https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253822
Bug ID: 253822
Summary: lang/jruby: Update to 9.2.15.0
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: [email protected]
Reporter: [email protected]
Flags: maintainer-feedback?([email protected])
Assignee: [email protected]
Created attachment 222797
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=222797&action=edit
Patch lang/jruby to 9.2.15.0
This includes fixes for various security issues, in particular:
* CVE-2011-4815 (predictable hashing DoS)
* CVE-2017-17742, CVE-2019-16254, CVE-2020-25613 (WeBrick request
smuggling/splitting)
* CVE-2017-18640 (SnakeYAML entity expansion DoS)
As well as fixes for File.stat/lstat on FreeBSD 12 and later, which previously
rendered JRuby unusable on these systems.
Port passes portlint and poudriere testport.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ruby
To unsubscribe, send any mail to "[email protected]"
