The ports infrastructure places a strip executable in the path while building
that always returns true. This negatively affects Ruby's detection of valid
strip options. Patch configure to not accept -A -n flags to strip, so Ruby
will pick up -S -x flags instead.
OK rsadowski@
"probably the simplest way to fix it" sthen@
Fixes:
* CVE-2025-27219: Denial of Service in CGI::Cookie.parse
* CVE-2025-27220: ReDoS in CGI::Util#escapeElement
* CVE-2025-27221: userinfo leakage in URI#join, URI#merge and URI#+
OK sthen@
The pthread based implementation breaks way too often with (likely) GC memory
corruptions:
[BUG] object allocation during garbage collection phase
when building graphics/rmagick,ruby33.
Fixes the following CVEs for DoS vulnerabilities in REXML:
* CVE-2024-43398
* CVE-2024-41946
* CVE-2024-41123
Add post-install hook to remove bin/*.lock files, as they
shouldn't be in the package (not sure why this version
started to add them).
on OpenBSD. Change this to -mbranch-protection=standard such that both
BTI and PAC support are enabled. This makes BTI work so drop the
USE_NOBTCFI-aarch64=Yes bit from the Makefile.
ok jeremy@
* Regen patches
* Drop a distpatch added upstream
* Add a distpatch to fix an openssl extension test error
* Add a patch to fix a bunch of drb ssl test errors
* Add a patch to fix a rubygems test error due to changes in our port
* Add a patch to the leaked symbols test (not yet enabled in the port)
Backport an upstream fix for ILP32 architectures.
Switch check to test-all as the test target, as the previous check
target fails before the main test suite runs due to a symbol
visibility that doesn't handle retguard.
Upstream fix identified by tb@
i386 testing by tb@
OK tb@
This fixes SIGILL/ILL_BTCFI that started occurring after
recent changes (post 7.5), for the following example code:
mutex = Mutex.new
mutex.synchronize { Fiber.new { mutex.owned? }.resume
Issue reported by jcs@
Tested by jcs@
OK jcs@
It switches ruby to use MODULES+=lang/rust instead of BUILD_DEPENDS+=lang/rust.
It makes the ports to use _SYSTEM_VERSION-rust and be bumped automatically when
rust (compiler or stdlib) changes, and so get the package updated.
ok tb@ jeremy@
jeremy