The NetBSD Project

CVS log for pkgsrc/lang/ruby24-base/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / lang / ruby24-base

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.16 / (download) - annotate - [select for diffs], Sun Nov 3 19:04:07 2019 UTC (9 days, 8 hours ago) by rillig
Branch: MAIN
CVS Tags: HEAD
Changes since 1.15: +6 -6 lines
Diff to previous 1.15 (colored)

lang: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

Revision 1.12.4.1 / (download) - annotate - [select for diffs], Sat Oct 5 10:13:20 2019 UTC (5 weeks, 3 days ago) by bsiegert
Branch: pkgsrc-2019Q3
Changes since 1.12: +1 -2 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)

Pullup ticket #6064 - requested by taca
lang/ruby24-base: security fix

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.209
- lang/ruby24-base/INSTALL                                      1.2
- lang/ruby24-base/Makefile                                     1.13
- lang/ruby24-base/distinfo                                     1.15
- lang/ruby24/Makefile                                          1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Oct  2 13:31:48 UTC 2019

   Modified Files:
   	pkgsrc/lang/ruby: rubyversion.mk
   	pkgsrc/lang/ruby24: Makefile
   	pkgsrc/lang/ruby24-base: INSTALL Makefile distinfo

   Log Message:
   lang/ruby24: update to 2.4.9

   Update ruby24-base and related packges to 2.4.9.

   pkgsrc chagnes

   * fix warnings of pkglint.

   Quote from release announce:

   Ruby 2.4.8 (2019-10-01)

   This release includes security fixes. Please check the topics below for
   details.

   * CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
   * CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
   * CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
     File.fnmatch?
   * CVE-2019-16201: Regular Expression Denial of Service vulnerability of
     WEBrick's Digest access authentication

   Ruby 2.4.9 (2019-10-02)

   This release is a re-package of 2.4.8 because the previous Ruby 2.4.8
   release tarball does not install. (See [Bug #16197] in detail.) There are no
   essential change except their version numbers between 2.4.8 and 2.4.9.

   Ruby 2.4 is now under the state of the security maintenance phase, until the
   end of March of 2020. After that date, maintenance of Ruby 2.4 will be
   ended. We recommend you start planning the migration to newer versions of
   Ruby, such as 2.6 or 2.5.

Revision 1.15 / (download) - annotate - [select for diffs], Thu Oct 3 00:42:50 2019 UTC (5 weeks, 6 days ago) by ryoon
Branch: MAIN
Changes since 1.14: +2 -1 lines
Diff to previous 1.14 (colored)

Bump PKGREVISIONs really

Revision 1.14 / (download) - annotate - [select for diffs], Thu Oct 3 00:40:32 2019 UTC (5 weeks, 6 days ago) by ryoon
Branch: MAIN
Changes since 1.13: +3 -1 lines
Diff to previous 1.13 (colored)

Ruby binary is not PaX mprotect safe in devel/ruby-ffi and www/ruby-sassc case

Bump PKGREVISIONs.

Revision 1.13 / (download) - annotate - [select for diffs], Wed Oct 2 13:31:47 2019 UTC (5 weeks, 6 days ago) by taca
Branch: MAIN
Changes since 1.12: +1 -2 lines
Diff to previous 1.12 (colored)

lang/ruby24: update to 2.4.9

Update ruby24-base and related packges to 2.4.9.

pkgsrc chagnes

* fix warnings of pkglint.

Quote from release announce:

Ruby 2.4.8 (2019-10-01)

This release includes security fixes. Please check the topics below for
details.

* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
  File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
  WEBrick°«s Digest access authentication


Ruby 2.4.9 (2019-10-02)

This release is a re-package of 2.4.8 because the previous Ruby 2.4.8
release tarball does not install. (See [Bug #16197] in detail.) There are no
essential change except their version numbers between 2.4.8 and 2.4.9.

Ruby 2.4 is now under the state of the security maintenance phase, until the
end of March of 2020. After that date, maintenance of Ruby 2.4 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 2.6 or 2.5.

Revision 1.12 / (download) - annotate - [select for diffs], Sun Apr 7 16:17:39 2019 UTC (7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q2-base, pkgsrc-2019Q2
Branch point for: pkgsrc-2019Q3
Changes since 1.11: +1 -6 lines
Diff to previous 1.11 (colored)

lang/ruby24-base: update to 2.4.6

* vulnerabilities of rubygems are already fixed in 2.4.5nb1.

Ruby 2.4.6 Released					1 Apr 2019

Ruby 2.4.6 has been released.

This release includes about 20 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.

	* Multiple vulnerabilities in RubyGems

See the commit log for details.

After this release, we will end the normal maintenance phase of Ruby 2.4, and
start the security maintenance phase of it.  This means that after the release
of 2.4.6 we will never backport any bug fixes to 2.4 except security fixes.
The term of the security maintenance phase is scheduled for 1 year.  By the
end of this term, official support of Ruby 2.4 will be over.  Therefore, we
recommend that you start planning to upgrade to Ruby 2.6 or 2.5.

Revision 1.11 / (download) - annotate - [select for diffs], Tue Mar 12 04:24:40 2019 UTC (8 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)

lang/ruby24-base: really bump PKGREVISION

Oops, really bump PKGREVISION.

Revision 1.10 / (download) - annotate - [select for diffs], Tue Mar 12 04:23:45 2019 UTC (8 months ago) by taca
Branch: MAIN
Changes since 1.9: +5 -1 lines
Diff to previous 1.9 (colored)

lang/ruby24-base: Add security patch for rubygems

Add security patch for rubygems, fixing these problem.

* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handlin
g
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors

https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/

Since original patch included in official announce dose not cleanly applied to
Ruby 2.4.5, use a local version which drop patch to none existing test.

Bump PKGREVISION.

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jul 17 10:56:24 2018 UTC (15 months, 3 weeks ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)

*: Add some required USE_GCC_RUNTIME.

Revision 1.8 / (download) - annotate - [select for diffs], Thu Mar 29 03:04:47 2018 UTC (19 months, 2 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.7: +1 -6 lines
Diff to previous 1.7 (colored)

lang/ruby24-base: update to 2.4.4, security release

Ruby 2.4.4 Released			Posted by nagachika on 28 Mar 2018

Ruby 2.4.4 has been released.

This release includes some bug fixes and some security fixes.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

There are also some bug fixes. See commit logs for more details.

Revision 1.5.6.1 / (download) - annotate - [select for diffs], Fri Mar 2 20:36:36 2018 UTC (20 months, 1 week ago) by spz
Branch: pkgsrc-2017Q4
Changes since 1.5: +6 -1 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)

Pullup ticket #5707 - requested by taca
lang/ruby24-base: security patch

Revisions pulled up:
- lang/ruby24-base/Makefile                                     1.6-1.7
- lang/ruby24-base/distinfo                                     1.6-1.8
- lang/ruby24-base/patches/patch-configure                      1.3-1.4

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Tue Jan 16 14:53:28 UTC 2018

   Modified Files:
   	pkgsrc/lang/ruby22-base: distinfo
   	pkgsrc/lang/ruby22-base/patches: patch-configure
   	pkgsrc/lang/ruby23-base: distinfo
   	pkgsrc/lang/ruby23-base/patches: patch-configure
   	pkgsrc/lang/ruby24-base: distinfo
   	pkgsrc/lang/ruby24-base/patches: patch-configure
   	pkgsrc/lang/ruby25-base: distinfo
   	pkgsrc/lang/ruby25-base/patches: patch-configure

   Log Message:
   ruby*-base: Don't add SSP flags, leave that to pkgsrc.


   To generate a diff of this commit:
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby24-base/distinfo
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby24-base/patches/patch-configure

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Fri Jan 26 13:22:58 UTC 2018

   Modified Files:
   	pkgsrc/lang/ruby24-base: Makefile distinfo
   	pkgsrc/lang/ruby24-base/patches: patch-configure

   Log Message:
   ruby24-base: Put -std= in CFLAGS not CPPFLAGS.  Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby24-base/Makefile
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/ruby24-base/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby24-base/patches/patch-configure

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Feb 19 16:46:58 UTC 2018

   Modified Files:
   	pkgsrc/lang/ruby24-base: Makefile distinfo

   Log Message:
   lang/ruby24-base: rubygem security fix

   Add an patch to fix security problem of rubygems.

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/ruby24-base/Makefile
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/ruby24-base/distinfo

Revision 1.7 / (download) - annotate - [select for diffs], Mon Feb 19 16:46:58 2018 UTC (20 months, 3 weeks ago) by taca
Branch: MAIN
Changes since 1.6: +6 -2 lines
Diff to previous 1.6 (colored)

lang/ruby24-base: rubygem security fix

Add an patch to fix security problem of rubygems.

Bump PKGREVISION.

Revision 1.6 / (download) - annotate - [select for diffs], Fri Jan 26 13:22:58 2018 UTC (21 months, 2 weeks ago) by jperkin
Branch: MAIN
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)

ruby24-base: Put -std= in CFLAGS not CPPFLAGS.  Bump PKGREVISION.

Revision 1.3.2.1 / (download) - annotate - [select for diffs], Fri Sep 15 19:25:23 2017 UTC (2 years, 1 month ago) by spz
Branch: pkgsrc-2017Q2
Changes since 1.3: +5 -1 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)

Pullup ticket #5545 - requested by taca
lang/ruby24-base: security fix

Revisions pulled up:
- lang/ruby24-base/Makefile                                     1.4
- lang/ruby24-base/distinfo                                     1.3

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug 30 03:33:39 UTC 2017

   Modified Files:
   	pkgsrc/lang/ruby24-base: Makefile distinfo

   Log Message:
   Add patch to fix vulnerabilities of rubygems.

   https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

   * a DNS request hijacking vulnerability
   * an ANSI escape sequence vulnerability
   * a DoS vulernerability in the query command
   * a vulnerability in the gem installer that allowed a malicious gem to
     overwrite arbitrary files

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/ruby24-base/Makefile
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby24-base/distinfo

Revision 1.5 / (download) - annotate - [select for diffs], Fri Sep 15 00:39:46 2017 UTC (2 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-
Branch point for: pkgsrc-2017Q4
Changes since 1.4: +1 -6 lines
Diff to previous 1.4 (colored)

ruby24-base: Update ruby24-base and ruby24 to 2.4.2.


Ruby 2.4.2 Released			Posted by nagachika on 14 Sep 2017

We are pleased to announce the release of Ruby 2.4.2. This release contains
some security fixes.

* CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf

* CVE-2017-10784: Escape sequence injection vulnerability in the Basic
  authentication of WEBrick

* CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docod

* CVE-2017-14064: Heap exposure in generating JSON

* Multiple vulnerabilities in RubyGems

* Update bundled libyaml to version 0.1.7.

There are also many bug-fixes. See commit logs for more details.

Revision 1.4 / (download) - annotate - [select for diffs], Wed Aug 30 03:33:39 2017 UTC (2 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.3: +5 -1 lines
Diff to previous 1.3 (colored)

Add patch to fix vulnerabilities of rubygems.

https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

* a DNS request hijacking vulnerability
* an ANSI escape sequence vulnerability
* a DoS vulernerability in the query command
* a vulnerability in the gem installer that allowed a malicious gem to
  overwrite arbitrary files

Bump PKGREVISION.

Revision 1.3 / (download) - annotate - [select for diffs], Tue Jun 27 15:25:19 2017 UTC (2 years, 4 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base
Branch point for: pkgsrc-2017Q2
Changes since 1.2: +3 -2 lines
Diff to previous 1.2 (colored)

Ruby changed the primary -std flag for enabling C99 from iso9899:1999 to
gnu99 but left an existing SunOS test to only check for iso9899:1999.  This
resulted in CPPFLAGS not being set correctly for modules which require
native compilation - those should now all be fixed.  Bump PKGREVISION.

Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 19 11:11:34 2017 UTC (2 years, 4 months ago) by jperkin
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Requires c99 for signbit().

Revision 1.1 / (download) - annotate - [select for diffs], Sun Jun 18 13:45:11 2017 UTC (2 years, 4 months ago) by taca
Branch: MAIN

Add ruby24-base (Ruby 2.4.1 core) to pkgsrc.

Ruby 2.4.1						22 Mar 2017

Ruby 2.4.1 is the first TEENY version release of the stable 2.4 series.

See commit logs for details:
	https://github.com/ruby/ruby/compare/v2_4_0...v2_4_1


Ruby 2.4.0						25 Dec 2016

o Introduce hash table improvement (by Vladimir Makarov)

  Improve the internal structure of hash table (st_table) by introducing open
  addressing and an inclusion order array. This improvement has been discussed
  with many people, especially with Yura Sokolov.

o Binding#irb: Start a REPL session similar to binding.pry

  While you are debugging, you may often use p to see the value of
  variables. With pry you can use binding.pry in your application to launch a
  REPL and run any Ruby code. r56624 introduces binding.irb which behaves like
  that with irb.

o Unify Fixnum and Bignum into Integer

  Though ISO/IEC 30170:2012 doesn°«t specify details of the Integer class,
  Ruby had two visible Integer classes: Fixnum and Bignum. Ruby 2.4 unifies
  them into Integer. All C extensions which touch the Fixnum or Bignum class
  need to be fixed.

  See also the ticket and akr°«s slides.

o String supports Unicode case mappings

  String/Symbol#upcase/downcase/swapcase/capitalize(!) now handle Unicode case
  mappings instead of only ASCII case mappings.

o Performance improvements

  Ruby 2.4 also contains the following performance improvements including
  language changes:

  * Array#max, Array#min

    [x, y].max and [x, y].min are optimized to not create a temporary array
    under certain conditions.

  * Regexp#match?

    Added Regexp#match?, which executes a regexp match without creating a back
    reference object and changing $~ to reduce object allocation.

  * Other performance improvements

    - speed up instance variable access

o Debugging

  * Thread#report_on_exception and Thread.report_on_exception

    Ruby ignores exceptions in threads unless another thread explicitly joins
    them. With report_on_exception = true, you can notice if a thread has died
    due to an unhandled exception.

    Send us feedback what should be the default for report_on_exception and
    about report-on-GC, which shows a report when a thread is garbage
    collected without join.

  * Thread deadlock detection now shows threads with their backtrace and
    dependency

    Ruby has deadlock detection around waiting threads, but its report
    doesn°«t include enough information for debugging. Ruby 2.4°«s deadlock
    detection shows threads with their backtrace and dependent threads.

o Other notable changes since 2.3

  * Support OpenSSL 1.1.0 (drop support for 0.9.7 or prior)
  * ext/tk is now removed from stdlib Feature #8539
  * XMLRPC is now removed from stdlib Feature #12160

  See NEWS or commit logs for details.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>