CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2019/03/15 14:43:54
Modified files:
lang/ruby/2.5 : Tag: OPENBSD_6_4 Makefile distinfo
lang/ruby/2.5/pkg: Tag: OPENBSD_6_4 PLIST-ri_docs
Log message:
Update to ruby 2.5.5
Fixes the following vulnerabilities in rubygems:
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
