rpms/ruby/F-9 .cvsignore, 1.25, 1.26 ruby.spec, 1.116, 1.117 sources, 1.23, 1.24 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
Akira TAGOH (tagoh)
fedora-extras-commits at redhat.com
Tue Jun 24 03:20:00 UTC 2008
- Previous message (by thread): rpms/ruby/F-8 .cvsignore, 1.23, 1.24 ruby.spec, 1.105, 1.106 sources, 1.22, 1.23 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
- Next message (by thread): rpms/ruby/devel .cvsignore, 1.25, 1.26 ruby.spec, 1.116, 1.117 sources, 1.24, 1.25 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tagoh
Update of /cvs/pkgs/rpms/ruby/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30464
Modified Files:
.cvsignore ruby.spec sources
Removed Files:
ruby-1.8.6.111-CVE-2007-5162.patch
Log Message:
* Tue Jun 24 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.230-1
- New upstream release.
- Security fixes. (#452294).
- CVE-2008-1891: WEBrick CGI source disclosure.
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_splice().
- CVE-2008-2726: Integer overflow in rb_ary_splice().
- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-9/.cvsignore,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- .cvsignore 10 Mar 2008 04:28:30 -0000 1.25
+++ .cvsignore 24 Jun 2008 03:19:02 -0000 1.26
@@ -21,3 +21,4 @@
rubyfaq-990927.tar.gz
rubyfaq-jp-990927.tar.gz
ruby-1.8.6-p114.tar.bz2
+ruby-1.8.6-p230.tar.bz2
Index: ruby.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-9/ruby.spec,v
retrieving revision 1.116
retrieving revision 1.117
diff -u -r1.116 -r1.117
--- ruby.spec 10 Mar 2008 05:27:02 -0000 1.116
+++ ruby.spec 24 Jun 2008 03:19:02 -0000 1.117
@@ -1,6 +1,6 @@
%define rubyxver 1.8
%define rubyver 1.8.6
-%define _patchlevel 114
+%define _patchlevel 230
%define dotpatchlevel %{?_patchlevel:.%{_patchlevel}}
%define patchlevel %{?_patchlevel:-p%{_patchlevel}}
%define arcver %{rubyver}%{?patchlevel}
@@ -35,7 +35,6 @@
Patch21: ruby-deprecated-sitelib-search-path.patch
Patch22: ruby-deprecated-search-path.patch
Patch23: ruby-multilib.patch
-Patch24: ruby-1.8.6.111-CVE-2007-5162.patch
Patch25: ruby-1.8.6.111-gcc43.patch
Summary: An interpreter of object-oriented scripting language
@@ -156,7 +155,6 @@
%patch22 -p1
%patch23 -p1
%endif
-%patch24 -p1
%patch25 -p1
popd
@@ -514,6 +512,17 @@
%endif
%changelog
+* Tue Jun 24 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.230-1
+- New upstream release.
+- Security fixes. (#452294).
+ - CVE-2008-1891: WEBrick CGI source disclosure.
+ - CVE-2008-2662: Integer overflow in rb_str_buf_append().
+ - CVE-2008-2663: Integer overflow in rb_ary_store().
+ - CVE-2008-2664: Unsafe use of alloca in rb_str_format().
+ - CVE-2008-2725: Integer overflow in rb_ary_splice().
+ - CVE-2008-2726: Integer overflow in rb_ary_splice().
+- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
+
* Tue Mar 4 2008 Akira TAGOH <tagoh at redhat.com> - 1.8.6.114-1
- Security fix for CVE-2008-1145.
- Improve a spec file. (#226381)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/ruby/F-9/sources,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- sources 10 Mar 2008 04:28:30 -0000 1.23
+++ sources 24 Jun 2008 03:19:02 -0000 1.24
@@ -3,4 +3,4 @@
e1d38b7d4f1be55726d6927a3395ce3b ruby-1.8.6-p111.tar.bz2
634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz
4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz
-b4d0c74497f684814bcfbb41b7384a71 ruby-1.8.6-p114.tar.bz2
+3eceb42d4fc56398676c20a49ac7e044 ruby-1.8.6-p230.tar.bz2
--- ruby-1.8.6.111-CVE-2007-5162.patch DELETED ---
- Previous message (by thread): rpms/ruby/F-8 .cvsignore, 1.23, 1.24 ruby.spec, 1.105, 1.106 sources, 1.22, 1.23 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
- Next message (by thread): rpms/ruby/devel .cvsignore, 1.25, 1.26 ruby.spec, 1.116, 1.117 sources, 1.24, 1.25 ruby-1.8.6.111-CVE-2007-5162.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list