c41067b2d2
pkgsrc change: add "USE_LANGUAGES= # empty" 2.7.7 / 2021-02-01 * Security fixes for CVE-2021-21289 Mechanize `>= v2.0`, `< v2.7.7` allows for OS commands to be injected into several classes' methods via implicit use of Ruby's `Kernel.open` method. Exploitation is possible only if untrusted input is used as a local filename and passed to any of these calls: - `Mechanize::CookieJar#load`: since v2.0 (see 208e3ed) - `Mechanize::CookieJar#save_as`: since v2.0 (see 5b776a4) - `Mechanize#download`: since v2.2 (see dc91667) - `Mechanize::Download#save` and `#save!` since v2.1 (see 98b2f51, bd62ff0) - `Mechanize::File#save` and `#save_as`: since v2.1 (see 2bf7519) - `Mechanize::FileResponse#read_body`: since v2.0 (see 01039f5) See github.com/sparklemotion/mechanize/security/advisories/GHSA-qrqm-fpv6-6r8g for more information. Also see #547, #548. Thank you, @kyoshidajp! New Features * Support for Ruby 3.0 by adding `webrick` as a runtime dependency. (#557) @pvalena Bug fix * Ignore input fields with blank names (#542, #536)
24 lines
1 KiB
Makefile
24 lines
1 KiB
Makefile
# $NetBSD: Makefile,v 1.20 2021/02/03 15:44:35 taca Exp $
|
|
|
|
DISTNAME= mechanize-2.7.7
|
|
CATEGORIES= www
|
|
|
|
MAINTAINER= minskim@NetBSD.org
|
|
HOMEPAGE= https://github.com/sparklemotion/mechanize
|
|
COMMENT= Library to automate interaction with websites
|
|
LICENSE= mit
|
|
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-net-http-digest_auth>=1.1.1:../../www/ruby-net-http-digest_auth
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-net-http-persistent>=2.5.2:../../www/ruby-net-http-persistent
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-mime-types>=1.17.2:../../mail/ruby-mime-types
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-domain_name>=0.5.1<1:../../net/ruby-domain_name
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-http-cookie>=1.0<2:../../www/ruby-http-cookie
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-nokogiri>=1.6<2:../../textproc/ruby-nokogiri
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-ntlm-http>=0.1<1:../../www/ruby-ntlm-http
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-webrobots>=0.0<0.2:../../www/ruby-webrobots
|
|
DEPENDS+= ${RUBY_PKGPREFIX}-webrick>=1.7<2:../../www/ruby-webrick
|
|
|
|
USE_LANGUAGES= # empty
|
|
|
|
.include "../../lang/ruby/gem.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|