1b41e8f641
ruby: update to 3.0.2
...
This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2021-07-15 14:44:15 -03:00
fe4020f23e
ruby: update to 3.0.0
...
This release goal is performance, concurrency, and typing. See details
in https://www.ruby-lang.org/en/news/2020/12/25/ruby-3-0-0-released/
New subpackages (reflect of mostly complete upstream ruby gemification)
- ruby-abbrev (from ruby-misc)
- ruby-base64 (from ruby-misc)
- ruby-coverage (from ruby-misc)
- ruby-continuation (from ruby-misc)
- ruby-debug (from ruby-debuglib)
- ruby-english (from ruby-misc)
- ruby-expect (from ruby-misc)
- ruby-fiber (from ruby-misc)
- ruby-find (from ruby-filelib)
- ruby-io-nonblock (from ruby-multithread)
- ruby-io-wait (from ruby-multithread)
- ruby-monitor (from ruby-multithread)
- ruby-net-ftp (from ruby-net)
- ruby-net-http (from ruby-net)
- ruby-net-imap (from ruby-net)
- ruby-net-pop (from ruby-net)
- ruby-net-protocol (from ruby-net)
- ruby-objspace (from ruby-debuglib)
- ruby-open-uri (from ruby-net)
- ruby-pathname (from ruby-filelib)
- ruby-pp (from ruby-prettyprint)
- ruby-pty (from ruby-misc)
- ruby-rbs (NEW)
- ruby-resolv (from ruby-socket)
- ruby-resolv-replace (from ruby-socket)
- ruby-securerandom (from ruby-misc)
- ruby-set (from ruby-misc)
- ruby-shellwords (from ruby-misc)
- ruby-syslog (from ruby-logger)
- ruby-tempfile (from ruby-filelib)
- ruby-tmpdir (from ruby-filelib)
- ruby-tsort (from ruby-misc)
- ruby-typeprof (NEW)
- ruby-un (from ruby-mkmf)
- ruby-weakref (from ruby-misc)
Removed subpackages
- ruby-debuglib (split into ruby-debug,ruby-objspace)
- ruby-filelib (split into ruby-find,ruby-pathname,ruby-tempfile,ruby-tmpdir)
- ruby-misc (split into ruby-abbrev,ruby-base64,ruby-continuation,
ruby-coverage,ruby-english,ruby-expect,ruby-fiber,ruby-securerandom,
ruby-set,ruby-shellwords,ruby-tsort,ruby-weakref)
- ruby-multithread (split into ruby-io-nonblock,ruby-io-wait,ruby-monitor)
- ruby-net (split into ruby-net-ftp,ruby-net-http,ruby-net-imap,ruby-net-pop,
ruby-net-protocol,ruby-open-uri)
- ruby-net-telnet (removed upstream)
- ruby-sdbm (removed upstream)
- ruby-webrick (removed upstream)
- ruby-xmlrpc (removed upstream)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2021-02-22 19:49:38 -03:00
366828f0e7
ruby: update to 2.7.1
...
New subpackages (reflect of ongoing ruby gemification)
- ruby-benchmark (from ruby-debuglib)
- ruby-delegate (from ruby-misc)
- ruby-getoptlong (from ruby-misc)
- ruby-net-pop (from ruby-net)
- ruby-net-imap (from ruby-net)
- ruby-observer (from ruby-patterns, now gone)
- ruby-open3 (from ruby-misc)
- ruby-readline-ext (was ruby-readline, while ruby-readline now selects either
ruby-readline-ext or ruby-reline)
- ruby-reline (alternative to ruby-readline-ext as pure ruby)
- ruby-singleton (from ruby-patterns, now gone)
- ruby-timeout (from ruby-multithread)
Dropped subpackages:
- ruby-cmath (gone in 2.7.0)
- ruby-e2mmap (gone in 2.7.0)
- ruby-patterns (splitted into ruby-observer, ruby-singleton)
- ruby-scanf (gone in 2.7.0)
- ruby-shell (gone in 2.7.0)
- ruby-sync (gone in 2.7.0)
- ruby-thwait (gone in 2.7.0)
Ruby 2.7.0 also dropped profile.rb and profiler.rb (they were in ruby-debuglib)
Patches changes:
- Dropped patch 001_fix_isnan_isinf_finite_with_uclibc.patch (now in release)
- Added 100-musl.patch, fixing mainly coroutine implementation selection
Helper scripts changes:
- ruby_missingfiles: do not ignore ruby-dev files
- ruby_find_pkgsdeps: better detect circular dependencies
Ruby 2.7.1 fixes these security issues:
* CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2020-04-14 18:57:36 -03:00
Luiz Angelo Daros de Luca