rpms/ruby/F-8 .cvsignore, 1.25, 1.26 ruby.spec, 1.109, 1.110 sources, 1.23, 1.24 ruby-1.8.6.230-p238.patch, 1.1, NONE ruby-1.8.6.230-p248.patch, 1.1, NONE ruby-1.8.6.230-p257.patch, 1.1, NONE ruby-1.8.6.230-string-str_buf_cat.patch, 1.1, NONE ruby-fix-autoconf-magic-code.patch, 1.1, NONE
Akira TAGOH
tagoh at fedoraproject.org
Sat Aug 23 09:13:12 UTC 2008
- Previous message (by thread): rpms/ruby/F-9 .cvsignore, 1.26, 1.27 ruby.spec, 1.120, 1.121 sources, 1.24, 1.25 ruby-1.8.6.230-p238.patch, 1.1, NONE ruby-1.8.6.230-p248.patch, 1.1, NONE ruby-1.8.6.230-p257.patch, 1.1, NONE ruby-1.8.6.230-string-str_buf_cat.patch, 1.1, NONE ruby-fix-autoconf-magic-code.patch, 1.1, NONE
- Next message (by thread): rpms/fuse-emulator/devel fuse-emulator.spec,1.8,1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tagoh
Update of /cvs/pkgs/rpms/ruby/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30172
Modified Files:
.cvsignore ruby.spec sources
Removed Files:
ruby-1.8.6.230-p238.patch ruby-1.8.6.230-p248.patch
ruby-1.8.6.230-p257.patch
ruby-1.8.6.230-string-str_buf_cat.patch
ruby-fix-autoconf-magic-code.patch
Log Message:
* Sat Aug 23 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.287-1
- New upstream release.
- Security fixes.
- CVE-2008-3655: Ruby does not properly restrict access to critical
variables and methods at various safe levels.
- CVE-2008-3656: DoS vulnerability in WEBrick.
- CVE-2008-3657: Lack of taintness check in dl.
- CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine.
- Remove the unnecessary backported patches.
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/.cvsignore,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- .cvsignore 30 Jun 2008 03:46:12 -0000 1.25
+++ .cvsignore 23 Aug 2008 09:12:42 -0000 1.26
@@ -20,3 +20,4 @@
ruby-1.8.6-p111.tar.bz2
ruby-1.8.6-p114.tar.bz2
ruby-1.8.6-p230.tar.bz2
+ruby-1.8.6-p287.tar.bz2
Index: ruby.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/ruby.spec,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- ruby.spec 1 Jul 2008 08:47:11 -0000 1.109
+++ ruby.spec 23 Aug 2008 09:12:42 -0000 1.110
@@ -1,6 +1,6 @@
%define rubyxver 1.8
%define rubyver 1.8.6
-%define _patchlevel 230
+%define _patchlevel 287
%define dotpatchlevel %{?_patchlevel:.%{_patchlevel}}
%define patchlevel %{?_patchlevel:-p%{_patchlevel}}
%define arcver %{rubyver}%{?patchlevel}
@@ -12,7 +12,7 @@
Name: ruby
Version: %{rubyver}%{?dotpatchlevel}
-Release: 4%{?dist}
+Release: 1%{?dist}
License: Ruby or GPLv2
URL: http://www.ruby-lang.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -36,10 +36,6 @@
Patch22: ruby-deprecated-search-path.patch
Patch23: ruby-multilib.patch
Patch25: ruby-1.8.6.111-gcc43.patch
-Patch26: ruby-1.8.6.230-string-str_buf_cat.patch
-Patch27: ruby-1.8.6.230-p238.patch
-Patch28: ruby-1.8.6.230-p248.patch
-Patch29: ruby-1.8.6.230-p257.patch
Summary: An interpreter of object-oriented scripting language
Group: Development/Languages
@@ -160,10 +156,6 @@
%patch23 -p1
%endif
%patch25 -p1
-%patch26 -p1
-%patch27 -p1
-%patch28 -p1
-%patch29 -p1
popd
%build
@@ -520,6 +512,17 @@
%endif
%changelog
+* Sat Aug 23 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.287-1
+- New upstream release.
+- Security fixes.
+ - CVE-2008-3655: Ruby does not properly restrict access to critical
+ variables and methods at various safe levels.
+ - CVE-2008-3656: DoS vulnerability in WEBrick.
+ - CVE-2008-3657: Lack of taintness check in dl.
+ - CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
+ - CVE-2008-3443: Memory allocation failure in Ruby regex engine.
+- Remove the unnecessary backported patches.
+
* Tue Jul 1 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.230-4
- Backported from upstream SVN to fix a segfault issue with Array#fill.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/sources,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- sources 24 Jun 2008 02:23:53 -0000 1.23
+++ sources 23 Aug 2008 09:12:42 -0000 1.24
@@ -2,4 +2,4 @@
d65e3a216d6d345a2a6f1aa8758c2f75 ruby-refm-rdp-1.8.1-ja-html.tar.gz
634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz
4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz
-3eceb42d4fc56398676c20a49ac7e044 ruby-1.8.6-p230.tar.bz2
+80b5f3db12531d36e6c81fac6d05dda9 ruby-1.8.6-p287.tar.bz2
--- ruby-1.8.6.230-p238.patch DELETED ---
--- ruby-1.8.6.230-p248.patch DELETED ---
--- ruby-1.8.6.230-p257.patch DELETED ---
--- ruby-1.8.6.230-string-str_buf_cat.patch DELETED ---
--- ruby-fix-autoconf-magic-code.patch DELETED ---
- Previous message (by thread): rpms/ruby/F-9 .cvsignore, 1.26, 1.27 ruby.spec, 1.120, 1.121 sources, 1.24, 1.25 ruby-1.8.6.230-p238.patch, 1.1, NONE ruby-1.8.6.230-p248.patch, 1.1, NONE ruby-1.8.6.230-p257.patch, 1.1, NONE ruby-1.8.6.230-string-str_buf_cat.patch, 1.1, NONE ruby-fix-autoconf-magic-code.patch, 1.1, NONE
- Next message (by thread): rpms/fuse-emulator/devel fuse-emulator.spec,1.8,1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list