diff options
author | Steve Wills <swills@FreeBSD.org> | 2017-12-19 02:22:52 +0000 |
---|---|---|
committer | Steve Wills <swills@FreeBSD.org> | 2017-12-19 02:22:52 +0000 |
commit | 5f6ff6c2702ca6f4bedee86ed0e57c292b0aaaff (patch) | |
tree | f8cd8067f465862f5b41032656520cbe152d1d6c | |
parent | 142af88e8a1cff2e51841caca88930729514b4e2 (diff) | |
download | ports-5f6ff6c2702ca6f4bedee86ed0e57c292b0aaaff.tar.gz ports-5f6ff6c2702ca6f4bedee86ed0e57c292b0aaaff.zip |
MFH: r454686 r456700
lang/ruby2?: make rubygem-* ports reproducible
PR: 223781
exp-run by: antoine
Update lang/ruby2[2,3,4] to latest versions.
Fixes a security issue.
PR: 224356
Submitted by: Yasuhiro KIMURA <yasu@utahime.org>
Security: dd644964-e10e-11e7-8097-0800271d4b9c
Approved by: ports-secteam (implicit)
Notes
Notes:
svn path=/branches/2017Q4/; revision=456701
-rw-r--r-- | Mk/bsd.ruby.mk | 6 | ||||
-rw-r--r-- | lang/ruby22/distinfo | 6 | ||||
-rw-r--r-- | lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb | 20 | ||||
-rw-r--r-- | lang/ruby22/pkg-plist | 4 | ||||
-rw-r--r-- | lang/ruby23/distinfo | 6 | ||||
-rw-r--r-- | lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb | 20 | ||||
-rw-r--r-- | lang/ruby23/pkg-plist | 4 | ||||
-rw-r--r-- | lang/ruby24/distinfo | 6 | ||||
-rw-r--r-- | lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb | 20 | ||||
-rw-r--r-- | lang/ruby24/pkg-plist | 4 |
10 files changed, 84 insertions, 12 deletions
diff --git a/Mk/bsd.ruby.mk b/Mk/bsd.ruby.mk index 71ae3b00e0e0..eaa835e8f156 100644 --- a/Mk/bsd.ruby.mk +++ b/Mk/bsd.ruby.mk @@ -154,7 +154,7 @@ RUBY?= ${LOCALBASE}/bin/${RUBY_NAME} # # Ruby 2.2 # -RUBY_RELVERSION= 2.2.8 +RUBY_RELVERSION= 2.2.9 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 @@ -164,7 +164,7 @@ RUBY22= "" # PLIST_SUB helpers # # Ruby 2.3 # -RUBY_RELVERSION= 2.3.5 +RUBY_RELVERSION= 2.3.6 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 @@ -174,7 +174,7 @@ RUBY23= "" # PLIST_SUB helpers # # Ruby 2.4 # -RUBY_RELVERSION= 2.4.2 +RUBY_RELVERSION= 2.4.3 RUBY_PORTREVISION= 0 RUBY_PORTEPOCH= 1 RUBY_PATCHLEVEL= 0 diff --git a/lang/ruby22/distinfo b/lang/ruby22/distinfo index 956186032aaf..aac8328d97b2 100644 --- a/lang/ruby22/distinfo +++ b/lang/ruby22/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677428 -SHA256 (ruby/ruby-2.2.8.tar.xz) = 37eafc15037396c26870f6a6c5bcd0658d14b46cd5e191a3b56d89dd22d561b0 -SIZE (ruby/ruby-2.2.8.tar.xz) = 10520648 +TIMESTAMP = 1513294825 +SHA256 (ruby/ruby-2.2.9.tar.xz) = 313b44b1105589d00bb30b9cccf7da44d263fe20a2d8d269ada536d4a7ef285c +SIZE (ruby/ruby-2.2.9.tar.xz) = 10511456 diff --git a/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb b/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb new file mode 100644 index 000000000000..1f0c7400175a --- /dev/null +++ b/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:41:46.332613000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:41:56.834004000 -0500 +@@ -169,7 +169,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.to_s + gz.write search_index + gz.close +@@ -187,7 +187,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.to_s + gz.write data + gz.close diff --git a/lang/ruby22/pkg-plist b/lang/ruby22/pkg-plist index 36639b9da800..23a23fe98277 100644 --- a/lang/ruby22/pkg-plist +++ b/lang/ruby22/pkg-plist @@ -731,6 +731,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -7715,6 +7716,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/soft_missing-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri diff --git a/lang/ruby23/distinfo b/lang/ruby23/distinfo index 4e9a30aa3b3e..556112926173 100644 --- a/lang/ruby23/distinfo +++ b/lang/ruby23/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677434 -SHA256 (ruby/ruby-2.3.5.tar.xz) = 7d3a7dabb190c2da06c963063342ca9a214bcd26f2158e904f0ec059b065ffda -SIZE (ruby/ruby-2.3.5.tar.xz) = 11437868 +TIMESTAMP = 1513293503 +SHA256 (ruby/ruby-2.3.6.tar.xz) = e0d969ac22d4a403c1204868bb9c0d068aa35045bb3934cf50b17b7f66059f56 +SIZE (ruby/ruby-2.3.6.tar.xz) = 11445628 diff --git a/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb b/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb new file mode 100644 index 000000000000..59eb143bf185 --- /dev/null +++ b/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:38:46.598341000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:38:59.759125000 -0500 +@@ -175,7 +175,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.basename.to_s + gz.write search_index + gz.close +@@ -193,7 +193,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.basename.to_s + gz.write data + gz.close diff --git a/lang/ruby23/pkg-plist b/lang/ruby23/pkg-plist index c2b23b5cd858..266295a0311b 100644 --- a/lang/ruby23/pkg-plist +++ b/lang/ruby23/pkg-plist @@ -748,6 +748,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -7978,6 +7979,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/soft_missing-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri diff --git a/lang/ruby24/distinfo b/lang/ruby24/distinfo index 62807f5592ba..d3774abf9c8f 100644 --- a/lang/ruby24/distinfo +++ b/lang/ruby24/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1505677438 -SHA256 (ruby/ruby-2.4.2.tar.xz) = 748a8980d30141bd1a4124e11745bb105b436fb1890826e0d2b9ea31af27f735 -SIZE (ruby/ruby-2.4.2.tar.xz) = 10046412 +TIMESTAMP = 1513291404 +SHA256 (ruby/ruby-2.4.3.tar.xz) = 23677d40bf3b7621ba64593c978df40b1e026d8653c74a0599f0ead78ed92b51 +SIZE (ruby/ruby-2.4.3.tar.xz) = 10040072 diff --git a/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb b/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb new file mode 100644 index 000000000000..1211131e7e17 --- /dev/null +++ b/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb @@ -0,0 +1,20 @@ +--- ./lib/rdoc/generator/json_index.rb.orig 2017-11-12 19:37:25.144883000 -0500 ++++ ./lib/rdoc/generator/json_index.rb 2017-11-12 19:37:44.551836000 -0500 +@@ -175,7 +175,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = 1 + gz.orig_name = search_index_file.basename.to_s + gz.write search_index + gz.close +@@ -193,7 +193,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = 1 + gz.orig_name = dest.basename.to_s + gz.write data + gz.close diff --git a/lang/ruby24/pkg-plist b/lang/ruby24/pkg-plist index ee160bbe04bb..eb0128482457 100644 --- a/lang/ruby24/pkg-plist +++ b/lang/ruby24/pkg-plist @@ -764,6 +764,7 @@ lib/lib%%RUBY_NAME%%.so.%%RUBY_SHLIBVER%% %%RUBY_LIBDIR%%/rubygems/resolver/stats.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_set.rb %%RUBY_LIBDIR%%/rubygems/resolver/vendor_specification.rb +%%RUBY_LIBDIR%%/rubygems/safe_yaml.rb %%RUBY_LIBDIR%%/rubygems/security.rb %%RUBY_LIBDIR%%/rubygems/security/policies.rb %%RUBY_LIBDIR%%/rubygems/security/policy.rb @@ -8140,6 +8141,9 @@ man/man1/%%RUBY_NAME%%.1.gz %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/sort_dependencies-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Resolver/stats-i.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/RubyVersionMismatch/cdesc-RubyVersionMismatch.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/cdesc-SafeYAML.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/load-c.ri +%%RDOC%%%%RUBY_RIDIR%%/Gem/SafeYAML/safe_load-c.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Exception/cdesc-Exception.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/cdesc-Policy.ri %%RDOC%%%%RUBY_RIDIR%%/Gem/Security/Policy/check_cert-i.ri |