[SECURITY] Fedora Core 5 Update: ruby-1.8.5-1.fc5

Akira Tagoh tagoh at redhat.com
Mon Oct 30 21:38:34 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1110
2006-10-30
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : ruby
Version     : 1.8.5
Release     : 1.fc5
Summary     : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming.  It has many features to process text
files and to do system management tasks (as in Perl).  It is simple,
straight-forward, and extensible.

---------------------------------------------------------------------

* Fri Oct 27 2006 Akira TAGOH <tagoh at redhat.com> - 1.8.5-1
- security fix release.
- ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that
  causes the denial of service. (#212396)
- backport fixes from devel.
  - fixed rbconfig.rb to refer to DESTDIR for sitearchdir. (#207311)
  - updates to 1.8.5
    - removed the unnecessary patches:
      ruby-1.8.4-no-eaccess.patch, ruby-1.8.4-64bit-pack.patch,
      ruby-1.8.4-fix-insecure-dir-operation.patch,
      ruby-1.8.4-fix-insecure-regexp-modification.patch,
      ruby-1.8.4-fix-alias-safe-level.patch.
    - build with --enable-pthread except on ppc.
  - ruby-1.8.5-hash-memory-leak.patch: backported from CVS to fix a memory leak
    on Hash. [ruby-talk:211233]
  - owns sitearchdir. (#201208)
* Thu Jul 20 2006 Akira TAGOH <tagoh at redhat.com> - 1.8.4-8
- security fixes [CVE-2006-3694]
  - ruby-1.8.4-fix-insecure-dir-operation.patch:
  - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure
    operations in the certain safe-level restrictions. (#199538)
  - ruby-1.8.4-fix-alias-safe-level.patch: fixed to not bypass the certain
    safe-level restrictions. (#199543)
* Mon Jun 19 2006 Akira TAGOH <tagoh at redhat.com> - 1.8.4-7.fc5
- fixed the wrong file list again. moved tcltk library into ruby-tcltk.
  (#195872)
* Thu Jun  8 2006 Akira TAGOH <tagoh at redhat.com> - 1.8.4-5.fc5
- ruby-deprecated-search-path.patch: applied to add more search path
  for backward compatibility.
- added byacc to BuildReq.
- exclude ppc64 to make ruby-mode package. right now emacs.ppc64 isn't provided
  and buildsys became much stricter.
* Wed May 17 2006 Akira TAGOH <tagoh at redhat.com> - 1.8.4-4.fc5
- correct sitelibdir. (#184198)
- ruby-rubyprefix.patch: moved all arch-independent modules under /usr/lib/ruby
  and keep arch-dependent modules under /usr/lib64/ruby for 64bit archs.
  so 'rubylibdir', 'sitelibdir' and 'sitedir' in Config::CONFIG points to
  the kind of /usr/lib/ruby now. (#184199)
- ruby-deprecated-search-path.patch: added the deprecated installation paths
  to the search path for the backward compatibility.
- added a Provides: ruby(abi) to ruby-libs.
- ruby-1.8.4-64bit-pack.patch: backport patch from upstream to fix unpack("l")
  not working on 64bit arch and integer overflow on template "w". (#189350)
- updated License tag to be more comfortable, and with a pointer to get more
  details, like Python package does. (#179933)
- clean up.

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

aa4af11c646646421ecda4e28b0ee5bf48f17245  SRPMS/ruby-1.8.5-1.fc5.src.rpm
aa4af11c646646421ecda4e28b0ee5bf48f17245  noarch/ruby-1.8.5-1.fc5.src.rpm
972c05b909fd4526c68658f33e9e1b5a5f440c13  ppc/ruby-devel-1.8.5-1.fc5.ppc.rpm
6aff903b757c7316e1beae442085baa5e9411d53  ppc/ruby-ri-1.8.5-1.fc5.ppc.rpm
ecbf98e88cfc6243cca28d7d3724f13b2aeba580  ppc/debug/ruby-debuginfo-1.8.5-1.fc5.ppc.rpm
26e199280ee6f81c632d61ecfc060af193b4ded7  ppc/ruby-1.8.5-1.fc5.ppc.rpm
0932ec9f166465009479a5b2b868505370c25214  ppc/ruby-rdoc-1.8.5-1.fc5.ppc.rpm
47d64fb6d57737a3b8dd4359bf959867d1e71a34  ppc/ruby-irb-1.8.5-1.fc5.ppc.rpm
4be2eb9fae78e99e7024329d7e72ade1a2e4ac03  ppc/ruby-tcltk-1.8.5-1.fc5.ppc.rpm
683917cab28244c15655fc84fce2984f656604b2  ppc/ruby-docs-1.8.5-1.fc5.ppc.rpm
8c4b6fa7868a9d6ac36c1c72abe510d0b9d3e763  ppc/ruby-libs-1.8.5-1.fc5.ppc.rpm
e8df45445972941b9fd32992c42ed0e262896751  ppc/ruby-mode-1.8.5-1.fc5.ppc.rpm
cf6ed26812c5b62d47b80cfd01ad63ad91103c7e  x86_64/debug/ruby-debuginfo-1.8.5-1.fc5.x86_64.rpm
b539afb451566e958b2d580aae058bc2f5780562  x86_64/ruby-tcltk-1.8.5-1.fc5.x86_64.rpm
097bc62e5a5a7b783ccfecb7a3804e74e76a8eff  x86_64/ruby-irb-1.8.5-1.fc5.x86_64.rpm
1728f1179113609d5c78eda838d750e99ac410ec  x86_64/ruby-devel-1.8.5-1.fc5.x86_64.rpm
c4c6b719def3587382fce9d43396b1828645435b  x86_64/ruby-rdoc-1.8.5-1.fc5.x86_64.rpm
fbbb6872c707e837757a8cefff2ac591e566575e  x86_64/ruby-ri-1.8.5-1.fc5.x86_64.rpm
d6d4c4c88642987bd36f319ec2e0f4a7cc2dd35e  x86_64/ruby-libs-1.8.5-1.fc5.x86_64.rpm
3dbc5eab0cda9f071c8ba2b4a773fe43d92c0391  x86_64/ruby-mode-1.8.5-1.fc5.x86_64.rpm
b16e47dd356953a9310b68ef5f5994dcce5ce665  x86_64/ruby-1.8.5-1.fc5.x86_64.rpm
70d82f9b9c0f092515cbd9add475a78ab884ca15  x86_64/ruby-docs-1.8.5-1.fc5.x86_64.rpm
6fa8b8ad704712fb95e8b7d6ed16809fbd26fde5  i386/ruby-irb-1.8.5-1.fc5.i386.rpm
734ddba9ec0ee4f20704947cc05356c2848b94f8  i386/ruby-libs-1.8.5-1.fc5.i386.rpm
4ea84b4f91ad9a028d8d6a5899fc052227cb249c  i386/ruby-mode-1.8.5-1.fc5.i386.rpm
efee5d49ada832d02769a0a9b71a5ba7cf0260d4  i386/ruby-docs-1.8.5-1.fc5.i386.rpm
1bebe0f27b16bd782403c84a74e56cd5a87dd669  i386/debug/ruby-debuginfo-1.8.5-1.fc5.i386.rpm
448901c945266045cb1af5c95662e6291a6ec6f7  i386/ruby-1.8.5-1.fc5.i386.rpm
dbc5cac7a2a3a517d9692365609828a2e90709a6  i386/ruby-tcltk-1.8.5-1.fc5.i386.rpm
fa1d6bbec2c9a8727587b096acc1ea67ff7381d1  i386/ruby-ri-1.8.5-1.fc5.i386.rpm
ce8541be97e7a403de57d39baf11b60e774e9f43  i386/ruby-devel-1.8.5-1.fc5.i386.rpm
ef2f7cb46486a61deb81803843a6ec3873898be7  i386/ruby-rdoc-1.8.5-1.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the Fedora-package-announce mailing list