Bug 254805 - textproc/rubygem-rexml: Update to 3.2.5
Summary: textproc/rubygem-rexml: Update to 3.2.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Sunpoet Po-Chuan Hsieh
URL: https://github.com/ruby/rexml/commits...
Depends on:
Reported: 2021-04-05 20:22 UTC by Yasuhiro Kimura
Modified: 2021-04-19 00:52 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (sunpoet)

Patch file (875 bytes, patch)
2021-04-05 20:22 UTC, Yasuhiro Kimura
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura 2021-04-05 20:22:52 UTC
Created attachment 223843 [details]
Patch file

Update to 3.2.5, which includes fix of CVE-2021-28965.

Changes: https://github.com/ruby/rexml/commits/v3.2.5

Bug #254793 describes vulnerability fixed with this release. So please commit it together.
Comment 1 Matthias Fechner freebsd_committer 2021-04-15 14:40:13 UTC
This update also blocks a security update of gitlab-ce.
Comment 2 Yasuhiro Kimura 2021-04-19 00:52:27 UTC
Updated to 3.2.5 with ports r3d1a0c161c08.