[Bug 253822] lang/jruby: Update to 9.2.15.0

bugzilla-noreply Wed, 24 Feb 2021 12:08:50 -0800

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253822


            Bug ID: 253822
           Summary: lang/jruby: Update to 9.2.15.0
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: r...@freebsd.org
          Reporter: t...@hur.st
             Flags: maintainer-feedback?(r...@freebsd.org)
          Assignee: r...@freebsd.org

Created attachment 222797
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=222797&action=edit
Patch lang/jruby to 9.2.15.0

This includes fixes for various security issues, in particular:

* CVE-2011-4815 (predictable hashing DoS)
* CVE-2017-17742, CVE-2019-16254, CVE-2020-25613 (WeBrick request
smuggling/splitting)
* CVE-2017-18640 (SnakeYAML entity expansion DoS)

As well as fixes for File.stat/lstat on FreeBSD 12 and later, which previously
rendered JRuby unusable on these systems.

Port passes portlint and poudriere testport.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-ruby@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ruby
To unsubscribe, send any mail to "freebsd-ruby-unsubscr...@freebsd.org"

[Bug 253822] lang/jruby: Update to 9.2.15.0

Reply via email to