From nobody Fri Dec 01 17:36:14 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ShgG66nNYz52tHJ; Fri, 1 Dec 2023 17:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ShgG66Hrlz3cpv; Fri, 1 Dec 2023 17:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701452174; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aNPWWzIagu6pJEyS8cH1M18y0WI1JjPCuXYS4iWY/7c=; b=aAAR48kfCoyIDkYks54tjqv+bKmABoWHF6ToDpdR0mD451/grgZIBVcx/A3eHf09jZo3Wr rSaBCeAipSYgFJO8dEJjvqp4T0K2bSoGANMLD17KaR5maaZKvb0b+C0grtaEy46VPag6U4 4B9idv32v+oZ8OTY2NYiqHkHBFmj44cqVHyYtlkZpjdkLCbtGyYm8F7nXBSZXdNZyCoK3a spbeTjU+1PhRngmo+j4B8OF0I9b1BbagPJz6L6Peh4Zgz5zyMu05n/8jCkwv3KAT1XqU3S 9hG+4SmTPLxDv94SUjzsjeLxNNgZRs0PzRTHmIvwMh/ihPORQZC3dNK1MJhlUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701452174; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aNPWWzIagu6pJEyS8cH1M18y0WI1JjPCuXYS4iWY/7c=; b=qKK2yf8v3RXuFcwCAOQt19zdia/TYClR/jd6ZzF/Pr2UIhGigixtEUGIDAlxaXW1W/mEhV XB3oo0aYTTbV5W/uWc3su03Py1un3b3OnXYw6lCG4cau729P0xUCHiMVRfVcFSmf2csAiN sDtpOO07DLBOygTH6oIwct2NLKiQZ8XdPTnRbaxqtcSf3mSz1RwgOHwwX4LLTlhihIqRqR mb+0cBYPOQOeHpTCOZjXEmjSy9KR4oRG3Q4yN38ypYx/KqdmCIkwwobs8ziMf0Q/OlSzXN W1PUP/K6v6/UtrMA6ATmZEB/tMCnO2Cj+lMED498EaKg1w4IJnKV9ohN5GaGuw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701452174; a=rsa-sha256; cv=none; b=PAhJOtR/3bufZ3n2MW3fDqXvbWycYamIiM8ZetpuVyK2Yrn4a7tepwVd09ELdaWV5zfYgM rnkTIwk0Cibh9qg1JtPOHVZlVf6O4yjQi5tEO4QyAHvU9rx+i37jDbJ764WUMaYUgCxQS4 GmJRBRZAtBX5AFCL4p+8dH45v9qLcSQkX1sGOuEfkYMEbstZ23O+kScop009+kmfYVuurL wFQMmDHjwRar2kOrukjqJaZUHvDsAcBnIlGKkBDO5UjJXpbMtFiPa3DEfc02dYsL57l5a5 mGgsrrH5jSAaQC8iXPwQfP4h1rs9YZ3OH+4iokkK4FvjIu0u2s19fKMit3oUSw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ShgG65P8mzj9D; Fri, 1 Dec 2023 17:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3B1HaEIU063137; Fri, 1 Dec 2023 17:36:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3B1HaEZa063134; Fri, 1 Dec 2023 17:36:14 GMT (envelope-from git) Date: Fri, 1 Dec 2023 17:36:14 GMT Message-Id: <202312011736.3B1HaEZa063134@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Matthias Fechner Subject: git: fad100ba05ae - main - devel/rubygem-request_store: fix security problem List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mfechner X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: fad100ba05aed054078cff4ae12fc854c2a79fb4 Auto-Submitted: auto-generated The branch main has been updated by mfechner: URL: https://cgit.FreeBSD.org/ports/commit/?id=fad100ba05aed054078cff4ae12fc854c2a79fb4 commit fad100ba05aed054078cff4ae12fc854c2a79fb4 Author: Matthias Fechner AuthorDate: 2023-12-01 16:58:12 +0000 Commit: Matthias Fechner CommitDate: 2023-12-01 17:35:53 +0000 devel/rubygem-request_store: fix security problem The use rack version 1.6 has security problems. This gem supports any rack version newer than 1.4. --- devel/rubygem-request_store/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/devel/rubygem-request_store/Makefile b/devel/rubygem-request_store/Makefile index 949041a4839e..166251659d00 100644 --- a/devel/rubygem-request_store/Makefile +++ b/devel/rubygem-request_store/Makefile @@ -1,5 +1,6 @@ PORTNAME= request_store PORTVERSION= 1.5.1 +PORTREVISION= 1 CATEGORIES= devel rubygems MASTER_SITES= RG @@ -10,7 +11,7 @@ WWW= https://github.com/steveklabnik/request_store LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE.txt -RUN_DEPENDS= rubygem-rack16>=1.4:www/rubygem-rack16 +RUN_DEPENDS= rubygem-rack>=1.4:www/rubygem-rack USES= gem