On 2019/09/04 08:25, Jeremy Evans wrote: > On 09/04 04:17, Stuart Henderson wrote: > > On 2019/09/03 16:24, Jeremy Evans wrote: > > > CVSROOT: /cvs > > > Module name: ports > > > Changes by: [email protected] 2019/09/03 16:24:43 > > > > > > Modified files: > > > lang/ruby/2.4 : Tag: OPENBSD_6_5 Makefile distinfo > > > lang/ruby/2.4/pkg: Tag: OPENBSD_6_5 PLIST-main > > > lang/ruby/2.5 : Tag: OPENBSD_6_5 Makefile distinfo > > > lang/ruby/2.5/pkg: Tag: OPENBSD_6_5 PLIST-main > > > lang/ruby/2.6 : Tag: OPENBSD_6_5 Makefile distinfo > > > lang/ruby/2.6/pkg: Tag: OPENBSD_6_5 PLIST-main PLIST-ri_docs > > > > > > Log message: > > > Update to Ruby 2.4.7, 2.5.6, and 2.6.4 > > > > > > Fixes CVE-2012-6708 and CVE-2015-9251 by removing embedded version of > > > JQuery > > > from RDoc. > > > > > > > Will this cause the same issue with databases/xapian-bindings as in > > -current? > > I'm pretty sure it would. Should I commit the same > databases/xapian-bindings patch to -stable?
I think that would be the right thing to do, so that anyone doing a full bulk build from a -stable tree would still have success. OK with me.
