lang/ruby22-base: update to 2.2.10, security release

Ruby 2.2.10 Released				Posted by usa on 28 Mar 2018

Ruby 2.2.10 has been released.  This release includes several security
fixes. Please check the topics below for details.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

Ruby 2.2 is under the state of the security maintenance phase, until the end
of the March of 2018.  After the date, maintenance of Ruby 2.2 will be ended.
So, this release is expected to be the last release of Ruby 2.2.  We will
never make a new release of Ruby 2.2 unless Ruby 2.2.10 has a serious
regression bug.  We recommend you migrating to newer versions of Ruby, such as
2.5.
This commit is contained in:
taca 2018-03-29 03:11:58 +00:00
parent 526bcdc2f7
commit 8ec69e9d5d
3 changed files with 8 additions and 13 deletions

View file

@ -1,4 +1,4 @@
# $NetBSD: rubyversion.mk,v 1.194 2018/03/29 03:09:35 taca Exp $
# $NetBSD: rubyversion.mk,v 1.195 2018/03/29 03:11:58 taca Exp $
#
# This file determines which Ruby version is used as a dependency for
@ -214,7 +214,7 @@ RUBY_VERSION_REQD?= ${PKGNAME_REQD:C/ruby([0-9][0-9])-.*/\1/}
.endif
# current supported Ruby's version
RUBY22_VERSION= 2.2.9
RUBY22_VERSION= 2.2.10
RUBY23_VERSION= 2.3.7
RUBY24_VERSION= 2.4.4
RUBY25_VERSION= 2.5.1

View file

@ -1,15 +1,10 @@
# $NetBSD: Makefile,v 1.22 2018/02/23 15:26:14 wiz Exp $
# $NetBSD: Makefile,v 1.23 2018/03/29 03:11:58 taca Exp $
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
PKGREVISION= 1
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
PATCH_SITES= https://bugs.ruby-lang.org/attachments/download/7030/
PATCHFILES= rubygems-276-for-ruby22.patch
PATCH_DIST_STRIP= -p0
MAINTAINER= taca@NetBSD.org
HOMEPAGE= ${RUBY_HOMEPAGE}
COMMENT= Ruby ${RUBY_VERSION} release minimum base package

View file

@ -1,9 +1,9 @@
$NetBSD: distinfo,v 1.23 2018/02/19 16:47:53 taca Exp $
$NetBSD: distinfo,v 1.24 2018/03/29 03:11:58 taca Exp $
SHA1 (ruby-2.2.9.tar.bz2) = 773ba9b51bde612866f656c4531f59660e2b0087
RMD160 (ruby-2.2.9.tar.bz2) = 0973ec6a23ec909af7dec7c7152ca0a4e79fe959
SHA512 (ruby-2.2.9.tar.bz2) = 2a8c8770fda20a22b79c9115b6f468f8e7ea1092c84a5089af7a3122163e5ad298b493e6637e4d93ba02d899d8a619c94064dda8ac98cf3b93f64f45d5401085
Size (ruby-2.2.9.tar.bz2) = 13371232 bytes
SHA1 (ruby-2.2.10.tar.bz2) = 72ee1dcfd96199d2c3092b77db7a7f439c0abd08
RMD160 (ruby-2.2.10.tar.bz2) = b766f369db78f002c6bdf4d54592af6dbc7d0295
SHA512 (ruby-2.2.10.tar.bz2) = f8ec96c2a5f4ecf22052ee0b1029989ded52d7bf5d41be24fef67e732e76f72119302240bca08f0547510a9cd29e941a32e263cad9c8a2bf80023d6bc97b2373
Size (ruby-2.2.10.tar.bz2) = 13365461 bytes
SHA1 (rubygems-276-for-ruby22.patch) = a705fc2290c062aebc907fddb0f83e2589356371
RMD160 (rubygems-276-for-ruby22.patch) = 6d694ea1f5e1bf70143a4ad6924547302db262ec
SHA512 (rubygems-276-for-ruby22.patch) = dfe12d7d2744cc6034cecd330258943bc6ae2bfd363375e2250b913c242c49b204de561e3aa6c55cd827fbe6e487d4f4038f72ec73fcc68c954d7d844743fa4d