https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253822
Bug ID: 253822 Summary: lang/jruby: Update to 9.2.15.0 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: r...@freebsd.org Reporter: t...@hur.st Flags: maintainer-feedback?(r...@freebsd.org) Assignee: r...@freebsd.org Created attachment 222797 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=222797&action=edit Patch lang/jruby to 9.2.15.0 This includes fixes for various security issues, in particular: * CVE-2011-4815 (predictable hashing DoS) * CVE-2017-17742, CVE-2019-16254, CVE-2020-25613 (WeBrick request smuggling/splitting) * CVE-2017-18640 (SnakeYAML entity expansion DoS) As well as fixes for File.stat/lstat on FreeBSD 12 and later, which previously rendered JRuby unusable on these systems. Port passes portlint and poudriere testport. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-ruby@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ruby To unsubscribe, send any mail to "freebsd-ruby-unsubscr...@freebsd.org"