CVS commit: pkgsrc/archivers/ruby-zlib

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/archivers/ruby-zlib
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Sat, 7 Mar 2026 13:19:17 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Mar  7 13:19:17 UTC 2026

Added Files:
        pkgsrc/archivers/ruby-zlib: DESCR Makefile PLIST distinfo

Log Message:
archivers/ruby-zlib: add package version 3.2.3

This package is provided for fix security problem of zlib gem in Ruby.

3.3.2 (2026-03-05)

* CVE-2026-27820: Buffer overflow vulnerability in Zlib::GzipReader
  <https://www.ruby-lang.org/en/news/2026/03/05/buffer-overflow-zlib-cve-2026-27820/>

Zlib

This module provides access to the zlib library.  Zlib is designed to be a
portable, free, general-purpose, legally unencumbered -- that is, not
covered by any patents -- lossless data-compression library for use on
virtually any computer hardware and operating system.

The zlib compression library provides in-memory compression and
decompression functions, including integrity checks of the uncompressed
data.

The zlib compressed data format is described in RFC 1950, which is a wrapper
around a deflate stream which is described in RFC 1951.

The library also supports reading and writing files in gzip (.gz) format
with an interface similar to that of IO.  The gzip format is described in
RFC 1952 which is also a wrapper around a deflate stream.

The zlib format was designed to be compact and fast for use in memory and on
communications channels.  The gzip format was designed for single-file
compression on file systems, has a larger header than zlib to maintain
directory information, and uses a different, slower check method than zlib.


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.3 pkgsrc/archivers/ruby-zlib/DESCR
cvs rdiff -u -r0 -r1.7 pkgsrc/archivers/ruby-zlib/Makefile
cvs rdiff -u -r0 -r1.5 pkgsrc/archivers/ruby-zlib/PLIST
cvs rdiff -u -r0 -r1.6 pkgsrc/archivers/ruby-zlib/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Added files:

Index: pkgsrc/archivers/ruby-zlib/DESCR
diff -u /dev/null pkgsrc/archivers/ruby-zlib/DESCR:1.3
--- /dev/null   Sat Mar  7 13:19:17 2026
+++ pkgsrc/archivers/ruby-zlib/DESCR    Sat Mar  7 13:19:17 2026
@@ -0,0 +1,24 @@
+Zlib
+
+This module provides access to the zlib library.  Zlib is designed to be a
+portable, free, general-purpose, legally unencumbered -- that is, not
+covered by any patents -- lossless data-compression library for use on
+virtually any computer hardware and operating system.
+
+The zlib compression library provides in-memory compression and
+decompression functions, including integrity checks of the uncompressed
+data.
+
+The zlib compressed data format is described in RFC 1950, which is a wrapper
+around a deflate stream which is described in RFC 1951.
+
+The library also supports reading and writing files in gzip (.gz) format
+with an interface similar to that of IO.  The gzip format is described in
+RFC 1952 which is also a wrapper around a deflate stream.
+
+The zlib format was designed to be compact and fast for use in memory and on
+communications channels.  The gzip format was designed for single-file
+compression on file systems, has a larger header than zlib to maintain
+directory information, and uses a different, slower check method than zlib.
+
+This package is provided for fix security problem of zlib gem in Ruby.

Index: pkgsrc/archivers/ruby-zlib/Makefile
diff -u /dev/null pkgsrc/archivers/ruby-zlib/Makefile:1.7
--- /dev/null   Sat Mar  7 13:19:17 2026
+++ pkgsrc/archivers/ruby-zlib/Makefile Sat Mar  7 13:19:17 2026
@@ -0,0 +1,13 @@
+# $NetBSD: Makefile,v 1.7 2026/03/07 13:19:17 taca Exp $
+
+DISTNAME=      zlib-3.2.3
+CATEGORIES=    archivers
+
+MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=      https://github.com/ruby/zlib
+COMMENT=       Ruby interface for the zlib library
+LICENSE=       2-clause-bsd OR ruby-license
+
+.include "../../lang/ruby/gem.mk"
+.include "../../devel/zlib/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"

Index: pkgsrc/archivers/ruby-zlib/PLIST
diff -u /dev/null pkgsrc/archivers/ruby-zlib/PLIST:1.5
--- /dev/null   Sat Mar  7 13:19:17 2026
+++ pkgsrc/archivers/ruby-zlib/PLIST    Sat Mar  7 13:19:17 2026
@@ -0,0 +1,12 @@
+@comment $NetBSD: PLIST,v 1.5 2026/03/07 13:19:17 taca Exp $
+${GEM_HOME}/cache/${GEM_NAME}.gem
+${GEM_EXTSDIR}/gem.build_complete
+${GEM_EXTSDIR}/zlib.${RUBY_DLEXT}
+${GEM_LIBDIR}/BSDL
+${GEM_LIBDIR}/COPYING
+${GEM_LIBDIR}/README.md
+${GEM_LIBDIR}/ext/zlib/extconf.rb
+${GEM_LIBDIR}/ext/zlib/zlib.c
+${GEM_LIBDIR}/lib/zlib.${RUBY_DLEXT}
+${GEM_LIBDIR}/zlib.gemspec
+${GEM_HOME}/specifications/${GEM_NAME}.gemspec

Index: pkgsrc/archivers/ruby-zlib/distinfo
diff -u /dev/null pkgsrc/archivers/ruby-zlib/distinfo:1.6
--- /dev/null   Sat Mar  7 13:19:17 2026
+++ pkgsrc/archivers/ruby-zlib/distinfo Sat Mar  7 13:19:17 2026
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.6 2026/03/07 13:19:17 taca Exp $
+
+BLAKE2s (zlib-3.2.3.gem) = 477fd583c3f88df396d5923430be438c77d0b72ccb17f55d751550f05dc54d3f
+SHA512 (zlib-3.2.3.gem) = ee60c02ffbd25566f019f227dd361e57ad04d21e15d2dc94cd6e18df730c1f971b4dfd41c431f85983635dab65b695383ca625fee6ebf7533d00a07e3313bb85
+Size (zlib-3.2.3.gem) = 39424 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/archivers
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/archivers
Indexes:

Home | Main Index | Thread Index | Old Index