Bug 254800 - lang/ruby26: Update to 2.6.7
Summary: lang/ruby26: Update to 2.6.7
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Koichiro Iwao
URL: https://www.ruby-lang.org/en/news/202...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-05 18:36 UTC by Yasuhiro Kimura
Modified: 2021-04-06 13:24 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (ruby)


Attachments
Patch file (25.28 KB, patch)
2021-04-05 18:36 UTC, Yasuhiro Kimura
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura 2021-04-05 18:36:06 UTC
Created attachment 223837 [details]
Patch file

Update to 2.6.7, which includes fix of CVE-2021-28965.

Release Note: https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-6-7-released/

Bug #254793 describes vulnerability fixed with this release. So please commit it together.
Comment 1 commit-hook freebsd_committer 2021-04-06 13:22:59 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=421b0b3639c3168a9b9f283cf96874b87a1bfc73

commit 421b0b3639c3168a9b9f283cf96874b87a1bfc73
Author:     Koichiro Iwao <meta@FreeBSD.org>
AuthorDate: 2021-04-06 12:53:56 +0000
Commit:     Koichiro Iwao <meta@FreeBSD.org>
CommitDate: 2021-04-06 13:21:42 +0000

    lang/ruby26: Update to 2.6.7

    PR:             254800
    Reported by:    Yasuhiro Kimura <yasu@utahime.org>
    Reviewed by:    meta (myself)
    Relnotes:       https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-6-7-released/
    Security:       CVE-2020-25613
    Security:       CVE-2021-28965

 Mk/bsd.ruby.mk        |  4 +--
 lang/ruby26/distinfo  |  6 ++--
 lang/ruby26/pkg-plist | 98 +++++++++++++++++++++++++++------------------------
 3 files changed, 56 insertions(+), 52 deletions(-)
Comment 2 Koichiro Iwao freebsd_committer 2021-04-06 13:24:08 UTC
Committed, thanks!