| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
LibreSSL 3.5 and later provide and need to use
PEM_write_bio_PrivateKey_traditional()
upstream commit:
https://github.com/ruby/openssl/commit/e25fb0d0d86da5a9398ebdc9216b2ea89f80fa3d
https://github.com/ruby/openssl/commit/b02815271fcc295cb8b07ef740684b88a10f2760
Signed-off-by: ZiMing Mo <msylgj@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ruby 3.1.0 major changes:
- YJIT: New experimental in-process JIT compiler
- debug gem: A new debugger
- error_highlight: Fine-grained error location in backtrace
- IRB Autocomplete and Documentation Display
- Many more. See:
https://www.ruby-lang.org/en/news/2021/12/25/ruby-3-1-0-released/
Ruby 3.1.1 changes:
- Many non-security bug fixes. See:
https://www.ruby-lang.org/en/news/2022/02/18/ruby-3-1-1-released/
Ruby 3.1.2 changes:
- CVE-2022-28738: Double free in Regexp compilation
- CVE-2022-28739: Buffer overrun in String-to-Float conversion
Packaging changes:
- Dropped 100-musl.patch (upstream fix)
- Added: ruby-error_highlight, ruby-random_formatter,
ruby-ruby2_keywords
- Removed: ruby-dbm, ruby-gdbm, ruby-fiber, ruby-gdbm, ruby-tracer
- ruby_find_pkgsdeps script:
* cleaned some ignored and weak dependencies
- ruby_missingfiles script:
* fix the example cmdline
* let diff use all terminal columns
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release goal is performance, concurrency, and typing. See details
in https://www.ruby-lang.org/en/news/2020/12/25/ruby-3-0-0-released/
New subpackages (reflect of mostly complete upstream ruby gemification)
- ruby-abbrev (from ruby-misc)
- ruby-base64 (from ruby-misc)
- ruby-coverage (from ruby-misc)
- ruby-continuation (from ruby-misc)
- ruby-debug (from ruby-debuglib)
- ruby-english (from ruby-misc)
- ruby-expect (from ruby-misc)
- ruby-fiber (from ruby-misc)
- ruby-find (from ruby-filelib)
- ruby-io-nonblock (from ruby-multithread)
- ruby-io-wait (from ruby-multithread)
- ruby-monitor (from ruby-multithread)
- ruby-net-ftp (from ruby-net)
- ruby-net-http (from ruby-net)
- ruby-net-imap (from ruby-net)
- ruby-net-pop (from ruby-net)
- ruby-net-protocol (from ruby-net)
- ruby-objspace (from ruby-debuglib)
- ruby-open-uri (from ruby-net)
- ruby-pathname (from ruby-filelib)
- ruby-pp (from ruby-prettyprint)
- ruby-pty (from ruby-misc)
- ruby-rbs (NEW)
- ruby-resolv (from ruby-socket)
- ruby-resolv-replace (from ruby-socket)
- ruby-securerandom (from ruby-misc)
- ruby-set (from ruby-misc)
- ruby-shellwords (from ruby-misc)
- ruby-syslog (from ruby-logger)
- ruby-tempfile (from ruby-filelib)
- ruby-tmpdir (from ruby-filelib)
- ruby-tsort (from ruby-misc)
- ruby-typeprof (NEW)
- ruby-un (from ruby-mkmf)
- ruby-weakref (from ruby-misc)
Removed subpackages
- ruby-debuglib (split into ruby-debug,ruby-objspace)
- ruby-filelib (split into ruby-find,ruby-pathname,ruby-tempfile,ruby-tmpdir)
- ruby-misc (split into ruby-abbrev,ruby-base64,ruby-continuation,
ruby-coverage,ruby-english,ruby-expect,ruby-fiber,ruby-securerandom,
ruby-set,ruby-shellwords,ruby-tsort,ruby-weakref)
- ruby-multithread (split into ruby-io-nonblock,ruby-io-wait,ruby-monitor)
- ruby-net (split into ruby-net-ftp,ruby-net-http,ruby-net-imap,ruby-net-pop,
ruby-net-protocol,ruby-open-uri)
- ruby-net-telnet (removed upstream)
- ruby-sdbm (removed upstream)
- ruby-webrick (removed upstream)
- ruby-xmlrpc (removed upstream)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New subpackages (reflect of ongoing ruby gemification)
- ruby-benchmark (from ruby-debuglib)
- ruby-delegate (from ruby-misc)
- ruby-getoptlong (from ruby-misc)
- ruby-net-pop (from ruby-net)
- ruby-net-imap (from ruby-net)
- ruby-observer (from ruby-patterns, now gone)
- ruby-open3 (from ruby-misc)
- ruby-readline-ext (was ruby-readline, while ruby-readline now selects either
ruby-readline-ext or ruby-reline)
- ruby-reline (alternative to ruby-readline-ext as pure ruby)
- ruby-singleton (from ruby-patterns, now gone)
- ruby-timeout (from ruby-multithread)
Dropped subpackages:
- ruby-cmath (gone in 2.7.0)
- ruby-e2mmap (gone in 2.7.0)
- ruby-patterns (splitted into ruby-observer, ruby-singleton)
- ruby-scanf (gone in 2.7.0)
- ruby-shell (gone in 2.7.0)
- ruby-sync (gone in 2.7.0)
- ruby-thwait (gone in 2.7.0)
Ruby 2.7.0 also dropped profile.rb and profiler.rb (they were in ruby-debuglib)
Patches changes:
- Dropped patch 001_fix_isnan_isinf_finite_with_uclibc.patch (now in release)
- Added 100-musl.patch, fixing mainly coroutine implementation selection
Helper scripts changes:
- ruby_missingfiles: do not ignore ruby-dev files
- ruby_find_pkgsdeps: better detect circular dependencies
Ruby 2.7.1 fixes these security issues:
* CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
See: https://www.ruby-lang.org/en/news/2019/01/30/ruby-2-6-1-released/
See: https://www.ruby-lang.org/en/news/2018/12/25/ruby-2-6-0-released/
New packages mirroring upstream gemification of ruby:
* ruby-bundler (new)
* ruby-e2mmap and ruby-ostruct (from ruby-misc)
* ruby-forwardable (from ruby-patterns)
* ruby-matrix and ruby-prime (from removed ruby-math)
* ruby-mutex_m, ruby-sync and ruby-thwait (from ruby-multithread)
* ruby-tracer (from ruby-debuglib)
Added ruby-dev for building extension inside openwrt (requires cc)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
| |
Backporting upstream fix. Closes #8051.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
| |
This release includes some bug fixes and a security fix.
CVE-2017-17405: Command injection vulnerability in Net::FTP
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release contains some security fixes.
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
Multiple vulnerabilities in RubyGems
Update bundled libyaml to version 0.1.7.
And many other bugfix.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a stable feature release.
Notable changes:
- Introduce hash table improvement (by Vladimir Makarov)
- Binding#irb: Start a REPL session similar to binding.pry
- Unify Fixnum and Bignum into Integer
- String supports Unicode case mappings
- Performance improvements
- Thread#report_on_exception and Thread.report_on_exception changes
- Thread deadlock detection now shows threads with their backtrace and dependency
- Support OpenSSL 1.1.0 (drop support for 0.9.7 or prior)
- ext/tk is now removed from stdlib Feature #8539
- XMLRPC is now removed from stdlib Feature #12160
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
New feature release for ruby.More info:
https://www.ruby-lang.org/en/news/2015/12/25/ruby-2-3-0-released/
Patches changes:
(-) 001-rdoc-remove_gems_dep.patch was merged
(+) 001-acinclude.m4_rename_aclocal.m4.patch backported from upstream.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For ruby changes since 2.1.x:
https://github.com/ruby/ruby/blob/v2_2_0/NEWS
Relevant changes for OpenWRT:
* all patches for ruby-core where merged upstream and
they are not needed anymore (only rdoc patch remains)
- PR for the rdoc github project was added to the patch header
(https://github.com/rdoc/rdoc/pull/340)
* new package ruby-powerassert for introduced new bundled gem power_assert
* new package ruby-unicodenormalize for Unicode normalization files
* removed ruby-dl as DL was removed after being deprecated
* ruby-{minitest,testunit} where removed from ruby library. Now they
are bundled gems
* test and sample files where removed from gems in order to save resources
and reduce pkgs dependencies
* script ruby_find_pkgsdeps was updated to match upstream changes
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ext/digest/rmd160 was referencing a function that never existed in openssl.
The name was simply mistyped. Now it can use openssl.
openssl was always linked to ext/digest when library is avaiable,
even when it was disable by configure option and not used by code.
upstream refs: https://bugs.ruby-lang.org/issues/10252
upstream refs: https://bugs.ruby-lang.org/issues/10324
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
| |
minitest can live without gems. Just a minor fix to
solve a require that fails when gem is missing
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
|
|
rdoc seems to be written to run without gem. However,
some internal code still does not check for gems presence.
With a small patch, rdoc can run without gems.
Ref: https://bugs.ruby-lang.org/issues/10196
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|