rpms/ruby/devel .cvsignore, 1.26, 1.27 ruby-rubyprefix.patch, 1.4, 1.5 ruby.spec, 1.122, 1.123 sources, 1.25, 1.26 ruby-1.8.6.230-p238.patch, 1.1, NONE ruby-1.8.6.230-p248.patch, 1.1, NONE ruby-1.8.6.230-p257.patch, 1.1, NONE ruby-1.8.6.230-string-str_buf_cat.patch, 1.1, NONE
Akira TAGOH
tagoh at fedoraproject.org
Sat Aug 23 08:59:17 UTC 2008
- Previous message (by thread): rpms/man-pages-ja/devel man-pages-ja-455016-bash.1.patch, NONE, 1.1 man-pages-ja-456263-top.1.patch, NONE, 1.1 man-pages-ja-fixpipe.patch, NONE, 1.1 .cvsignore, 1.56, 1.57 man-pages-ja.spec, 1.66, 1.67 sources, 1.55, 1.56
- Next message (by thread): rpms/awstats/EL-5 awstats-6.7-CVE-2008-3714.patch, NONE, 1.1 awstats.spec, 1.21, 1.22
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tagoh
Update of /cvs/pkgs/rpms/ruby/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29109
Modified Files:
.cvsignore ruby-rubyprefix.patch ruby.spec sources
Removed Files:
ruby-1.8.6.230-p238.patch ruby-1.8.6.230-p248.patch
ruby-1.8.6.230-p257.patch
ruby-1.8.6.230-string-str_buf_cat.patch
Log Message:
* Sat Aug 23 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.287-1
- New upstream release.
- Security fixes.
- CVE-2008-3655: Ruby does not properly restrict access to critical
variables and methods at various safe levels.
- CVE-2008-3656: DoS vulnerability in WEBrick.
- CVE-2008-3657: Lack of taintness check in dl.
- CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine.
- Remove the unnecessary backported patches.
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/devel/.cvsignore,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- .cvsignore 24 Jun 2008 03:32:31 -0000 1.26
+++ .cvsignore 23 Aug 2008 08:58:47 -0000 1.27
@@ -22,3 +22,4 @@
rubyfaq-jp-990927.tar.gz
ruby-1.8.6-p114.tar.bz2
ruby-1.8.6-p230.tar.bz2
+ruby-1.8.6-p287.tar.bz2
ruby-rubyprefix.patch:
Index: ruby-rubyprefix.patch
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/devel/ruby-rubyprefix.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ruby-rubyprefix.patch 28 Mar 2007 14:08:33 -0000 1.4
+++ ruby-rubyprefix.patch 23 Aug 2008 08:58:47 -0000 1.5
@@ -1,7 +1,7 @@
-diff -ruN ruby-1.8.5-p12.orig/configure.in ruby-1.8.5-p12/configure.in
---- ruby-1.8.5-p12.orig/configure.in 2006-12-06 19:58:08.000000000 +0900
-+++ ruby-1.8.5-p12/configure.in 2007-02-05 17:02:43.000000000 +0900
-@@ -1505,6 +1505,13 @@
+diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
+--- ruby-1.8.6-p287.orig/configure.in 2008-07-13 00:03:28.000000000 +0900
++++ ruby-1.8.6-p287/configure.in 2008-08-14 01:08:00.000000000 +0900
+@@ -1608,6 +1608,13 @@ case "$target_os" in
rubyw_install_name="$RUBYW_INSTALL_NAME"
;;
esac
@@ -15,7 +15,7 @@
case "$target_os" in
cygwin*|mingw*|*djgpp*|os2-emx*)
RUBY_LIB_PREFIX="/lib/ruby"
-@@ -1513,20 +1520,29 @@
+@@ -1616,20 +1623,29 @@ case "$target_os" in
RUBY_LIB_PREFIX="${prefix}/lib/ruby"
;;
esac
@@ -47,7 +47,7 @@
RUBY_SITE_LIB_PATH2="${RUBY_SITE_LIB_PATH}/${MAJOR}.${MINOR}"
AC_DEFINE_UNQUOTED(RUBY_LIB, "${RUBY_LIB_PATH}")
-@@ -1536,6 +1552,7 @@
+@@ -1639,6 +1655,7 @@ AC_DEFINE_UNQUOTED(RUBY_SITE_LIB2, "${RU
AC_SUBST(arch)dnl
AC_SUBST(sitearch)dnl
AC_SUBST(sitedir)dnl
@@ -55,7 +55,7 @@
configure_args=$ac_configure_args
AC_SUBST(configure_args)dnl
-@@ -1544,7 +1561,7 @@
+@@ -1647,7 +1664,7 @@ if test "$fat_binary" != no ; then
arch="fat-${target_os}"
AC_DEFINE_UNQUOTED(RUBY_THIN_ARCHLIB,
@@ -64,7 +64,7 @@
AC_DEFINE_UNQUOTED(RUBY_SITE_THIN_ARCHLIB,
"${RUBY_SITE_LIB_PATH}/" __ARCHITECTURE__ "-${target_os}")
-@@ -1559,8 +1576,8 @@
+@@ -1662,8 +1679,8 @@ case "$target_os" in
*) sitearch="${arch}" ;;
esac
@@ -75,11 +75,11 @@
AC_ARG_WITH(search-path,
[ --with-search-path=DIR specify the additional search path],
-diff -ruN ruby-1.8.5-p12.orig/mkconfig.rb ruby-1.8.5-p12/mkconfig.rb
---- ruby-1.8.5-p12.orig/mkconfig.rb 2006-06-25 23:03:10.000000000 +0900
-+++ ruby-1.8.5-p12/mkconfig.rb 2007-02-05 16:54:32.000000000 +0900
-@@ -108,10 +108,10 @@
- print v_fast, v_others
+diff -pruN ruby-1.8.6-p287.orig/mkconfig.rb ruby-1.8.6-p287/mkconfig.rb
+--- ruby-1.8.6-p287.orig/mkconfig.rb 2008-06-08 01:37:10.000000000 +0900
++++ ruby-1.8.6-p287/mkconfig.rb 2008-08-14 01:08:00.000000000 +0900
+@@ -139,10 +139,10 @@ print(*v_fast)
+ print(*v_others)
print <<EOS
CONFIG["ruby_version"] = "$(MAJOR).$(MINOR)"
- CONFIG["rubylibdir"] = "$(libdir)/ruby/$(ruby_version)"
Index: ruby.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/devel/ruby.spec,v
retrieving revision 1.122
retrieving revision 1.123
diff -u -r1.122 -r1.123
--- ruby.spec 10 Jul 2008 16:00:48 -0000 1.122
+++ ruby.spec 23 Aug 2008 08:58:47 -0000 1.123
@@ -1,6 +1,6 @@
%define rubyxver 1.8
%define rubyver 1.8.6
-%define _patchlevel 230
+%define _patchlevel 287
%define dotpatchlevel %{?_patchlevel:.%{_patchlevel}}
%define patchlevel %{?_patchlevel:-p%{_patchlevel}}
%define arcver %{rubyver}%{?patchlevel}
@@ -12,7 +12,7 @@
Name: ruby
Version: %{rubyver}%{?dotpatchlevel}
-Release: 5%{?dist}
+Release: 1%{?dist}
License: Ruby or GPLv2
URL: http://www.ruby-lang.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -34,10 +34,6 @@
Patch22: ruby-deprecated-search-path.patch
Patch23: ruby-multilib.patch
Patch25: ruby-1.8.6.111-gcc43.patch
-Patch26: ruby-1.8.6.230-string-str_buf_cat.patch
-Patch27: ruby-1.8.6.230-p238.patch
-Patch28: ruby-1.8.6.230-p248.patch
-Patch29: ruby-1.8.6.230-p257.patch
Summary: An interpreter of object-oriented scripting language
Group: Development/Languages
@@ -156,10 +152,6 @@
%patch23 -p1
%endif
%patch25 -p1
-%patch26 -p1
-%patch27 -p1
-%patch28 -p1
-%patch29 -p1
popd
%build
@@ -510,6 +502,17 @@
%{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el
%changelog
+* Sat Aug 23 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.287-1
+- New upstream release.
+- Security fixes.
+ - CVE-2008-3655: Ruby does not properly restrict access to critical
+ variables and methods at various safe levels.
+ - CVE-2008-3656: DoS vulnerability in WEBrick.
+ - CVE-2008-3657: Lack of taintness check in dl.
+ - CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
+ - CVE-2008-3443: Memory allocation failure in Ruby regex engine.
+- Remove the unnecessary backported patches.
+
* Thu Jul 10 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 1.8.6.230-5
- rebuild against db4-4.7
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/devel/sources,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- sources 24 Jun 2008 03:32:31 -0000 1.25
+++ sources 23 Aug 2008 08:58:47 -0000 1.26
@@ -2,4 +2,4 @@
d65e3a216d6d345a2a6f1aa8758c2f75 ruby-refm-rdp-1.8.1-ja-html.tar.gz
634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz
4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz
-3eceb42d4fc56398676c20a49ac7e044 ruby-1.8.6-p230.tar.bz2
+80b5f3db12531d36e6c81fac6d05dda9 ruby-1.8.6-p287.tar.bz2
--- ruby-1.8.6.230-p238.patch DELETED ---
--- ruby-1.8.6.230-p248.patch DELETED ---
--- ruby-1.8.6.230-p257.patch DELETED ---
--- ruby-1.8.6.230-string-str_buf_cat.patch DELETED ---
- Previous message (by thread): rpms/man-pages-ja/devel man-pages-ja-455016-bash.1.patch, NONE, 1.1 man-pages-ja-456263-top.1.patch, NONE, 1.1 man-pages-ja-fixpipe.patch, NONE, 1.1 .cvsignore, 1.56, 1.57 man-pages-ja.spec, 1.66, 1.67 sources, 1.55, 1.56
- Next message (by thread): rpms/awstats/EL-5 awstats-6.7-CVE-2008-3714.patch, NONE, 1.1 awstats.spec, 1.21, 1.22
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list