Bug 254802 - lang/ruby27: Update to 2.7.3
Summary: lang/ruby27: Update to 2.7.3
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Koichiro Iwao
URL: https://www.ruby-lang.org/en/news/202...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-04-05 19:08 UTC by Yasuhiro Kimura
Modified: 2021-04-06 13:24 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (ruby)


Attachments
Patch file (23.47 KB, patch)
2021-04-05 19:08 UTC, Yasuhiro Kimura
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura 2021-04-05 19:08:41 UTC
Created attachment 223839 [details]
Patch file

Update to 2.7.3, which includes fix of CVE-2021-28965.

Release Note: https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/

Bug #254793 describes vulnerability fixed with this release. So please commit it together.
Comment 1 commit-hook freebsd_committer 2021-04-06 13:22:58 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=4ba1ba53f548cc0a9b4a2e77445b6540f9beb99c

commit 4ba1ba53f548cc0a9b4a2e77445b6540f9beb99c
Author:     Koichiro Iwao <meta@FreeBSD.org>
AuthorDate: 2021-04-06 13:11:17 +0000
Commit:     Koichiro Iwao <meta@FreeBSD.org>
CommitDate: 2021-04-06 13:21:42 +0000

    lang/ruby27: Update to 2.7.3

    PR:             254802
    Reported by:    Yasuhiro Kimura <yasu@utahime.org>
    Reviewed by:    meta (myself)
    Relnotes:       https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
    Security:       CVE-2021-28965
    Security:       CVE-2021-28966

 Mk/bsd.ruby.mk        |   4 +-
 lang/ruby27/distinfo  |   6 +--
 lang/ruby27/pkg-plist | 119 ++++++++++++++++++++++++++++++++++++--------------
 3 files changed, 91 insertions(+), 38 deletions(-)
Comment 2 Koichiro Iwao freebsd_committer 2021-04-06 13:24:39 UTC
Committed, thanks!