rpms/ruby/F-8 .cvsignore, 1.23, 1.24 ruby.spec, 1.105, 1.106 sources, 1.22, 1.23 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
Akira TAGOH (tagoh)
fedora-extras-commits at redhat.com
Tue Jun 24 02:24:38 UTC 2008
Author: tagoh
Update of /cvs/pkgs/rpms/ruby/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19663
Modified Files:
.cvsignore ruby.spec sources
Removed Files:
ruby-1.8.6.111-CVE-2007-5162.patch
Log Message:
* Tue Jun 24 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.230-1
- New upstream release.
- Security fixes. (#452293)
- CVE-2008-1891: WEBrick CGI source disclosure.
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_splice().
- CVE-2008-2726: Integer overflow in rb_ary_splice().
- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/.cvsignore,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- .cvsignore 10 Mar 2008 07:32:01 -0000 1.23
+++ .cvsignore 24 Jun 2008 02:23:53 -0000 1.24
@@ -17,3 +17,4 @@
ruby-1.8.6-p110.tar.bz2
ruby-1.8.6-p111.tar.bz2
ruby-1.8.6-p114.tar.bz2
+ruby-1.8.6-p230.tar.bz2
Index: ruby.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/ruby.spec,v
retrieving revision 1.105
retrieving revision 1.106
diff -u -r1.105 -r1.106
--- ruby.spec 10 Mar 2008 07:32:01 -0000 1.105
+++ ruby.spec 24 Jun 2008 02:23:53 -0000 1.106
@@ -1,6 +1,6 @@
%define rubyxver 1.8
%define rubyver 1.8.6
-%define _patchlevel 114
+%define _patchlevel 230
%define dotpatchlevel %{?_patchlevel:.%{_patchlevel}}
%define patchlevel %{?_patchlevel:-p%{_patchlevel}}
%define arcver %{rubyver}%{?patchlevel}
@@ -35,7 +35,6 @@
Patch21: ruby-deprecated-sitelib-search-path.patch
Patch22: ruby-deprecated-search-path.patch
Patch23: ruby-multilib.patch
-Patch24: ruby-1.8.6.111-CVE-2007-5162.patch
Patch25: ruby-1.8.6.111-gcc43.patch
Summary: An interpreter of object-oriented scripting language
@@ -156,7 +155,6 @@
%patch22 -p1
%patch23 -p1
%endif
-%patch24 -p1
%patch25 -p1
popd
@@ -514,6 +512,17 @@
%endif
%changelog
+* Tue Jun 24 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.230-1
+- New upstream release.
+- Security fixes. (#452293)
+ - CVE-2008-1891: WEBrick CGI source disclosure.
+ - CVE-2008-2662: Integer overflow in rb_str_buf_append().
+ - CVE-2008-2663: Integer overflow in rb_ary_store().
+ - CVE-2008-2664: Unsafe use of alloca in rb_str_format().
+ - CVE-2008-2725: Integer overflow in rb_ary_splice().
+ - CVE-2008-2726: Integer overflow in rb_ary_splice().
+- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
+
* Tue Mar 4 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.114-1
- Security fix for CVE-2008-1145.
- Improve a spec file. (#226381)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-8/sources,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- sources 10 Mar 2008 07:32:01 -0000 1.22
+++ sources 24 Jun 2008 02:23:53 -0000 1.23
@@ -2,4 +2,4 @@
d65e3a216d6d345a2a6f1aa8758c2f75 ruby-refm-rdp-1.8.1-ja-html.tar.gz
634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz
4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz
-b4d0c74497f684814bcfbb41b7384a71 ruby-1.8.6-p114.tar.bz2
+3eceb42d4fc56398676c20a49ac7e044 ruby-1.8.6-p230.tar.bz2
--- ruby-1.8.6.111-CVE-2007-5162.patch DELETED ---
More information about the fedora-extras-commits
mailing list