------------------------------------------------------------------- Wed Jul 9 11:41:30 UTC 2025 - Ferdinand Thiessen - Update to 3.4.0 - mruby now supports `private` and `protected` visibility - Maximum length of inlined symbols reduced from 5 to 4 characters to provide space for visibility flags - Many methods are made private according to CRuby visibility - `initialize` method will be always private - Add new hooks `method_removed`, `method_undefined` - Add new hooks `singleton_method_removed`, `singleton_method_undefined` - Hash `to_s` format has changed - Remove Float bit-operation - use SWAR technique for strlen performance - use merge sort for `Array#sort` - C API changes: - pool.c renamed to mempool.c (and mrb_pool to mrb_mempool) - mrb_pool_value renamed to mrb_irep_pool to reduce confusion - rename BOXNIX_SET_VALUE to BOXNO_SET_VALUE - `MRB_FROZEN_P()` is replaced by `mrb_frozen_p()` - rename `color` to `gc_color` - add `obj->frozen` instead of flags `MRB_SET_FROZEN_FLAG`/`MRB_UNSET_FROZEN_FLAG` - Changes in mrbgems: - **mruby-print**: removed; if you do not use `mruby-io`, mruby use `#print` etc. in the core - **mruby-toplevel-ext**: top-level public/private/protected moved to the core - **mruby-metaprog**: method list methods now works according to the visibility - **mruby-encoding**: MRB_UTF8_STRING turned on automatically with this gem - Update to 3.3.0 - aliases work properly with `super` - `callee` method work differently with aliases in mruby - define `Kernel#respond_to_missing?` method - `_inspect` method (`inspect` with recursive check) is removed - `__printstr__` method is removed; use `print` instead - New method `String#bytesplice` - Allow `return` in blocks to cross C boundaries - mruby memory API - `mrb_default_allocf` can be overridden by the application - `mrb_open_allocf` will be deprecated - Changes in C API - add new error handling API functions - Add `mrb_vm_ci_env_clear()` function with `MRB_API` - a new function `mrb_check_frozen_value()` - avoid formatting in `mrb_bug()` - stop using `mrbc_` prefix for compiler context - Allow `Class#allocate` to be prohibited. To disable `#allocate`, use `MRB_UNDEF_ALLOCATOR()`. - Changes in mrbgems - **mruby-binding**: renamed from `mruby-binding-core` of mruby3.2 - **mruby-binding**: implemented `Binding#initialize_copy` method - **mruby-binding**: `Kernel#binding` responds only to calls from Ruby - **mruby-enumerator**: remove internal attribute methods `obj`, `args`, `kwd`, `meth`, `fib`. - Other breaking changes - `mrb_f_raise()` is now an internal function - `mrb_make_exception()` is now an internal function with different parameters - The `File#path` method no longer uses the `#to_path` method for implicit conversion - Update to 3.2.0 - Now `a::B = c` should evaluate `a` then `c`. - Anonymous arguments `*`, `**`, `&` can be passed for forwarding. - Multi-precision integer is available now via `mruby-bigint` gem. - mruby VM and bytecode - `OP_ARYDUP` was renamed to `OP_ARYSPLAT`. The instruction name was changed but instruction number and basic behavior have not changed (except that `ARYDUP nil` makes `[]`). - `mruby` tool - `-b` only specifies the script is the binary. The files loaded by `-r` are not affected by the option. - `mruby` now loads complied binary if the suffix is `.mrb`. - `mrbc` tool - Add `--no-optimize` option to disable optimization. - mrbgems - mruby-class-ext: Add `Class#subclasses` method. - mruby-class-ext: Add `Module#undefined_instance_methods` method. - mruby-errno is now included - mruby-set is now included - mruby-dir is now included - Fixed security issues: - CVE-2022-0080, CVE-2022-0240, CVE-2022-0326, CVE-2022-0631, CVE-2022-0481, CVE-2022-0525, CVE-2022-0570, CVE-2022-0614, CVE-2022-0623, CVE-2022-0630, CVE-2022-0631, CVE-2022-0632, CVE-2022-0717, CVE-2022-0890, CVE-2022-1106, CVE-2022-1212, CVE-2022-1276, CVE-2022-1286, CVE-2022-1934 - Removed upstream merged patches - CVE-2022-1286.patch - CVE-2022-1212.patch - Added CVE-2025-7207.patch as an upstream patch for CVE-2025-7207 also known as boo#1246138 - Updated link-with-soname.patch ------------------------------------------------------------------- Wed Feb 15 18:26:15 UTC 2023 - Ferdinand Thiessen - Update to 3.1.0 * New features: * CRuby3.0 compatible keyword arguments are introduced. * Keyword arguments are basically separated from ordinal arguments. * Implement endless-def * Replace `R-assignment` by `single-line pattern matching` * Support squiggly heredocs. * Hash value omission * New library methods * New supported directives for `mrbgems/mruby-pack` * Breaking Changes * `Kernel#printf` (`mruby-sprintf`) Format specifiers `%a` and `%A` are removed. * `Kernel#puts` (`mruby-print`) Now expand Array arguments. * mruby binaries are no longer backward compatible. * Upgrade mruby VM version `RITE_VM_VER` to `0300` (means mruby 3.0 or after). * Upgrade mruby binary version `RITE_BINARY_FORMAT_VER` to `0300`. * `mruby3.0` removed `OP_EXT1`, `OP_EXT2`, `OP_EXT3` for operand extension. But the operand size limitations was too tight for real-world application. `mruby3.1` reintroduces those extension instructions. * Some instructions are removed and some new are added, see full changelog https://github.com/mruby/mruby/blob/3.1.0/doc/mruby3.1.md * Fixed CVEs: CVE-2021-4110, CVE-2021-4188, CVE-2022-0080, CVE-2022-0240, CVE-2022-0326, CVE-2022-0481, CVE-2022-0631, CVE-2022-0632, CVE-2022-0890, CVE-2022-1071, CVE-2022-1106, CVE-2022-1201, CVE-2022-1427 - Drop upstream fixed: * CVE-2021-4110.patch * CVE-2022-0240.patch * CVE-2022-0080.patch * CVE-2022-0481.patch - Replaced b1d0296a.patch with CVE-2022-1286.patch ------------------------------------------------------------------- Tue Apr 26 18:57:21 UTC 2022 - Ferdinand Thiessen - Add b1d0296a.patch: fixing CVE-2022-1286 / boo#1198289 - Add CVE-2022-1212.patch: fixing CVE-2022-1212 / boo#1198089 ------------------------------------------------------------------- Mon Feb 21 11:32:34 UTC 2022 - Ferdinand Thiessen - Install libmruby_core library, required by mruby binary - Fix missing SONAME in library by adding link-with-soname.patch ------------------------------------------------------------------- Wed Feb 9 15:51:52 UTC 2022 - Ferdinand Thiessen - Added CVE-2022-0481.patch from upstream fixed NULL Pointer Dereference boo#1195632 / CVE-2022-0481 - Fixed file attributes (executable bit for shared library) ------------------------------------------------------------------- Tue Jan 18 08:58:03 UTC 2022 - Ferdinand Thiessen - Added CVE-2022-0080.patch from upstream, fixed Heap-based Buffer Overflow boo#1194244 / CVE-2022-0080 ------------------------------------------------------------------- Tue Jan 18 08:47:09 UTC 2022 - Ferdinand Thiessen - Added CVE-2022-0240.patch from upstream, fixed NULL Pointer Dereference boo#1194808 / CVE-2022-0240 ------------------------------------------------------------------- Thu Dec 16 11:30:22 UTC 2021 - Ferdinand Thiessen - Added CVE-2021-4110.patch from upstream, fixes boo#1193796 / CVE-2021-4110 ------------------------------------------------------------------- Sat May 15 14:01:43 UTC 2021 - Ferdinand Thiessen - Update to version 3.0.0 * New Core Language Features * Implement endless-def. Ruby:Feature#16746 * Replace R-assignment by single-line pattern matching. Ruby:Feature#15921 * Support squiggly heredocs. Ruby:Feature#5246 * Breaking Changes * mruby VM and bytecode: mruby binaries are no longer backward compatible Upgrade mruby VM version RITE_VM_VER to 0300 (means mruby 3.0). Upgrade mruby binary version RITE_BINARY_FORMAT_VER to 0200. * Integer has been changed to a specification similar to CRuby. * Integrate Fixnum and Integer. * Remove Integral. * int / int -> int * Add APIs for Integer. * Full change log: https://mruby.org/releases/2021/03/05/mruby-3.0.0-released.html ------------------------------------------------------------------- Fri May 7 14:26:23 UTC 2021 - Ferdinand Thiessen - Update to version 2.1.2 * IO#readchar returns a UTF-8 character fragment instead of EOFError if EOF is reached in the middle of UTF-8 characters. * This behavior is different from CRuby, but it is a mruby specification that supports either ASCII or UTF-8 exclusively. * Remove mrb_run() from C APIs. * Fixed segmentation fault at mrb_io_s_select * Fixed segmentation fault at mrb_vm_exec. * Fixed some Hash methods are inconsistent with values when hash has duplicate key. * Fixed get local variable names from orphan block. * Fixed memory leaks in some places when out of memory. * Fixed heap buffer overflow in mruby interpreter. * Fixed type tag not used when calculating hash code. * Full log: https://mruby.org/releases/2020/08/06/mruby-2.1.2-released.html ------------------------------------------------------------------- Mon Jun 15 22:45:07 UTC 2020 - Marcus Rueckert - update to 2.1.1 too many changes to include here https://mruby.org/releases/2020/06/04/mruby-2.1.1-released.html https://mruby.org/releases/2019/11/19/mruby-2.1.0-released.html https://mruby.org/releases/2019/04/04/mruby-2.0.1-released.html https://mruby.org/releases/2018/12/11/mruby-2.0.0-released.html https://mruby.org/releases/2018/04/27/mruby-1.4.1-released.html https://mruby.org/releases/2017/07/04/mruby-1.3.0-released.html https://mruby.org/releases/2015/11/18/mruby-1.2.0-released.html https://mruby.org/releases/2014/11/19/mruby-1.1.0-released.html https://mruby.org/releases/2014/02/09/mruby-1.0.0-released.html ------------------------------------------------------------------- Tue Jul 03 06:20:43 CET 2012 - pascal.bleser@opensuse.org - initial version (0.0+20120701)