Ruby 2.2.7 Released 2017/3/28
Ruby 2.2.7 has been released.
This release includes about 70 bug fixes after the previous release. See the
ChangeLog for details.
After this release, we will end the normal maintenance phase of Ruby 2.2, and
start the security maintenance phase of it. This means that after the release
of 2.2.7 we will never backport any bug fixes to 2.2 except security fixes.
The term of the security maintenance phase is scheduled for 1 year. By the
end of this term, official support of Ruby 2.2 will be over. Therefore, we
recommend that you start planning to upgrade to Ruby 2.4 or 2.3.
pkgsrc change: rubygems dose not blame open-ended dependency unless verbose
option is enabled.
Ruby 2.2.6 Released Posted by usa on 15 Nov 2016
Ruby 2.2.6 has been released.
This release includes new SSL certificates for RubyGems. And, this also
includes about 80 bug fixes after the previous release. See the ChangeLog for
details.
I don't see a relation to relro, but the linker found out about
a missing symbol it didn't complain about before.
SVN 54139:
Thu Mar 17 11:36:27 2016 Nobuyoshi Nakada <nobu@ruby-lang.org>
* ext/socket/option.c (inspect_tcpi_msec): more accurate condition
for TCPI msec member inspection function.
[ruby-core:74388] [Bug #12185]
Bump PKGREVISION.
Ruby 2.2.4 Released
Posted by nagachika on 16 Dec 2015
Ruby 2.2.4 has been released.
This release includes a security fix for Fiddle extension. Please view the
topic below for more details.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
There are also some bugfixes. See ChangeLog for details.
Set PKG_CONFIG to empty as it removes reference to the build directory.
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
Fix typo in comment s/refrect/reference.
Reviewed by taca@ wiz@
Release note:
Ruby 2.2.3 Released
Posted by nagachika on 18 Aug 2015
We are pleased to announce the release of Ruby 2.2.3. This is a TEENY
version release of the stable 2.2 series.
This release includes the security fix for a RubyGems domain name
verification vulnerability.
CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
There are also some bugfixes. See ChangeLog for details.
$(DLLIB): $(OBJS) Makefile
...
$(Q) $(POSTLINK)
And POSTLINK is empty macro. In such case, GNU make ignore empty command
line but BSD make tries to execute it and causes error.
Bump PKGREVISION.
From release announce:
We are pleased to announce the release of Ruby 2.2.2. This is a TEENY version
release of the stable 2.2 series.
This release includes the security fix for a OpenSSL extension¡Çs hostname
verification vulnerability.
CVE-2015-1855: Ruby OpenSSL Hostname Verification
There are also some bugfixes. See ChangeLog for details.
From release announce:
We are pleased to announce the release of Ruby 2.2.1. This is the first TEENY
version release of the stable 2.2 series.
This release includes the fix for ffi build failure and memory leak issue on
Symbol GC (See Bug #10686).
See ChangeLog for details.
