)
diff -r1.2 -r1.3 pkgsrc/www/ruby-rest-client/Makefile
diff -r1.2 -r1.3 pkgsrc/www/ruby-rest-client/distinfo
cvs diff -r1.2 -r1.3 pkgsrc/www/ruby-rest-client/Makefile (expand / switch to unified diff)

--- pkgsrc/www/ruby-rest-client/Makefile 2015/03/13 17:36:10 1.2
+++ pkgsrc/www/ruby-rest-client/Makefile 2015/03/28 04:12:16 1.3
@@ -1,16 +1,17 @@ @@ -1,16 +1,17 @@
1# $NetBSD: Makefile,v 1.2 2015/03/13 17:36:10 taca Exp $ 1# $NetBSD: Makefile,v 1.3 2015/03/28 04:12:16 taca Exp $
2 2
3DISTNAME= rest-client-1.7.3 3DISTNAME= rest-client-1.8.0
4CATEGORIES= www 4CATEGORIES= www
5 5
6MAINTAINER= pkgsrc-users@NetBSD.org 6MAINTAINER= pkgsrc-users@NetBSD.org
7HOMEPAGE= http://github.com/archiloque/rest-client 7HOMEPAGE= http://github.com/archiloque/rest-client
8COMMENT= Simple HTTP and REST client for Ruby inspired by Sinatra 8COMMENT= Simple HTTP and REST client for Ruby inspired by Sinatra
9LICENSE= mit 9LICENSE= mit
10 10
11DEPENDS+= ${RUBY_PKGPREFIX}-readline>=${RUBY_VERSION}:../../devel/ruby-readline 11DEPENDS+= ${RUBY_PKGPREFIX}-readline>=${RUBY_VERSION}:../../devel/ruby-readline
12DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.16<3.0:../../mail/ruby-mime-types 12DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.16<3.0:../../mail/ruby-mime-types
13DEPENDS+= ${RUBY_PKGPREFIX}-netrc>=0.7<1:../../net/ruby-netrc 13DEPENDS+= ${RUBY_PKGPREFIX}-netrc>=0.7<1:../../net/ruby-netrc
 14DEPENDS+= ${RUBY_PKGPREFIX}-http-cookie>=1.0.2<2:../../www/ruby-http-cookie
14 15
15.include "../../lang/ruby/gem.mk" 16.include "../../lang/ruby/gem.mk"
16.include "../../mk/bsd.pkg.mk" 17.include "../../mk/bsd.pkg.mk"
cvs diff -r1.2 -r1.3 pkgsrc/www/ruby-rest-client/distinfo (expand / switch to unified diff)

--- pkgsrc/www/ruby-rest-client/distinfo 2015/03/13 17:36:10 1.2
+++ pkgsrc/www/ruby-rest-client/distinfo 2015/03/28 04:12:16 1.3
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.2 2015/03/13 17:36:10 taca Exp $ 1$NetBSD: distinfo,v 1.3 2015/03/28 04:12:16 taca Exp $
2 2
3SHA1 (rest-client-1.7.3.gem) = c080632d602ece2d8f1f579090da64234101c484 3SHA1 (rest-client-1.8.0.gem) = 271b57e37e69afbc1a02b455391d171379bdda8a
4RMD160 (rest-client-1.7.3.gem) = e4ede7aaa321aa9be5e4f1e80ba5a33781ba4b6c 4RMD160 (rest-client-1.8.0.gem) = be9fab9a89955c9db281adbe9b1692d9f17a8b15
5Size (rest-client-1.7.3.gem) = 124416 bytes 5Size (rest-client-1.8.0.gem) = 124928 bytes