commit rubygem-activesupport-7.0 for openSUSE:Factory

Source-Sync Tue, 21 Mar 2023 09:42:00 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package rubygem-activesupport-7.0 for 
openSUSE:Factory checked in at 2023-03-21 17:41:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-activesupport-7.0 (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-activesupport-7.0.new.31432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "rubygem-activesupport-7.0"

Tue Mar 21 17:41:50 2023 rev:8 rq:1073255 version:7.0.4.3

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/rubygem-activesupport-7.0/rubygem-activesupport-7.0.changes
      2023-03-08 14:52:23.742618252 +0100
+++ 
/work/SRC/openSUSE:Factory/.rubygem-activesupport-7.0.new.31432/rubygem-activesupport-7.0.changes
   2023-03-21 17:41:51.657925804 +0100
@@ -1,0 +2,7 @@
+Mon Mar 20 12:52:45 UTC 2023 - [email protected]
+
+- version update to 7.0.4.3
+  * Implement SafeBuffer#bytesplice
+    [CVE-2023-28120][bsc#1209506]
+
+-------------------------------------------------------------------

Old:
----
  activesupport-7.0.4.1.gem

New:
----
  activesupport-7.0.4.3.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-activesupport-7.0.spec ++++++
--- /var/tmp/diff_new_pack.oPqFze/_old  2023-03-21 17:41:52.153928176 +0100
+++ /var/tmp/diff_new_pack.oPqFze/_new  2023-03-21 17:41:52.161928215 +0100
@@ -24,7 +24,7 @@
 #
 
 Name:           rubygem-activesupport-7.0
-Version:        7.0.4.1
+Version:        7.0.4.3
 Release:        0
 %define mod_name activesupport
 %define mod_full_name %{mod_name}-%{version}

++++++ activesupport-7.0.4.1.gem -> activesupport-7.0.4.3.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md    2023-01-17 19:54:53.000000000 +0100
+++ new/CHANGELOG.md    2023-03-13 19:52:45.000000000 +0100
@@ -1,3 +1,15 @@
+## Rails 7.0.4.3 (March 13, 2023) ##
+
+*   Implement SafeBuffer#bytesplice
+
+    [CVE-2023-28120]
+
+
+## Rails 7.0.4.2 (January 24, 2023) ##
+
+*   No changes.
+
+
 ## Rails 7.0.4.1 (January 17, 2023) ##
 
 *   Avoid regex backtracking in Inflector.underscore
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/active_support/core_ext/string/output_safety.rb 
new/lib/active_support/core_ext/string/output_safety.rb
--- old/lib/active_support/core_ext/string/output_safety.rb     2023-01-17 
19:54:53.000000000 +0100
+++ new/lib/active_support/core_ext/string/output_safety.rb     2023-03-13 
19:52:45.000000000 +0100
@@ -219,6 +219,10 @@
     end
     alias << concat
 
+    def bytesplice(*args, value)
+      super(*args, implicit_html_escape_interpolated_argument(value))
+    end
+
     def insert(index, value)
       super(index, implicit_html_escape_interpolated_argument(value))
     end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/active_support/gem_version.rb 
new/lib/active_support/gem_version.rb
--- old/lib/active_support/gem_version.rb       2023-01-17 19:54:53.000000000 
+0100
+++ new/lib/active_support/gem_version.rb       2023-03-13 19:52:45.000000000 
+0100
@@ -10,7 +10,7 @@
     MAJOR = 7
     MINOR = 0
     TINY  = 4
-    PRE   = "1"
+    PRE   = "3"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2023-01-17 19:54:53.000000000 +0100
+++ new/metadata        2023-03-13 19:52:45.000000000 +0100
@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activesupport
 version: !ruby/object:Gem::Version
-  version: 7.0.4.1
+  version: 7.0.4.3
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-01-17 00:00:00.000000000 Z
+date: 2023-03-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -359,10 +359,10 @@
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: 
https://github.com/rails/rails/blob/v7.0.4.1/activesupport/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v7.0.4.1/
+  changelog_uri: 
https://github.com/rails/rails/blob/v7.0.4.3/activesupport/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v7.0.4.3/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v7.0.4.1/activesupport
+  source_code_uri: https://github.com/rails/rails/tree/v7.0.4.3/activesupport
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options:

commit rubygem-activesupport-7.0 for openSUSE:Factory

Reply via email to