kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/lang/ruby24-base/patches
History
taca 181acf8de6 lang/ruby24-base: update to 2.4.4, security release 
Ruby 2.4.4 Released			Posted by nagachika on 28 Mar 2018

Ruby 2.4.4 has been released.

This release includes some bug fixes and some security fixes.

* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory
  traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
  UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems

There are also some bug fixes. See commit logs for more details.
2018-03-29 03:04:47 +00:00
..
patch-configure ruby24-base: Put -std= in CFLAGS not CPPFLAGS. Bump PKGREVISION. 2018-01-26 13:22:58 +00:00
patch-ext_dbm_extconf.rb
patch-lib_mkmf.rb
patch-lib_rdoc_ri_driver.rb
patch-lib_rubygems.rb
patch-lib_rubygems_commands_setup__command.rb
patch-lib_rubygems_config__file.rb
patch-lib_rubygems_defaults.rb
patch-lib_rubygems_dependency__installer.rb
patch-lib_rubygems_install__update__options.rb
patch-lib_rubygems_installer.rb
patch-lib_rubygems_platform.rb
patch-lib_rubygems_specification.rb
patch-test_rubygems_test__gem.rb