Date: Tue, 19 Dec 2017 02:22:53 +0000 (UTC) From: Steve Wills <swills@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r456701 - in branches/2017Q4: Mk lang/ruby22 lang/ruby22/files lang/ruby23 lang/ruby23/files lang/ruby24 lang/ruby24/files Message-ID: <201712190222.vBJ2MrG9044093@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: swills Date: Tue Dec 19 02:22:52 2017 New Revision: 456701 URL: https://svnweb.freebsd.org/changeset/ports/456701 Log: MFH: r454686 r456700 lang/ruby2?: make rubygem-* ports reproducible PR: 223781 exp-run by: antoine Update lang/ruby2[2,3,4] to latest versions. Fixes a security issue. PR: 224356 Submitted by: Yasuhiro KIMURA <yasu@utahime.org> Security: dd644964-e10e-11e7-8097-0800271d4b9c Approved by: ports-secteam (implicit) Added: branches/2017Q4/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb - copied unchanged from r454686, head/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb branches/2017Q4/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb - copied unchanged from r454686, head/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb branches/2017Q4/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb - copied unchanged from r454686, head/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb Modified: branches/2017Q4/Mk/bsd.ruby.mk branches/2017Q4/lang/ruby22/distinfo branches/2017Q4/lang/ruby22/pkg-plist branches/2017Q4/lang/ruby23/distinfo branches/2017Q4/lang/ruby23/pkg-plist branches/2017Q4/lang/ruby24/distinfo branches/2017Q4/lang/ruby24/pkg-plist Directory Properties: branches/2017Q4/ (props changed) Modified: branches/2017Q4/Mk/bsd.ruby.mk ============================================================================== --- branches/2017Q4/Mk/bsd.ruby.mk Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/Mk/bsd.ruby.mk Tue Dec 19 02:22:52 2017 (r456701) @@ -154,7 +154,7 @@ RUBY?= ${LOCALBASE}/bin/${RUBY_NAME} # # Ruby 2.2 # -RUBY_RELVERSION= 2.2.8 +RUBY_RELVERSION= 2.2.9 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 @@ -164,7 +164,7 @@ RUBY22= "" # PLIST_SUB helpers # # Ruby 2.3 # -RUBY_RELVERSION= 2.3.5 +RUBY_RELVERSION= 2.3.6 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 @@ -174,7 +174,7 @@ RUBY23= "" # PLIST_SUB helpers # # Ruby 2.4 # -RUBY_RELVERSION= 2.4.2 +RUBY_RELVERSION= 2.4.3 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 Modified: branches/2017Q4/lang/ruby22/distinfo ============================================================================== --- branches/2017Q4/lang/ruby22/distinfo Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby22/distinfo Tue Dec 19 02:22:52 2017 (r456701) @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677428 -SHA256 (ruby/ruby-2.2.8.tar.xz) = 37eafc15037396c26870f6a6c5bcd0658d14b46cd5e191a3b56d89dd22d561b0 -SIZE (ruby/ruby-2.2.8.tar.xz) = 10520648 +TIMESTAMP = 1513294825 +SHA256 (ruby/ruby-2.2.9.tar.xz) = 313b44b1105589d00bb30b9cccf7da44d263fe20a2d8d269ada536d4a7ef285c +SIZE (ruby/ruby-2.2.9.tar.xz) = 10511456 Copied: branches/2017Q4/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb (from r454686, head/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb Tue Dec 19 02:22:52 2017 (r456701, copy of r454686, head/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb) @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:41:46.332613000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:41:56.834004000 -0500 +@@ -169,7 +169,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.to_s + gz.write search_index + gz.close +@@ -187,7 +187,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.to_s + gz.write data + gz.close Modified: branches/2017Q4/lang/ruby22/pkg-plist ============================================================================== --- branches/2017Q4/lang/ruby22/pkg-plist Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby22/pkg-plist Tue Dec 19 02:22:52 2017 (r456701) @@ -731,6 +731,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -7715,6 +7716,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/soft_missing-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri Modified: branches/2017Q4/lang/ruby23/distinfo ============================================================================== --- branches/2017Q4/lang/ruby23/distinfo Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby23/distinfo Tue Dec 19 02:22:52 2017 (r456701) @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677434 -SHA256 (ruby/ruby-2.3.5.tar.xz) = 7d3a7dabb190c2da06c963063342ca9a214bcd26f2158e904f0ec059b065ffda -SIZE (ruby/ruby-2.3.5.tar.xz) = 11437868 +TIMESTAMP = 1513293503 +SHA256 (ruby/ruby-2.3.6.tar.xz) = e0d969ac22d4a403c1204868bb9c0d068aa35045bb3934cf50b17b7f66059f56 +SIZE (ruby/ruby-2.3.6.tar.xz) = 11445628 Copied: branches/2017Q4/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb (from r454686, head/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb Tue Dec 19 02:22:52 2017 (r456701, copy of r454686, head/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb) @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:38:46.598341000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:38:59.759125000 -0500 +@@ -175,7 +175,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.basename.to_s + gz.write search_index + gz.close +@@ -193,7 +193,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.basename.to_s + gz.write data + gz.close Modified: branches/2017Q4/lang/ruby23/pkg-plist ============================================================================== --- branches/2017Q4/lang/ruby23/pkg-plist Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby23/pkg-plist Tue Dec 19 02:22:52 2017 (r456701) @@ -748,6 +748,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -7978,6 +7979,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/soft_missing-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri Modified: branches/2017Q4/lang/ruby24/distinfo ============================================================================== --- branches/2017Q4/lang/ruby24/distinfo Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby24/distinfo Tue Dec 19 02:22:52 2017 (r456701) @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677438 -SHA256 (ruby/ruby-2.4.2.tar.xz) = 748a8980d30141bd1a4124e11745bb105b436fb1890826e0d2b9ea31af27f735 -SIZE (ruby/ruby-2.4.2.tar.xz) = 10046412 +TIMESTAMP = 1513291404 +SHA256 (ruby/ruby-2.4.3.tar.xz) = 23677d40bf3b7621ba64593c978df40b1e026d8653c74a0599f0ead78ed92b51 +SIZE (ruby/ruby-2.4.3.tar.xz) = 10040072 Copied: branches/2017Q4/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb (from r454686, head/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb Tue Dec 19 02:22:52 2017 (r456701, copy of r454686, head/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb) @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:37:25.144883000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:37:44.551836000 -0500 +@@ -175,7 +175,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.basename.to_s + gz.write search_index + gz.close +@@ -193,7 +193,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.basename.to_s + gz.write data + gz.close Modified: branches/2017Q4/lang/ruby24/pkg-plist ============================================================================== --- branches/2017Q4/lang/ruby24/pkg-plist Tue Dec 19 02:17:58 2017 (r456700) +++ branches/2017Q4/lang/ruby24/pkg-plist Tue Dec 19 02:22:52 2017 (r456701) @@ -764,6 +764,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -8140,6 +8141,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/sort_dependencies-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201712190222.vBJ2MrG9044093>