svn commit: r310121 - in head: databases/rubygem-activemodel databases/rubygem-activerecord devel/rubygem-activesupport devel/rubygem-builder devel/rubygem-coffee-rails devel/rubygem-coffee-script ...
Steve Wills
swills at FreeBSD.org
Wed Jan 9 03:53:26 UTC 2013
Author: swills
Date: Wed Jan 9 03:53:15 2013
New Revision: 310121
URL: http://svnweb.freebsd.org/changeset/ports/310121
Log:
- Update rubygem-rails to 3.2.11
- Update ports require by rubygem-rails
- Add vuxml entry for rails security issues
Security: ca5d3272-59e3-11e2-853b-00262d5ed8ee
Security: b4051b52-58fa-11e2-853b-00262d5ed8ee
Modified:
head/databases/rubygem-activemodel/Makefile
head/databases/rubygem-activemodel/distinfo
head/databases/rubygem-activerecord/Makefile
head/databases/rubygem-activerecord/distinfo
head/devel/rubygem-activesupport/Makefile
head/devel/rubygem-activesupport/distinfo
head/devel/rubygem-builder/Makefile
head/devel/rubygem-builder/distinfo
head/devel/rubygem-coffee-rails/Makefile
head/devel/rubygem-coffee-script-source/Makefile
head/devel/rubygem-coffee-script-source/distinfo
head/devel/rubygem-coffee-script/Makefile
head/devel/rubygem-i18n/Makefile
head/devel/rubygem-i18n/distinfo
head/devel/rubygem-json/Makefile
head/devel/rubygem-json/distinfo
head/devel/rubygem-multi_json/Makefile
head/devel/rubygem-multi_json/distinfo
head/devel/rubygem-rake/Makefile
head/devel/rubygem-rake/distinfo
head/devel/rubygem-sprockets/Makefile
head/devel/rubygem-sprockets/distinfo
head/devel/rubygem-treetop/Makefile
head/devel/rubygem-treetop/distinfo
head/devel/rubygem-tzinfo/Makefile
head/devel/rubygem-tzinfo/distinfo
head/mail/rubygem-actionmailer/Makefile
head/mail/rubygem-actionmailer/distinfo
head/security/vuxml/vuln.xml
head/textproc/rubygem-sass-rails/Makefile
head/textproc/rubygem-sass/Makefile
head/textproc/rubygem-sass/distinfo
head/www/rubygem-actionpack/Makefile
head/www/rubygem-actionpack/distinfo
head/www/rubygem-activeresource/Makefile
head/www/rubygem-activeresource/distinfo
head/www/rubygem-jquery-rails/Makefile
head/www/rubygem-jquery-rails/distinfo
head/www/rubygem-rack-test/Makefile
head/www/rubygem-rack-test/distinfo
head/www/rubygem-rack/Makefile
head/www/rubygem-rack/distinfo
head/www/rubygem-rails/Makefile
head/www/rubygem-rails/distinfo
head/www/rubygem-railties/Makefile
head/www/rubygem-railties/distinfo
head/www/rubygem-uglifier/Makefile
head/www/rubygem-uglifier/distinfo
Modified: head/databases/rubygem-activemodel/Makefile
==============================================================================
--- head/databases/rubygem-activemodel/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/databases/rubygem-activemodel/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= activemodel
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= databases rubygems
MASTER_SITES= RG
Modified: head/databases/rubygem-activemodel/distinfo
==============================================================================
--- head/databases/rubygem-activemodel/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/databases/rubygem-activemodel/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/activemodel-3.2.8.gem) = 1b923af58a49050026148d3707d2f291f251e3788594e0f666e60d9052a4a527
-SIZE (rubygem/activemodel-3.2.8.gem) = 45056
+SHA256 (rubygem/activemodel-3.2.11.gem) = ce22a1190d2499317264d19b11712d648fa71b058a3fcc55cb5799b33938ae60
+SIZE (rubygem/activemodel-3.2.11.gem) = 44544
Modified: head/databases/rubygem-activerecord/Makefile
==============================================================================
--- head/databases/rubygem-activerecord/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/databases/rubygem-activerecord/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= activerecord
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= databases rubygems
MASTER_SITES= RG
Modified: head/databases/rubygem-activerecord/distinfo
==============================================================================
--- head/databases/rubygem-activerecord/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/databases/rubygem-activerecord/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/activerecord-3.2.8.gem) = 5cf7c68f8921708c84df3035c4274b6cc2a25510b52ef5a4037581fdeff30deb
-SIZE (rubygem/activerecord-3.2.8.gem) = 390144
+SHA256 (rubygem/activerecord-3.2.11.gem) = 9c0ec9eadf522918ad6709eedbc89c15ea6cce8186ac9dd13dd2340e89093011
+SIZE (rubygem/activerecord-3.2.11.gem) = 290816
Modified: head/devel/rubygem-activesupport/Makefile
==============================================================================
--- head/devel/rubygem-activesupport/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-activesupport/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= activesupport
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-activesupport/distinfo
==============================================================================
--- head/devel/rubygem-activesupport/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-activesupport/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/activesupport-3.2.8.gem) = 708b2067c4a50a1118fcae61e008741fcd37d0d9faadab433f8760ee67524aef
-SIZE (rubygem/activesupport-3.2.8.gem) = 314880
+SHA256 (rubygem/activesupport-3.2.11.gem) = 3ae175b724405597b3055cab020a52d3e8c2877734bfee10aa0ea210f82ed1b7
+SIZE (rubygem/activesupport-3.2.11.gem) = 287744
Modified: head/devel/rubygem-builder/Makefile
==============================================================================
--- head/devel/rubygem-builder/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-builder/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -7,7 +7,7 @@
#
PORTNAME= builder
-PORTVERSION= 3.0.0
+PORTVERSION= 3.0.4
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-builder/distinfo
==============================================================================
--- head/devel/rubygem-builder/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-builder/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/builder-3.0.0.gem) = fbd3e15e5de02245f7d649b3415b2c2875cdc9a14dccde89aa30fc14a314618e
-SIZE (rubygem/builder-3.0.0.gem) = 609280
+SHA256 (rubygem/builder-3.0.4.gem) = a1a31cc496700003b6809f09fc2fda5d22532a1551eed48ee402ed44040cc442
+SIZE (rubygem/builder-3.0.4.gem) = 26112
Modified: head/devel/rubygem-coffee-rails/Makefile
==============================================================================
--- head/devel/rubygem-coffee-rails/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-coffee-rails/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -7,6 +7,7 @@
PORTNAME= coffee-rails
PORTVERSION= 3.2.2
+PORTREVISION= 1
CATEGORIES= devel rubygems
MASTER_SITES= RG
@@ -14,7 +15,7 @@ MAINTAINER= ruby at FreeBSD.org
COMMENT= Coffee Script adapter for the Rails asset pipeline
RUN_DEPENDS= rubygem-coffee-script>=2.2.0:${PORTSDIR}/devel/rubygem-coffee-script \
- rubygem-railties>=3.2.0:${PORTSDIR}/www/rubygem-railties
+ rubygem-railties>=3.2.10:${PORTSDIR}/www/rubygem-railties
USE_RUBY= yes
USE_RUBYGEMS= yes
Modified: head/devel/rubygem-coffee-script-source/Makefile
==============================================================================
--- head/devel/rubygem-coffee-script-source/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-coffee-script-source/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= coffee-script-source
-PORTVERSION= 1.3.3
+PORTVERSION= 1.4.0
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-coffee-script-source/distinfo
==============================================================================
--- head/devel/rubygem-coffee-script-source/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-coffee-script-source/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/coffee-script-source-1.3.3.gem) = 10e748630a171def439f78a36e7f00c6454430e182118f3187212bee2d8ece98
-SIZE (rubygem/coffee-script-source-1.3.3.gem) = 45568
+SHA256 (rubygem/coffee-script-source-1.4.0.gem) = efbdb068f004d0401a6e3ac6757f922d4d9e4b038fdc1b11608d313350771874
+SIZE (rubygem/coffee-script-source-1.4.0.gem) = 45568
Modified: head/devel/rubygem-coffee-script/Makefile
==============================================================================
--- head/devel/rubygem-coffee-script/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-coffee-script/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -7,13 +7,14 @@
PORTNAME= coffee-script
PORTVERSION= 2.2.0
+PORTREVISION= 1
CATEGORIES= devel rubygems
MASTER_SITES= RG
MAINTAINER= ruby at FreeBSD.org
COMMENT= Ruby CoffeeScript is a bridge to the JS CoffeeScript compiler
-RUN_DEPENDS= rubygem-coffee-script-source>=0:${PORTSDIR}/devel/rubygem-coffee-script-source \
+RUN_DEPENDS= rubygem-coffee-script-source>=1.4.0:${PORTSDIR}/devel/rubygem-coffee-script-source \
rubygem-execjs>=0:${PORTSDIR}/devel/rubygem-execjs
USE_RUBY= yes
Modified: head/devel/rubygem-i18n/Makefile
==============================================================================
--- head/devel/rubygem-i18n/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-i18n/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= i18n
-PORTVERSION= 0.6.0
+PORTVERSION= 0.6.1
PORTEPOCH= 2
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-i18n/distinfo
==============================================================================
--- head/devel/rubygem-i18n/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-i18n/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/i18n-0.6.0.gem) = 400e7bf941f445176aac95ed22eea6fa4a74670543d1795e026473012b74f5dd
-SIZE (rubygem/i18n-0.6.0.gem) = 60928
+SHA256 (rubygem/i18n-0.6.1.gem) = d4ad6826f785a07b343f003886fc297fcacb3a84234dd3b16b6406bac3857474
+SIZE (rubygem/i18n-0.6.1.gem) = 61440
Modified: head/devel/rubygem-json/Makefile
==============================================================================
--- head/devel/rubygem-json/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-json/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= json
-PORTVERSION= 1.7.5
+PORTVERSION= 1.7.6
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-json/distinfo
==============================================================================
--- head/devel/rubygem-json/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-json/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/json-1.7.5.gem) = e064596aed55983ece9b4864a347ace1b2f0d3541292c5bf4be955994f8d8e7c
-SIZE (rubygem/json-1.7.5.gem) = 145920
+SHA256 (rubygem/json-1.7.6.gem) = 4aa06575429fd28919d137dccb8b3c11bd0518466d94dc185fffc8fa3f6bb008
+SIZE (rubygem/json-1.7.6.gem) = 146432
Modified: head/devel/rubygem-multi_json/Makefile
==============================================================================
--- head/devel/rubygem-multi_json/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-multi_json/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= multi_json
-PORTVERSION= 1.3.6
+PORTVERSION= 1.5.0
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-multi_json/distinfo
==============================================================================
--- head/devel/rubygem-multi_json/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-multi_json/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/multi_json-1.3.6.gem) = d987e42b2d8117c46fd9dc3b1e29e681b94356b8c27d9b5ed26d45d1b6935f60
-SIZE (rubygem/multi_json-1.3.6.gem) = 15872
+SHA256 (rubygem/multi_json-1.5.0.gem) = e94cf8a6db88eb35657b20f5a17631fcc7e46a867f798fce7ef09944442d673a
+SIZE (rubygem/multi_json-1.5.0.gem) = 15872
Modified: head/devel/rubygem-rake/Makefile
==============================================================================
--- head/devel/rubygem-rake/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-rake/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= rake
-PORTVERSION= 0.9.2.2
+PORTVERSION= 10.0.3
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-rake/distinfo
==============================================================================
--- head/devel/rubygem-rake/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-rake/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/rake-0.9.2.2.gem) = d83ceb634b73530b3e56dbc3cf2c143cddb4317fd3142855f298adffcac5c4a6
-SIZE (rubygem/rake-0.9.2.2.gem) = 111616
+SHA256 (rubygem/rake-10.0.3.gem) = ee2ed7d45f6390ac9cba94e101e7b7ba198a0f1b54aaf33708793648fd707b27
+SIZE (rubygem/rake-10.0.3.gem) = 119808
Modified: head/devel/rubygem-sprockets/Makefile
==============================================================================
--- head/devel/rubygem-sprockets/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-sprockets/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= sprockets
-PORTVERSION= 2.1.3
+PORTVERSION= 2.2.2
CATEGORIES= devel rubygems
MASTER_SITES= RG
@@ -17,10 +17,13 @@ LICENSE= MIT
RUN_DEPENDS= rubygem-tilt>=1.1:${PORTSDIR}/devel/rubygem-tilt \
rubygem-hike>=1.2:${PORTSDIR}/devel/rubygem-hike \
+ rubygem-multi_json>=1.5.0:${PORTSDIR}/devel/rubygem-multi_json \
rubygem-rack>=1.0:${PORTSDIR}/www/rubygem-rack
USE_RUBY= yes
USE_RUBYGEMS= yes
RUBYGEM_AUTOPLIST= yes
+PLIST_FILES= bin/sprockets
+
.include <bsd.port.mk>
Modified: head/devel/rubygem-sprockets/distinfo
==============================================================================
--- head/devel/rubygem-sprockets/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-sprockets/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/sprockets-2.1.3.gem) = f0efa11714f579ddfad887ed4f5cca8838e8cafe94d7d037d8882e35f5c50617
-SIZE (rubygem/sprockets-2.1.3.gem) = 32768
+SHA256 (rubygem/sprockets-2.2.2.gem) = fae893b7e86e83c1936f6f2a64db3550510f86eabdd5fa9f0f23fb25d7e0cf96
+SIZE (rubygem/sprockets-2.2.2.gem) = 36352
Modified: head/devel/rubygem-treetop/Makefile
==============================================================================
--- head/devel/rubygem-treetop/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-treetop/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= treetop
-PORTVERSION= 1.4.10
+PORTVERSION= 1.4.12
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-treetop/distinfo
==============================================================================
--- head/devel/rubygem-treetop/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-treetop/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/treetop-1.4.10.gem) = e2aab49f88afd4bee4dee20ea3c0227dcc0c5159e0aed3e76a105e53dde1c405
-SIZE (rubygem/treetop-1.4.10.gem) = 181760
+SHA256 (rubygem/treetop-1.4.12.gem) = 88f5e7cd9ef77ae2d1eca62f87640e74865d4c9242837e41d563247b0c968eca
+SIZE (rubygem/treetop-1.4.12.gem) = 182784
Modified: head/devel/rubygem-tzinfo/Makefile
==============================================================================
--- head/devel/rubygem-tzinfo/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-tzinfo/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= tzinfo
-PORTVERSION= 0.3.33
+PORTVERSION= 0.3.35
CATEGORIES= devel rubygems
MASTER_SITES= RG
Modified: head/devel/rubygem-tzinfo/distinfo
==============================================================================
--- head/devel/rubygem-tzinfo/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/devel/rubygem-tzinfo/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/tzinfo-0.3.33.gem) = 376cfdc347e0776348e20743e13edeaadeb908f737bce0aa328fb2aa445dee2d
-SIZE (rubygem/tzinfo-0.3.33.gem) = 310272
+SHA256 (rubygem/tzinfo-0.3.35.gem) = b72ee96326a85fd2d8ccef97d94d10d15e46194aae2fca28ecef768665b3a2b0
+SIZE (rubygem/tzinfo-0.3.35.gem) = 311808
Modified: head/mail/rubygem-actionmailer/Makefile
==============================================================================
--- head/mail/rubygem-actionmailer/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/mail/rubygem-actionmailer/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= actionmailer
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= mail rubygems
MASTER_SITES= RG
Modified: head/mail/rubygem-actionmailer/distinfo
==============================================================================
--- head/mail/rubygem-actionmailer/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/mail/rubygem-actionmailer/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/actionmailer-3.2.8.gem) = e11fc08905b7f65137db2b1d97fe75d1920e516e442b1b32ffa863293b85bf51
-SIZE (rubygem/actionmailer-3.2.8.gem) = 27136
+SHA256 (rubygem/actionmailer-3.2.11.gem) = d662519c476570cd2d6c2410348c5e55980e4b210829db33c59896ef6698488a
+SIZE (rubygem/actionmailer-3.2.11.gem) = 22016
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Jan 9 03:48:37 2013 (r310120)
+++ head/security/vuxml/vuln.xml Wed Jan 9 03:53:15 2013 (r310121)
@@ -51,6 +51,97 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="ca5d3272-59e3-11e2-853b-00262d5ed8ee">
+ <topic>rubygem-rails -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>rubygem-rails</name>
+ <range><lt>3.2.11</lt></range>
+ </package>
+ <package>
+ <name>rubygem-actionpack</name>
+ <range><lt>3.2.11</lt></range>
+ </package>
+ <package>
+ <name>rubygem-activerecord</name>
+ <range><lt>3.2.11</lt></range>
+ </package>
+ <package>
+ <name>rubygem-activesupport</name>
+ <range><lt>3.2.11</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Ruby on Rails team reports:</p>
+ <blockquote cite="http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/">
+ <p>Two high-risk vulnerabilities have been discovered:</p>
+ <p>(CVE-2013-0155) There is a vulnerability when Active Record is
+ used in conjunction with JSON parameter parsing.</p>
+ <p>Due to the way Active Record interprets parameters in combination
+ with the way that JSON parameters are parsed, it is possible for an
+ attacker to issue unexpected database queries with "IS NULL" or
+ empty "WHERE" clauses. This issue does not let an attacker insert
+ arbitrary values into an SQL query, however they can cause the
+ query to check for NULL or eliminate a WHERE clause when most users
+ would not expect it.</p>
+ <p>(CVE-2013-0156) There are multiple weaknesses in the parameter
+ parsing code for Ruby on Rails which allows attackers to bypass
+ authentication systems, inject arbitrary SQL, inject and execute
+ arbitrary code, or perform a DoS attack on a Rails application.</p>
+ <p>The parameter parsing code of Ruby on Rails allows applications to
+ automatically cast values from strings to certain data types.
+ Unfortunately the type casting code supported certain conversions
+ which were not suitable for performing on user-provided data
+ including creating Symbols and parsing YAML. These unsuitable
+ conversions can be used by an attacker to compromise a Rails
+ application.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-0155</cvename>
+ <cvename>CVE-2013-0156</cvename>
+ <url>http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/</url>
+ <url>https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/t1WFuuQyavI</url>
+ <url>https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/61bkgvnSGTQ</url>
+ </references>
+ <dates>
+ <discovery>2013-01-08</discovery>
+ <entry>2013-01-08</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="b4051b52-58fa-11e2-853b-00262d5ed8ee">
+ <topic>rubygem-rails -- SQL injection vulnerability</topic>
+ <affects>
+ <package>
+ <name>rubygem-rails</name>
+ <range><lt>3.2.10</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Ruby on Rails team reports:</p>
+ <blockquote cite="https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM">
+ <p>There is a SQL injection vulnerability in Active Record in ALL
+ versions. Due to the way dynamic finders in Active Record extract
+ options from method parameters, a method parameter can mistakenly
+ be used as a scope. Carefully crafted requests can use the scope
+ to inject arbitrary SQL.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-5664</cvename>
+ <url>https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM</url>
+ </references>
+ <dates>
+ <discovery>2013-01-02</discovery>
+ <entry>2013-01-07</entry>
+ </dates>
+ </vuln>
+
<vuln vid="3a65d33b-5950-11e2-b66b-00e0814cab4e">
<topic>jenkins -- HTTP access to the server to retrieve the master cryptographic key</topic>
<affects>
Modified: head/textproc/rubygem-sass-rails/Makefile
==============================================================================
--- head/textproc/rubygem-sass-rails/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/textproc/rubygem-sass-rails/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -13,8 +13,8 @@ MASTER_SITES= RG
MAINTAINER= ruby at FreeBSD.org
COMMENT= Sass adapter for the Rails asset pipeline
-RUN_DEPENDS= rubygem-sass>=3.1.10:${PORTSDIR}/textproc/rubygem-sass \
- rubygem-railties>=3.2.0.:${PORTSDIR}/www/rubygem-railties
+RUN_DEPENDS= rubygem-sass>=3.2.5:${PORTSDIR}/textproc/rubygem-sass \
+ rubygem-railties>=3.2.10:${PORTSDIR}/www/rubygem-railties
USE_RUBY= yes
USE_RUBYGEMS= yes
Modified: head/textproc/rubygem-sass/Makefile
==============================================================================
--- head/textproc/rubygem-sass/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/textproc/rubygem-sass/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= sass
-PORTVERSION= 3.2.1
+PORTVERSION= 3.2.5
CATEGORIES= textproc ruby
MASTER_SITES= RG
Modified: head/textproc/rubygem-sass/distinfo
==============================================================================
--- head/textproc/rubygem-sass/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/textproc/rubygem-sass/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/sass-3.2.1.gem) = 9425675b5adb0086988143f44e760ac27e0793ae511282a13f1125a6a8fb03f9
-SIZE (rubygem/sass-3.2.1.gem) = 249856
+SHA256 (rubygem/sass-3.2.5.gem) = d3e8adc2f528d62e5c5b067b9792f4faa3a875fe484cef13a82d18de94bb47fb
+SIZE (rubygem/sass-3.2.5.gem) = 252416
Modified: head/www/rubygem-actionpack/Makefile
==============================================================================
--- head/www/rubygem-actionpack/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-actionpack/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= actionpack
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= www rubygems
MASTER_SITES= RG
@@ -20,7 +20,7 @@ RUN_DEPENDS= rubygem-activesupport>=${PO
rubygem-rack>=1.4.0:${PORTSDIR}/www/rubygem-rack \
rubygem-rack-cache>=1.2:${PORTSDIR}/www/rubygem-rack-cache \
rubygem-rack-test>=0.6.1:${PORTSDIR}/www/rubygem-rack-test \
- rubygem-sprockets>=2.1.3:${PORTSDIR}/devel/rubygem-sprockets
+ rubygem-sprockets>=2.2.2:${PORTSDIR}/devel/rubygem-sprockets
USE_RUBY= yes
USE_RUBYGEMS= yes
Modified: head/www/rubygem-actionpack/distinfo
==============================================================================
--- head/www/rubygem-actionpack/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-actionpack/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/actionpack-3.2.8.gem) = e21eef12e2aaf5df30bab49ab1efbddb992781411a0e6f0ac67fc697901e08fd
-SIZE (rubygem/actionpack-3.2.8.gem) = 379392
+SHA256 (rubygem/actionpack-3.2.11.gem) = 78d9fcf36e216fce51c6e6ea76b4cd794e7fd2ca2753adca9b2ed038fc02da46
+SIZE (rubygem/actionpack-3.2.11.gem) = 287232
Modified: head/www/rubygem-activeresource/Makefile
==============================================================================
--- head/www/rubygem-activeresource/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-activeresource/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= activeresource
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= www rubygems
MASTER_SITES= RG
Modified: head/www/rubygem-activeresource/distinfo
==============================================================================
--- head/www/rubygem-activeresource/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-activeresource/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/activeresource-3.2.8.gem) = c2a056f792864190c03d5fa5e0dec2d7926d4f0c5c6331084031de592ccf435a
-SIZE (rubygem/activeresource-3.2.8.gem) = 36864
+SHA256 (rubygem/activeresource-3.2.11.gem) = 909035667a7fbda197c9779a92693b6ed8a51b6a11b324ea45c0aa840a755d5e
+SIZE (rubygem/activeresource-3.2.11.gem) = 37888
Modified: head/www/rubygem-jquery-rails/Makefile
==============================================================================
--- head/www/rubygem-jquery-rails/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-jquery-rails/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,15 +5,15 @@
# $FreeBSD$
PORTNAME= jquery-rails
-PORTVERSION= 2.1.1
+PORTVERSION= 2.1.4
CATEGORIES= www rubygems
MASTER_SITES= RG
MAINTAINER= ruby at FreeBSD.org
COMMENT= Provides a rails generator for jquery
-RUN_DEPENDS+= rubygem-railties>=3.2.0:${PORTSDIR}/www/rubygem-railties \
- rubygem-thor>=0.14:${PORTSDIR}/devel/rubygem-thor
+RUN_DEPENDS+= rubygem-railties>=3.2.10:${PORTSDIR}/www/rubygem-railties \
+ rubygem-thor>=0.16:${PORTSDIR}/devel/rubygem-thor
USE_RUBY= yes
USE_RUBYGEMS= yes
Modified: head/www/rubygem-jquery-rails/distinfo
==============================================================================
--- head/www/rubygem-jquery-rails/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-jquery-rails/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/jquery-rails-2.1.1.gem) = fbb01addcf503d53657527ab5dcffa82c4940d66b0ea9033bc77a0fafa65c5fa
-SIZE (rubygem/jquery-rails-2.1.1.gem) = 265728
+SHA256 (rubygem/jquery-rails-2.1.4.gem) = 03acc05e3513144c3eab7561d115507768b194ad2edd9806f9138ff0621a1f70
+SIZE (rubygem/jquery-rails-2.1.4.gem) = 301568
Modified: head/www/rubygem-rack-test/Makefile
==============================================================================
--- head/www/rubygem-rack-test/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rack-test/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= rack-test
-PORTVERSION= 0.6.1
+PORTVERSION= 0.6.2
CATEGORIES= www rubygems
MASTER_SITES= RG
Modified: head/www/rubygem-rack-test/distinfo
==============================================================================
--- head/www/rubygem-rack-test/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rack-test/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/rack-test-0.6.1.gem) = 40731078f570c61d5fc5a57ddc3526ac08f083a0601e99ffd7672d281dc20543
-SIZE (rubygem/rack-test-0.6.1.gem) = 21504
+SHA256 (rubygem/rack-test-0.6.2.gem) = 7e920b6aac888e4a3846e5997fb1cbf456bdb5846322b58dc31697a54a38b306
+SIZE (rubygem/rack-test-0.6.2.gem) = 22528
Modified: head/www/rubygem-rack/Makefile
==============================================================================
--- head/www/rubygem-rack/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rack/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -13,7 +13,7 @@
# www/rubygem-innate
PORTNAME= rack
-PORTVERSION= 1.4.1
+PORTVERSION= 1.4.3
PORTEPOCH= 3
CATEGORIES= www rubygems
MASTER_SITES= RG
Modified: head/www/rubygem-rack/distinfo
==============================================================================
--- head/www/rubygem-rack/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rack/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/rack-1.4.1.gem) = 2005d0cee536e76b5d0dc853778e3f7840e98c38380265d6d2c45e44dee7a3b3
-SIZE (rubygem/rack-1.4.1.gem) = 167936
+SHA256 (rubygem/rack-1.4.3.gem) = e16392baa87833c0eb51afcec13f96a521339af183032fa211b6d31e57f320df
+SIZE (rubygem/rack-1.4.3.gem) = 202240
Modified: head/www/rubygem-rails/Makefile
==============================================================================
--- head/www/rubygem-rails/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rails/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= rails
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= www rubygems
MASTER_SITES= RG
@@ -18,15 +18,20 @@ RUN_DEPENDS= rubygem-activesupport>=${PO
rubygem-actionmailer>=${PORTVERSION}:${PORTSDIR}/mail/rubygem-actionmailer \
rubygem-activeresource>=${PORTVERSION}:${PORTSDIR}/www/rubygem-activeresource \
rubygem-railties>=${PORTVERSION}:${PORTSDIR}/www/rubygem-railties \
- rubygem-rake>=0.8.7:${PORTSDIR}/devel/rubygem-rake \
- rubygem-sass-rails>=1.0.18:${PORTSDIR}/textproc/rubygem-sass-rails \
- rubygem-coffee-rails>=3.1.1:${PORTSDIR}/devel/rubygem-coffee-rails \
- rubygem-jquery-rails>=1.0.18:${PORTSDIR}/www/rubygem-jquery-rails \
- rubygem-sqlite3>=1.3.4:${PORTSDIR}/databases/rubygem-sqlite3 \
- rubygem-uglifier>=1.1.0:${PORTSDIR}/www/rubygem-uglifier \
- rubygem-bundler>=1.0:${PORTSDIR}/sysutils/rubygem-bundler \
- rubygem-treetop>=1.4.10:${PORTSDIR}/devel/rubygem-treetop \
- rubygem-json>=1.6.1:${PORTSDIR}/devel/rubygem-json \
+ rubygem-rake>=10.0.3:${PORTSDIR}/devel/rubygem-rake \
+ rubygem-sass-rails>=3.2.5:${PORTSDIR}/textproc/rubygem-sass-rails \
+ rubygem-coffee-rails>=3.2.2:${PORTSDIR}/devel/rubygem-coffee-rails \
+ rubygem-jquery-rails>=2.1.4:${PORTSDIR}/www/rubygem-jquery-rails \
+ rubygem-sqlite3>=1.3.6:${PORTSDIR}/databases/rubygem-sqlite3 \
+ rubygem-uglifier>=1.3.0:${PORTSDIR}/www/rubygem-uglifier \
+ rubygem-bundler>=1.1.5:${PORTSDIR}/sysutils/rubygem-bundler \
+ rubygem-treetop>=1.4.12:${PORTSDIR}/devel/rubygem-treetop \
+ rubygem-json>=1.7.6:${PORTSDIR}/devel/rubygem-json \
+ rubygem-tzinfo>=0.3.35:${PORTSDIR}/devel/rubygem-tzinfo \
+ rubygem-builder>=3.0.4:${PORTSDIR}/devel/rubygem-builder \
+ rubygem-i18n>=0.6.1:${PORTSDIR}/devel/rubygem-i18n \
+ rubygem-rack>=1.4.3:${PORTSDIR}/www/rubygem-rack \
+ rubygem-rack-test>=0.6.1:${PORTSDIR}/www/rubygem-rack-test \
node:${PORTSDIR}/www/node
# XXX: rails3 gem no longer has a lib/ dir
Modified: head/www/rubygem-rails/distinfo
==============================================================================
--- head/www/rubygem-rails/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-rails/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/rails-3.2.8.gem) = f671d492f91e52e203c99cd989682df89993abaca8b4861732afe1413ead7fcc
-SIZE (rubygem/rails-3.2.8.gem) = 3584
+SHA256 (rubygem/rails-3.2.11.gem) = f5e02999889aa39af2c7d2c882d9e3b5c71e8adfc98236a69dadacdfbce5603e
+SIZE (rubygem/rails-3.2.11.gem) = 4608
Modified: head/www/rubygem-railties/Makefile
==============================================================================
--- head/www/rubygem-railties/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-railties/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= railties
-PORTVERSION= 3.2.8
+PORTVERSION= 3.2.11
CATEGORIES= www rubygems
MASTER_SITES= RG
Modified: head/www/rubygem-railties/distinfo
==============================================================================
--- head/www/rubygem-railties/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-railties/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/railties-3.2.8.gem) = a4d3d7cea3490bf352f51cc6897e4ea62c9ee12a75671cfff55cc6f3450a5bff
-SIZE (rubygem/railties-3.2.8.gem) = 1630208
+SHA256 (rubygem/railties-3.2.11.gem) = bc250077581de169e067db1e2aeb528f09dccfa2520f707b1970b2a9a551563e
+SIZE (rubygem/railties-3.2.11.gem) = 1591296
Modified: head/www/rubygem-uglifier/Makefile
==============================================================================
--- head/www/rubygem-uglifier/Makefile Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-uglifier/Makefile Wed Jan 9 03:53:15 2013 (r310121)
@@ -6,7 +6,7 @@
#
PORTNAME= uglifier
-PORTVERSION= 1.2.7
+PORTVERSION= 1.3.0
CATEGORIES= www rubygems
MASTER_SITES= RG
Modified: head/www/rubygem-uglifier/distinfo
==============================================================================
--- head/www/rubygem-uglifier/distinfo Wed Jan 9 03:48:37 2013 (r310120)
+++ head/www/rubygem-uglifier/distinfo Wed Jan 9 03:53:15 2013 (r310121)
@@ -1,2 +1,2 @@
-SHA256 (rubygem/uglifier-1.2.7.gem) = 418d4b1fd1520626c63c06b3a236e573246da3238f4372e919f062dcba527e27
-SIZE (rubygem/uglifier-1.2.7.gem) = 53760
+SHA256 (rubygem/uglifier-1.3.0.gem) = 3aa1abee2096968e8b498f30839232a8147e297f03da8e5416c947a018c855c0
+SIZE (rubygem/uglifier-1.3.0.gem) = 54272
More information about the svn-ports-all
mailing list