Bug 177709
| Summary: | [PATCH] www/rubygem-rails and co: update to 3.2.13 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | geoffroy desvernay <dgeo> | ||||
| Component: | Individual Port(s) | Assignee: | Bryan Drewery <bdrewery> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | ruby | ||||
| Priority: | Normal | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
|
Description
geoffroy desvernay
2013-04-08 12:30:01 UTC
Responsible Changed From-To: freebsd-ports-bugs->ruby Over to maintainer (via the GNATS Auto Assign Tool) Responsible Changed From-To: ruby->bdrewery I'll take it. State Changed From-To: open->closed Committed. Thanks! Author: bdrewery Date: Thu Apr 11 11:30:00 2013 New Revision: 315783 URL: http://svnweb.freebsd.org/changeset/ports/315783 Log: - Update to 3.2.13 to fix security vulnerabilities - Update rubygem-mail to 2.5.3 as rubygem-actionmailer-3.2.13 requires it PR: ports/177709 Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr> With hat: ruby Approved by: portmgr (implicit) Reviewed by: miwi Security: db0c4b00-a24c-11e2-9601-000d601460a4 Modified: head/databases/rubygem-activemodel/Makefile head/databases/rubygem-activemodel/distinfo head/databases/rubygem-activerecord/Makefile head/databases/rubygem-activerecord/distinfo head/devel/rubygem-activesupport/Makefile head/devel/rubygem-activesupport/distinfo head/mail/rubygem-actionmailer/Makefile head/mail/rubygem-actionmailer/distinfo head/mail/rubygem-mail/Makefile head/mail/rubygem-mail/distinfo head/security/vuxml/vuln.xml head/www/rubygem-actionpack/Makefile head/www/rubygem-actionpack/distinfo head/www/rubygem-activeresource/Makefile head/www/rubygem-activeresource/distinfo head/www/rubygem-rails/Makefile head/www/rubygem-rails/distinfo head/www/rubygem-railties/Makefile head/www/rubygem-railties/distinfo Modified: head/databases/rubygem-activemodel/Makefile ============================================================================== --- head/databases/rubygem-activemodel/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/databases/rubygem-activemodel/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= activemodel -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= databases rubygems MASTER_SITES= RG Modified: head/databases/rubygem-activemodel/distinfo ============================================================================== --- head/databases/rubygem-activemodel/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/databases/rubygem-activemodel/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/activemodel-3.2.12.gem) = 0edb1514612f49767c091e5fe873f8480606755af01f042fcc79f906bd9883f0 -SIZE (rubygem/activemodel-3.2.12.gem) = 44544 +SHA256 (rubygem/activemodel-3.2.13.gem) = c5c269b02b3d39eea3d4d8cc132319828a1a0a8e06c857a1310f80caa94fec52 +SIZE (rubygem/activemodel-3.2.13.gem) = 45056 Modified: head/databases/rubygem-activerecord/Makefile ============================================================================== --- head/databases/rubygem-activerecord/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/databases/rubygem-activerecord/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= activerecord -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= databases rubygems MASTER_SITES= RG Modified: head/databases/rubygem-activerecord/distinfo ============================================================================== --- head/databases/rubygem-activerecord/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/databases/rubygem-activerecord/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/activerecord-3.2.12.gem) = d16b747d7ed852e8ba3fbedd41731660463499678cec988e17c7b337b68f883a -SIZE (rubygem/activerecord-3.2.12.gem) = 291328 +SHA256 (rubygem/activerecord-3.2.13.gem) = 05ed0718b25202e6f1907c02f1bc55c5996962d7a4692272a3fd882dbcccb9fc +SIZE (rubygem/activerecord-3.2.13.gem) = 294400 Modified: head/devel/rubygem-activesupport/Makefile ============================================================================== --- head/devel/rubygem-activesupport/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/devel/rubygem-activesupport/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= activesupport -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= devel rubygems MASTER_SITES= RG Modified: head/devel/rubygem-activesupport/distinfo ============================================================================== --- head/devel/rubygem-activesupport/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/devel/rubygem-activesupport/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/activesupport-3.2.12.gem) = 4f53fa55e0aeb00f40c677c29e23da23bea2104edf160bbdf3af38d9f39d38be -SIZE (rubygem/activesupport-3.2.12.gem) = 287744 +SHA256 (rubygem/activesupport-3.2.13.gem) = 1e39ca69876634a38e344dd079d92b3ab27e1bde0b979b04d0e3252591a451ed +SIZE (rubygem/activesupport-3.2.13.gem) = 288768 Modified: head/mail/rubygem-actionmailer/Makefile ============================================================================== --- head/mail/rubygem-actionmailer/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/mail/rubygem-actionmailer/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= actionmailer -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= mail rubygems MASTER_SITES= RG Modified: head/mail/rubygem-actionmailer/distinfo ============================================================================== --- head/mail/rubygem-actionmailer/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/mail/rubygem-actionmailer/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/actionmailer-3.2.12.gem) = 87511b97ba5db5659eeecee6618dd3b3824498e136ad97f2d9318d70cbf74c66 -SIZE (rubygem/actionmailer-3.2.12.gem) = 22016 +SHA256 (rubygem/actionmailer-3.2.13.gem) = 06d83e3627598cf79e39b5cacc8c450693609bfc863d0c003114a995cb0a5c4f +SIZE (rubygem/actionmailer-3.2.13.gem) = 22016 Modified: head/mail/rubygem-mail/Makefile ============================================================================== --- head/mail/rubygem-mail/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/mail/rubygem-mail/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -1,12 +1,8 @@ -# Ports collection makefile for: rubygem-mail -# Date created: 30 Aug 2010 -# Whom: Eric Freeman <freebsdports@chillibear.com> -# +# Created by: Eric Freeman <freebsdports@chillibear.com> # $FreeBSD$ -# PORTNAME= mail -PORTVERSION= 2.4.4 +PORTVERSION= 2.5.3 PORTEPOCH= 1 CATEGORIES= mail rubygems MASTER_SITES= RG Modified: head/mail/rubygem-mail/distinfo ============================================================================== --- head/mail/rubygem-mail/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/mail/rubygem-mail/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/mail-2.4.4.gem) = 237625b7e70f8cd9615658e0963c9880094a974cfa9dda7325e3537bcba7be45 -SIZE (rubygem/mail-2.4.4.gem) = 121856 +SHA256 (rubygem/mail-2.5.3.gem) = 338dfc39e30665402aade821584970502e1e039fd972731fc95beff3991ad9a9 +SIZE (rubygem/mail-2.5.3.gem) = 269312 Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Apr 11 10:03:50 2013 (r315782) +++ head/security/vuxml/vuln.xml Thu Apr 11 11:30:00 2013 (r315783) @@ -51,6 +51,60 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="db0c4b00-a24c-11e2-9601-000d601460a4"> + <topic>rubygem-rails -- multiple vulnerabilities</topic> + <affects> + <package> + <name>rubygem-rails</name> + <range><lt>3.2.13</lt></range> + </package> + <package> + <name>rubygem-actionpack</name> + <range><lt>3.2.13</lt></range> + </package> + <package> + <name>rubygem-activerecord</name> + <range><lt>3.2.13</lt></range> + </package> + <package> + <name>rubygem-activesupport</name> + <range><lt>3.2.13</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Ruby on Rails team reports:</p> + <blockquote cite="http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/"> + <p>Rails versions 3.2.13 has been released. This release + contains important security fixes. It is recommended + users upgrade as soon as possible.</p> + <p>Four vulnerabilities have been discovered and fixed:</p> + <ol> + <li>(CVE-2013-1854) Symbol DoS vulnerability in Active Record</li> + <li>(CVE-2013-1855) XSS vulnerability in sanitize_css in Action Pack</li> + <li>(CVE-2013-1856) XML Parsing Vulnerability affecting JRuby users</li> + <li>(CVE-2013-1857) XSS Vulnerability in the `sanitize` helper of Ruby on Rails</li> + </ol> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-1854</cvename> + <cvename>CVE-2013-1856</cvename> + <cvename>CVE-2013-1856</cvename> + <cvename>CVE-2013-1857</cvename> + <url>http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/</url> + <url>https://groups.google.com/forum/#!topic/ruby-security-ann/o0Dsdk2WrQ0</url> + <url>https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8</url> + <url>https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KZwsQbYsOiI</url> + <url>https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI</url> + </references> + <dates> + <discovery>2013-03-18</discovery> + <entry>2013-04-10</entry> + </dates> + </vuln> + <vuln vid="1431f2d6-a06e-11e2-b9e0-001636d274f3"> <topic>NVIDIA UNIX driver -- ARGB cursor buffer overflow in "NoScanout" mode</topic> <affects> Modified: head/www/rubygem-actionpack/Makefile ============================================================================== --- head/www/rubygem-actionpack/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-actionpack/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= actionpack -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= www rubygems MASTER_SITES= RG Modified: head/www/rubygem-actionpack/distinfo ============================================================================== --- head/www/rubygem-actionpack/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-actionpack/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/actionpack-3.2.12.gem) = f32a027d87014aff404cfc2dac5c4a1077d81a9815cf1e1adc5a1f601cd5e8a6 -SIZE (rubygem/actionpack-3.2.12.gem) = 287232 +SHA256 (rubygem/actionpack-3.2.13.gem) = bc782459a0ea262e78e10a47d61ec1dfd37070a220766466f4e013c5f36873d4 +SIZE (rubygem/actionpack-3.2.13.gem) = 289280 Modified: head/www/rubygem-activeresource/Makefile ============================================================================== --- head/www/rubygem-activeresource/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-activeresource/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= activeresource -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= www rubygems MASTER_SITES= RG Modified: head/www/rubygem-activeresource/distinfo ============================================================================== --- head/www/rubygem-activeresource/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-activeresource/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/activeresource-3.2.12.gem) = d111d4d401d24b8b2236e9c946020123e4f99b40bb02cdd8c4ae373b923dbe36 -SIZE (rubygem/activeresource-3.2.12.gem) = 37888 +SHA256 (rubygem/activeresource-3.2.13.gem) = 3414f1db511b5cf2fa81a7638859b398b0ee6e0bdbbb9530254d8c86198197e4 +SIZE (rubygem/activeresource-3.2.13.gem) = 37888 Modified: head/www/rubygem-rails/Makefile ============================================================================== --- head/www/rubygem-rails/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-rails/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= rails -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= www rubygems MASTER_SITES= RG Modified: head/www/rubygem-rails/distinfo ============================================================================== --- head/www/rubygem-rails/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-rails/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/rails-3.2.12.gem) = bff3605849350b46cceab64e0b9136cd8743d45db902160c19bbd06fc9a956ca -SIZE (rubygem/rails-3.2.12.gem) = 4608 +SHA256 (rubygem/rails-3.2.13.gem) = dfc57cb7d289513dd89a99db6f714fbdb407223160abf98293b74be07724bcb8 +SIZE (rubygem/rails-3.2.13.gem) = 4608 Modified: head/www/rubygem-railties/Makefile ============================================================================== --- head/www/rubygem-railties/Makefile Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-railties/Makefile Thu Apr 11 11:30:00 2013 (r315783) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= railties -PORTVERSION= 3.2.12 +PORTVERSION= 3.2.13 CATEGORIES= www rubygems MASTER_SITES= RG Modified: head/www/rubygem-railties/distinfo ============================================================================== --- head/www/rubygem-railties/distinfo Thu Apr 11 10:03:50 2013 (r315782) +++ head/www/rubygem-railties/distinfo Thu Apr 11 11:30:00 2013 (r315783) @@ -1,2 +1,2 @@ -SHA256 (rubygem/railties-3.2.12.gem) = bcf15c2eef2a0bc1aa208304b89199287ed91243500ef9e212a187546cf01c35 -SIZE (rubygem/railties-3.2.12.gem) = 1591296 +SHA256 (rubygem/railties-3.2.13.gem) = 294fa4eb64c8b5fe1ebb60145f8faa4b5ca50eecab9db4805e36e94cadc38b07 +SIZE (rubygem/railties-3.2.13.gem) = 1587200 _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org" |
