Sat Mar 23 14:28:48 2024 UTC (85d)
lang/ruby31-base: fix CVE-2024-27280 and CVE-2024-27281

Update rdoc to 6.4.1.1 to fix for CVE-2024-27281.
Update stringio to 3.0.1.2 to fix for CVE-2024-27280.

Bump PKGREVISION.


(taca)
diff -r1.272 -r1.273 pkgsrc/lang/ruby/rubyversion.mk
diff -r1.12 -r1.13 pkgsrc/lang/ruby31-base/Makefile
diff -r1.11 -r1.12 pkgsrc/lang/ruby31-base/distinfo
diff -r0 -r1.1 pkgsrc/lang/ruby31-base/patches/patch-ext_stringio_stringio.c
diff -r0 -r1.1 pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_store.rb
diff -r0 -r1.1 pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_version.rb
diff -r0 -r1.1 pkgsrc/lang/ruby31-base/patches/patch-test_stringio_test__stringio.rb
Sat Mar 23 23:28:48 2024
Thu Jan 1 09:00:00 1970
pkgsrc/lang/ruby31-base/patches/patch-ext_stringio_stringio.c,v
anoncvs not yet been updated
Sat Mar 23 23:28:48 2024
Thu Jan 1 09:00:00 1970
pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_store.rb,v
anoncvs not yet been updated
Sat Mar 23 23:28:48 2024
Thu Jan 1 09:00:00 1970
pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_version.rb,v
anoncvs not yet been updated
Sat Mar 23 23:28:48 2024
Thu Jan 1 09:00:00 1970
pkgsrc/lang/ruby31-base/patches/patch-test_stringio_test__stringio.rb,v
anoncvs not yet been updated
cvs diff -r1.272 -r1.273 pkgsrc/lang/ruby/rubyversion.mk (expand / switch to unified diff)

--- pkgsrc/lang/ruby/rubyversion.mk 2024/02/10 14:41:47 1.272
+++ pkgsrc/lang/ruby/rubyversion.mk 2024/03/23 14:28:48 1.273
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: rubyversion.mk,v 1.272 2024/02/10 14:41:47 taca Exp $ 1# $NetBSD: rubyversion.mk,v 1.273 2024/03/23 14:28:48 taca Exp $
2# 2#
3 3
4# This file determines which Ruby version is used as a dependency for 4# This file determines which Ruby version is used as a dependency for
5# a package. 5# a package.
6# 6#
7# 7#
8# === User-settable variables === 8# === User-settable variables ===
9# 9#
10# RUBY_VERSION_DEFAULT 10# RUBY_VERSION_DEFAULT
11# The preferred Ruby version to use. 11# The preferred Ruby version to use.
12# 12#
13# Possible values: 31 32 33 13# Possible values: 31 32 33
14# Default: 32 14# Default: 32
@@ -308,40 +308,40 @@ RUBY_NET_PROTOCOL_VER= 0.1.2 @@ -308,40 +308,40 @@ RUBY_NET_PROTOCOL_VER= 0.1.2
308RUBY_NKF_VER= 0.1.1 308RUBY_NKF_VER= 0.1.1
309RUBY_OBSERVER_VER= 0.1.1 309RUBY_OBSERVER_VER= 0.1.1
310RUBY_OPEN3_VER= 0.1.1 310RUBY_OPEN3_VER= 0.1.1
311RUBY_OPENSSL_VER= 3.0.1 311RUBY_OPENSSL_VER= 3.0.1
312RUBY_OPEN_URI_VER= 0.2.0 312RUBY_OPEN_URI_VER= 0.2.0
313RUBY_OPTPARSE_VER= 0.2.0 313RUBY_OPTPARSE_VER= 0.2.0
314RUBY_OSTRUCT_VER= 0.5.2 314RUBY_OSTRUCT_VER= 0.5.2
315RUBY_PATHNAME_VER= 0.2.0 315RUBY_PATHNAME_VER= 0.2.0
316RUBY_PP_VER= 0.3.0 316RUBY_PP_VER= 0.3.0
317RUBY_PRETTYPRINT_VER= 0.1.1 317RUBY_PRETTYPRINT_VER= 0.1.1
318RUBY_PSTORE_VER= 0.1.1 318RUBY_PSTORE_VER= 0.1.1
319RUBY_PSYCH_VER= 4.0.4 319RUBY_PSYCH_VER= 4.0.4
320RUBY_RACC_VER= 1.6.0 320RUBY_RACC_VER= 1.6.0
321RUBY_RDOC_VER= 6.4.0 321RUBY_RDOC_VER= 6.4.1.1
322RUBY_READLINE_VER= 0.0.3 322RUBY_READLINE_VER= 0.0.3
323RUBY_READLINE_EXT_VER= 0.1.4 323RUBY_READLINE_EXT_VER= 0.1.4
324RUBY_RELINE_VER= 0.3.1 324RUBY_RELINE_VER= 0.3.1
325RUBY_RESOLV_VER= 0.2.1 325RUBY_RESOLV_VER= 0.2.1
326RUBY_RESOLV_REPLACE_VER= 0.1.0 326RUBY_RESOLV_REPLACE_VER= 0.1.0
327RUBY_RINDA_VER= 0.1.1 327RUBY_RINDA_VER= 0.1.1
328RUBY_RUBY2_KEYWORDS_VER= 0.0.5 328RUBY_RUBY2_KEYWORDS_VER= 0.0.5
329RUBY_RUBYGEMS_VER= 3.3.26 329RUBY_RUBYGEMS_VER= 3.3.26
330RUBY_SECURERANDOM_VER= 0.2.0 330RUBY_SECURERANDOM_VER= 0.2.0
331RUBY_SET_VER= 1.0.2 331RUBY_SET_VER= 1.0.2
332RUBY_SHELLWORDS_VER= 0.1.0 332RUBY_SHELLWORDS_VER= 0.1.0
333RUBY_SINGLETON_VER= 0.1.1 333RUBY_SINGLETON_VER= 0.1.1
334RUBY_STRINGIO_VER= 3.0.1 334RUBY_STRINGIO_VER= 3.0.1.2
335RUBY_STRSCAN_VER= 3.0.1 335RUBY_STRSCAN_VER= 3.0.1
336RUBY_SYSLOG_VER= 0.1.0 336RUBY_SYSLOG_VER= 0.1.0
337RUBY_TEMPFILE_VER= 0.1.2 337RUBY_TEMPFILE_VER= 0.1.2
338RUBY_TIME_VER= 0.2.2 338RUBY_TIME_VER= 0.2.2
339RUBY_TIMEOUT_VER= 0.2.0 339RUBY_TIMEOUT_VER= 0.2.0
340RUBY_TMPDIR_VER= 0.1.2 340RUBY_TMPDIR_VER= 0.1.2
341RUBY_TSORT_VER= 0.1.0 341RUBY_TSORT_VER= 0.1.0
342RUBY_UN_VER= 0.2.0 342RUBY_UN_VER= 0.2.0
343RUBY_URI_VER= 0.12.2 343RUBY_URI_VER= 0.12.2
344RUBY_WEAKREF_VER= 0.1.1 344RUBY_WEAKREF_VER= 0.1.1
345RUBY_YAML_VER= 0.2.0 345RUBY_YAML_VER= 0.2.0
346RUBY_ZLIB_VER= 2.1.1 346RUBY_ZLIB_VER= 2.1.1
347 347
cvs diff -r1.12 -r1.13 pkgsrc/lang/ruby31-base/Makefile (expand / switch to unified diff)

--- pkgsrc/lang/ruby31-base/Makefile 2024/01/16 15:14:53 1.12
+++ pkgsrc/lang/ruby31-base/Makefile 2024/03/23 14:28:48 1.13
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile,v 1.12 2024/01/16 15:14:53 taca Exp $ 1# $NetBSD: Makefile,v 1.13 2024/03/23 14:28:48 taca Exp $
2 2
3DISTNAME= ${RUBY_DISTNAME} 3DISTNAME= ${RUBY_DISTNAME}
4PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION} 4PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
5PKGREVISION= 2 5PKGREVISION= 3
6CATEGORIES= lang ruby 6CATEGORIES= lang ruby
7MASTER_SITES= ${MASTER_SITE_RUBY} 7MASTER_SITES= ${MASTER_SITE_RUBY}
8 8
9MAINTAINER= taca@NetBSD.org 9MAINTAINER= taca@NetBSD.org
10HOMEPAGE= ${RUBY_HOMEPAGE} 10HOMEPAGE= ${RUBY_HOMEPAGE}
11COMMENT= Ruby ${RUBY_VERSION} release minimum base package 11COMMENT= Ruby ${RUBY_VERSION} release minimum base package
12 12
13RUBY_VERSIONS_ACCEPTED= 31 13RUBY_VERSIONS_ACCEPTED= 31
14 14
15MAKE_JOBS_SAFE= no 15MAKE_JOBS_SAFE= no
16USE_GCC_RUNTIME= yes 16USE_GCC_RUNTIME= yes
17USE_LANGUAGES= c c++ 17USE_LANGUAGES= c c++
18USE_TOOLS+= pax yacc pkg-config 18USE_TOOLS+= pax yacc pkg-config
cvs diff -r1.11 -r1.12 pkgsrc/lang/ruby31-base/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/ruby31-base/distinfo 2023/06/29 15:39:12 1.11
+++ pkgsrc/lang/ruby31-base/distinfo 2024/03/23 14:28:48 1.12
@@ -1,26 +1,30 @@ @@ -1,26 +1,30 @@
1$NetBSD: distinfo,v 1.11 2023/06/29 15:39:12 taca Exp $ 1$NetBSD: distinfo,v 1.12 2024/03/23 14:28:48 taca Exp $
2 2
3BLAKE2s (ruby-3.1.4.tar.xz) = cefa8daefd26c8da56db3e114f27cb1b0af8c427d4ba9b650ef60034cb7b413c 3BLAKE2s (ruby-3.1.4.tar.xz) = cefa8daefd26c8da56db3e114f27cb1b0af8c427d4ba9b650ef60034cb7b413c
4SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633 4SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633
5Size (ruby-3.1.4.tar.xz) = 15316604 bytes 5Size (ruby-3.1.4.tar.xz) = 15316604 bytes
6SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d 6SHA1 (patch-common.mk) = c23eed58427b2fd4ba8fdb3692f609701a666c6d
7SHA1 (patch-configure) = 7bce8e1de07e3ff81cc984faef9ba12518557b7a 7SHA1 (patch-configure) = 7bce8e1de07e3ff81cc984faef9ba12518557b7a
8SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890 8SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3ff5890
 9SHA1 (patch-ext_stringio_stringio.c) = b771382484fdfc1b40b13b8dcb1a94e3f32a546e
9SHA1 (patch-include_ruby_internal_static__assert.h) = 7d5c3ae7ff674b9b34639924fcf08237164de9f8 10SHA1 (patch-include_ruby_internal_static__assert.h) = 7d5c3ae7ff674b9b34639924fcf08237164de9f8
10SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335 11SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335
11SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a 12SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
12SHA1 (patch-lib_rdoc_ri_driver.rb) = f4d3e59e35b608acd4edc17916142c7f033e6198 13SHA1 (patch-lib_rdoc_ri_driver.rb) = f4d3e59e35b608acd4edc17916142c7f033e6198
 14SHA1 (patch-lib_rdoc_store.rb) = 890352671278d21c0040f1b3bac34a8ac76ee0dc
 15SHA1 (patch-lib_rdoc_version.rb) = fd715eb2cf9d9bbeaaca4ed407c497040394eacd
13SHA1 (patch-lib_rubygems.rb) = 060549c43b84f73c77432a72cdcf22941be4eb17 16SHA1 (patch-lib_rubygems.rb) = 060549c43b84f73c77432a72cdcf22941be4eb17
14SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 66c475a5308deb2ed5096b88cf65549732f87421 17SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 66c475a5308deb2ed5096b88cf65549732f87421
15SHA1 (patch-lib_rubygems_dependency__installer.rb) = 1776508907f17547ffe93f637d6f18d335061d76 18SHA1 (patch-lib_rubygems_dependency__installer.rb) = 1776508907f17547ffe93f637d6f18d335061d76
16SHA1 (patch-lib_rubygems_install__update__options.rb) = 0cd0816e1cd7c84c1dab1e091787c4dc38d28273 19SHA1 (patch-lib_rubygems_install__update__options.rb) = 0cd0816e1cd7c84c1dab1e091787c4dc38d28273
17SHA1 (patch-lib_rubygems_installer.rb) = 1c94047a24362b3597dac7ea156982a09cb93234 20SHA1 (patch-lib_rubygems_installer.rb) = 1c94047a24362b3597dac7ea156982a09cb93234
18SHA1 (patch-lib_rubygems_platform.rb) = ea9d0972fb788799d7d8c07b223ac75cbab23158 21SHA1 (patch-lib_rubygems_platform.rb) = ea9d0972fb788799d7d8c07b223ac75cbab23158
19SHA1 (patch-lib_uri_rfc2396__parser.rb) = 2c48e781bdad2be2416655c4d81e438136d93f19 22SHA1 (patch-lib_uri_rfc2396__parser.rb) = 2c48e781bdad2be2416655c4d81e438136d93f19
20SHA1 (patch-lib_uri_rfc3986__parser.rb) = 8b1bba9338a0e56325140baa1f45e4ee74830aec 23SHA1 (patch-lib_uri_rfc3986__parser.rb) = 8b1bba9338a0e56325140baa1f45e4ee74830aec
21SHA1 (patch-lib_uri_version.rb) = 16ef6469b63b74032a91358cdc7fd70fb5bce87a 24SHA1 (patch-lib_uri_version.rb) = 16ef6469b63b74032a91358cdc7fd70fb5bce87a
22SHA1 (patch-template_Makefile.in) = a4b94293de165e87021b79a0a7f683ba76e168d9 25SHA1 (patch-template_Makefile.in) = a4b94293de165e87021b79a0a7f683ba76e168d9
23SHA1 (patch-test_rubygems_test__gem.rb) = 32f7c7d7f8a024c045d78c2bce93944fc3113d04 26SHA1 (patch-test_rubygems_test__gem.rb) = 32f7c7d7f8a024c045d78c2bce93944fc3113d04
 27SHA1 (patch-test_stringio_test__stringio.rb) = 20ca6e512a99e176547d6599ac7dfc7b9db42c36
24SHA1 (patch-thread__pthread.c) = 7c1231933a2d6ce9d56891ab512371841697fbca 28SHA1 (patch-thread__pthread.c) = 7c1231933a2d6ce9d56891ab512371841697fbca
25SHA1 (patch-tool_ifchange) = 1814cd41f0b0a93b181799cb117bd1f57068cf33 29SHA1 (patch-tool_ifchange) = 1814cd41f0b0a93b181799cb117bd1f57068cf33
26SHA1 (patch-tool_runruby.rb) = 5dd8a3bea5e9776f7521f85955dddd2127e4c4d0 30SHA1 (patch-tool_runruby.rb) = 5dd8a3bea5e9776f7521f85955dddd2127e4c4d0
File Added: pkgsrc/lang/ruby31-base/patches/patch-ext_stringio_stringio.c
File Added: pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_store.rb
File Added: pkgsrc/lang/ruby31-base/patches/patch-lib_rdoc_version.rb
File Added: pkgsrc/lang/ruby31-base/patches/patch-test_stringio_test__stringio.rb