Differential D2572
devel/ruby-gems: update to 2.4.7 Authored by mmoll on May 17 2015, 2:32 PM. Tags None Referenced Files
Subscribers None
Details As http://git.io/vTknl is basically only the security update, this is low risk. devel/ruby-gems: update to 2.4.7 PR: 200264 Submitted by: Santiago Pastorino <spastorino@gmail.com> Approved by: swills (mentor), mat (mentor) Security: CVE-2015-3900 poudriere: http://space.kvedulv.de/FreeBSD/ruby21-gems-2.4.7.log - besides that, rubygems outside of and in poudriere seem to work just normal. mmoll@marduk:/svn/ports/devel/ruby-gems$ portlint -ACNc
WARN: Makefile: [10]: possible direct use of command "ruby" found. use ${RUBY} instead.
WARN: Makefile: for new port, make $FreeBSD$ tag in comment section empty, to make SVN happy.
0 fatal errors and 2 warnings found.vuxml: mmoll@marduk:/svn/ports/security/vuxml$ make validate /bin/sh /svn/ports/security/vuxml/files/tidy.sh "/svn/ports/security/vuxml/files/tidy.xsl" "/svn/ports/security/vuxml/vuln.xml" > "/svn/ports/security/vuxml/vuln.xml.tidy" >>> Validating... /usr/local/bin/xmllint --valid --noout /svn/ports/security/vuxml/vuln.xml >>> Successful. Checking if tidy differs... ... seems okay Checking for space/tab... ... seems okay /usr/local/bin/python2.7 /svn/ports/security/vuxml/files/extra-validation.py mmoll@marduk:/svn/ports/security/vuxml$ env PKG_DBDIR=/svn/ports/security/vuxml pkg audit ruby22-gems-2.4.6 ruby22-gems-2.4.6 is vulnerable: rubygems -- request hijacking vulnerability CVE: CVE-2015-3900 WWW: http://vuxml.FreeBSD.org/freebsd/a0089e18-fc9e-11e4-bc58-001e67150279.html 1 problem(s) in the installed packages found. mmoll@marduk:/svn/ports/security/vuxml$ env PKG_DBDIR=/svn/ports/security/vuxml pkg audit ruby22-gems-2.4.7 0 problem(s) in the installed packages found.
Diff Detail
|