Ruby 3.2.8

Jeremy Evans Wed, 26 Mar 2025 07:28:49 -0700

This updates to the latest release of Ruby 3.2.  Release notes at 
https://www.ruby-lang.org/en/news/2025/03/26/ruby-3-2-8-released/


Fixes 3 CVEs:

CVE-2025-27219: Denial of Service in CGI::Cookie.parse

CVE-2025-27220: ReDoS in CGI::Util#escapeElement

CVE-2025-27221: userinfo leakage in URI#join, URI#merge and URI#+

Tested on amd64.  Will be committing in a couple days (or sooner with an
OK).  If another developer can handle the -stable backport, I would
appreciate it.

Thanks,
Jeremy

Index: Makefile
===================================================================
RCS file: /cvs/ports/lang/ruby/3.2/Makefile,v
retrieving revision 1.14
diff -u -p -u -p -r1.14 Makefile
--- Makefile    7 Feb 2025 07:03:29 -0000       1.14
+++ Makefile    26 Mar 2025 14:20:02 -0000
@@ -1,4 +1,4 @@
-VERSION =              3.2.7
+VERSION =              3.2.8
 DISTNAME =             ruby-${VERSION}
 SHARED_LIBS =          ruby32  0.0
 NEXTVER =              3.3
Index: distinfo
===================================================================
RCS file: /cvs/ports/lang/ruby/3.2/distinfo,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 distinfo
--- distinfo    7 Feb 2025 07:03:29 -0000       1.8
+++ distinfo    26 Mar 2025 14:20:02 -0000
@@ -1,2 +1,2 @@
-SHA256 (ruby-3.2.7.tar.gz) = hIj6Yg/wMzwW1DfyuJC7o7Z/h0X97LFHJWimEUqtl0E=
-SIZE (ruby-3.2.7.tar.gz) = 20548416
+SHA256 (ruby-3.2.8.tar.gz) = d6zdjPu+H45XO15lNuA8UQPfmJ3AX6aMcPARgzw1YHU=
+SIZE (ruby-3.2.8.tar.gz) = 20549999
Index: pkg/PLIST-main
===================================================================
RCS file: /cvs/ports/lang/ruby/3.2/pkg/PLIST-main,v
retrieving revision 1.8
diff -u -p -u -p -r1.8 PLIST-main
--- pkg/PLIST-main      7 Feb 2025 07:03:29 -0000       1.8
+++ pkg/PLIST-main      26 Mar 2025 14:20:03 -0000
@@ -222,7 +222,7 @@ include/ruby-${REV}/ruby/util.h
 include/ruby-${REV}/ruby/version.h
 include/ruby-${REV}/ruby/vm.h
 include/ruby-${REV}/${SUB}/
-include/ruby-${REV}/${SUB}/rb_mjit_min_header-3.2.7.h
+include/ruby-${REV}/${SUB}/rb_mjit_min_header-3.2.8.h
 include/ruby-${REV}/${SUB}/ruby/
 include/ruby-${REV}/${SUB}/ruby/config.h
 @so lib/libruby32.so
@@ -1575,7 +1575,7 @@ lib/ruby/gems/${REV}/cache/debug-1.7.1.g
 lib/ruby/gems/${REV}/cache/matrix-0.4.2.gem
 lib/ruby/gems/${REV}/cache/minitest-5.25.1.gem
 lib/ruby/gems/${REV}/cache/net-ftp-0.2.1.gem
-lib/ruby/gems/${REV}/cache/net-imap-0.3.4.1.gem
+lib/ruby/gems/${REV}/cache/net-imap-0.3.8.gem
 lib/ruby/gems/${REV}/cache/net-pop-0.1.2.gem
 lib/ruby/gems/${REV}/cache/net-smtp-0.3.4.gem
 lib/ruby/gems/${REV}/cache/power_assert-2.0.3.gem
@@ -1606,7 +1606,7 @@ lib/ruby/gems/${REV}/gems/bundler-2.4.19
 lib/ruby/gems/${REV}/gems/bundler-2.4.19/libexec/
 lib/ruby/gems/${REV}/gems/bundler-2.4.19/libexec/bundle
 lib/ruby/gems/${REV}/gems/bundler-2.4.19/libexec/bundler
-lib/ruby/gems/${REV}/gems/cgi-0.3.6/
+lib/ruby/gems/${REV}/gems/cgi-0.3.7/
 lib/ruby/gems/${REV}/gems/csv-3.2.6/
 lib/ruby/gems/${REV}/gems/date-3.3.3/
 lib/ruby/gems/${REV}/gems/debug-1.7.1/
@@ -1724,44 +1724,44 @@ lib/ruby/gems/${REV}/gems/net-ftp-0.2.1/
 lib/ruby/gems/${REV}/gems/net-ftp-0.2.1/lib/net/
 lib/ruby/gems/${REV}/gems/net-ftp-0.2.1/lib/net/ftp.rb
 lib/ruby/gems/${REV}/gems/net-http-0.4.1/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/Gemfile
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/LICENSE.txt
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/README.md
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/Rakefile
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/benchmarks/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/benchmarks/stringprep.yml
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/benchmarks/table-regexps.yml
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/docs/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/docs/styles.css
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/cram_md5.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/digest_md5.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/login.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/plain.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/authenticators/xoauth2.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/command_data.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/data_encoding.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/errors.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/flags.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/response_data.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/response_parser.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl/saslprep.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl/saslprep_tables.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl/stringprep.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/lib/net/imap/sasl/stringprep_tables.rb
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/rakelib/
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/rakelib/rdoc.rake
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/rakelib/rfcs.rake
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/rakelib/saslprep.rake
-lib/ruby/gems/${REV}/gems/net-imap-0.3.4.1/rakelib/string_prep_tables_generator.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/Gemfile
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/LICENSE.txt
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/README.md
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/Rakefile
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/benchmarks/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/benchmarks/stringprep.yml
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/benchmarks/table-regexps.yml
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/docs/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/docs/styles.css
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/cram_md5.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/digest_md5.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/login.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/plain.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/authenticators/xoauth2.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/command_data.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/data_encoding.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/errors.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/flags.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/response_data.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/response_parser.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl/saslprep.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl/saslprep_tables.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl/stringprep.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/lib/net/imap/sasl/stringprep_tables.rb
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/rakelib/
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/rakelib/rdoc.rake
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/rakelib/rfcs.rake
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/rakelib/saslprep.rake
+lib/ruby/gems/${REV}/gems/net-imap-0.3.8/rakelib/string_prep_tables_generator.rb
 lib/ruby/gems/${REV}/gems/net-pop-0.1.2/
 lib/ruby/gems/${REV}/gems/net-pop-0.1.2/Gemfile
 lib/ruby/gems/${REV}/gems/net-pop-0.1.2/LICENSE.txt
@@ -2547,7 +2547,7 @@ lib/ruby/gems/${REV}/gems/set-1.0.3/
 lib/ruby/gems/${REV}/gems/shellwords-0.1.0/
 lib/ruby/gems/${REV}/gems/singleton-0.1.1/
 lib/ruby/gems/${REV}/gems/stringio-3.0.4/
-lib/ruby/gems/${REV}/gems/strscan-3.0.5/
+lib/ruby/gems/${REV}/gems/strscan-3.0.7/
 lib/ruby/gems/${REV}/gems/syntax_suggest-1.1.0/
 lib/ruby/gems/${REV}/gems/syntax_suggest-1.1.0/exe/
 lib/ruby/gems/${REV}/gems/syntax_suggest-1.1.0/exe/syntax_suggest
@@ -2668,7 +2668,7 @@ lib/ruby/gems/${REV}/gems/typeprof-0.21.
 lib/ruby/gems/${REV}/gems/typeprof-0.21.3/tools/setup-insns-def.rb
 lib/ruby/gems/${REV}/gems/typeprof-0.21.3/typeprof-lsp
 lib/ruby/gems/${REV}/gems/un-0.2.1/
-lib/ruby/gems/${REV}/gems/uri-0.12.3/
+lib/ruby/gems/${REV}/gems/uri-0.12.4/
 lib/ruby/gems/${REV}/gems/weakref-0.1.2/
 lib/ruby/gems/${REV}/gems/yaml-0.2.1/
 lib/ruby/gems/${REV}/gems/zlib-3.0.0/
@@ -2681,7 +2681,7 @@ lib/ruby/gems/${REV}/specifications/defa
 lib/ruby/gems/${REV}/specifications/default/benchmark-0.2.1.gemspec
 lib/ruby/gems/${REV}/specifications/default/bigdecimal-3.1.3.gemspec
 lib/ruby/gems/${REV}/specifications/default/bundler-2.4.19.gemspec
-lib/ruby/gems/${REV}/specifications/default/cgi-0.3.6.gemspec
+lib/ruby/gems/${REV}/specifications/default/cgi-0.3.7.gemspec
 lib/ruby/gems/${REV}/specifications/default/csv-3.2.6.gemspec
 lib/ruby/gems/${REV}/specifications/default/date-3.3.3.gemspec
 lib/ruby/gems/${REV}/specifications/default/delegate-0.3.0.gemspec
@@ -2734,7 +2734,7 @@ lib/ruby/gems/${REV}/specifications/defa
 lib/ruby/gems/${REV}/specifications/default/shellwords-0.1.0.gemspec
 lib/ruby/gems/${REV}/specifications/default/singleton-0.1.1.gemspec
 lib/ruby/gems/${REV}/specifications/default/stringio-3.0.4.gemspec
-lib/ruby/gems/${REV}/specifications/default/strscan-3.0.5.gemspec
+lib/ruby/gems/${REV}/specifications/default/strscan-3.0.7.gemspec
 lib/ruby/gems/${REV}/specifications/default/syntax_suggest-1.1.0.gemspec
 lib/ruby/gems/${REV}/specifications/default/syslog-0.1.1.gemspec
 lib/ruby/gems/${REV}/specifications/default/tempfile-0.1.3.gemspec
@@ -2743,14 +2743,14 @@ lib/ruby/gems/${REV}/specifications/defa
 lib/ruby/gems/${REV}/specifications/default/tmpdir-0.1.3.gemspec
 lib/ruby/gems/${REV}/specifications/default/tsort-0.1.1.gemspec
 lib/ruby/gems/${REV}/specifications/default/un-0.2.1.gemspec
-lib/ruby/gems/${REV}/specifications/default/uri-0.12.3.gemspec
+lib/ruby/gems/${REV}/specifications/default/uri-0.12.4.gemspec
 lib/ruby/gems/${REV}/specifications/default/weakref-0.1.2.gemspec
 lib/ruby/gems/${REV}/specifications/default/yaml-0.2.1.gemspec
 lib/ruby/gems/${REV}/specifications/default/zlib-3.0.0.gemspec
 lib/ruby/gems/${REV}/specifications/matrix-0.4.2.gemspec
 lib/ruby/gems/${REV}/specifications/minitest-5.25.1.gemspec
 lib/ruby/gems/${REV}/specifications/net-ftp-0.2.1.gemspec
-lib/ruby/gems/${REV}/specifications/net-imap-0.3.4.1.gemspec
+lib/ruby/gems/${REV}/specifications/net-imap-0.3.8.gemspec
 lib/ruby/gems/${REV}/specifications/net-pop-0.1.2.gemspec
 lib/ruby/gems/${REV}/specifications/net-smtp-0.3.4.gemspec
 lib/ruby/gems/${REV}/specifications/power_assert-2.0.3.gemspec

Ruby 3.2.8

Reply via email to