Pullup ticket #3443 - requested by taca

lang/ruby18-base security update Revisions pulled up: - lang/ruby18-base/Makefile 1.60-1.61 - lang/ruby18-base/distinfo 1.49 - lang/ruby18-base/patches/patch-ext_bigdecimal_bigdecimal.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Sun May 29 01:36:24 UTC 2011 Modified Files: pkgsrc/lang/ruby18-base: Makefile Added Files: pkgsrc/lang/ruby18-base/patches: patch-ext_bigdecimal_bigdecimal.c Log Message: Add a patch for CVE-2011-0188 from repository as ruby19-base. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Mon May 30 04:21:38 UTC 2011 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Log Message: It seems that I forgot update distinfo file. Since it cause creating binary package which isn't up to date, bump PKGREVISION, again.
author: sbd <sbd> 2011-05-31 11:04:22 +0000
committer: sbd <sbd> 2011-05-31 11:04:22 +0000
commit: 01b84f6afc041f8086c79cbd9a62e7e0f504988d (patch)
tree: fddb3e26a6ab28abc1c3cfbc408991de44f1097f
parent: dbc603d2c221b16de796947e98ae81307a7524d9 (diff)
download: pkgsrc-01b84f6afc041f8086c79cbd9a62e7e0f504988d.tar.gz
3 files changed, 23 insertions, 3 deletions
diff --git a/lang/ruby18-base/Makefile b/lang/ruby18-base/Makefile
index adeb46ecba9..0854fcf1f2d 100644
--- a/lang/ruby18-base/Makefile
+++ b/lang/ruby18-base/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.59 2011/03/28 14:10:25 taca Exp $
+# $NetBSD: Makefile,v 1.59.2.1 2011/05/31 11:04:22 sbd Exp $
 #
 
 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX}
-PKGREVISION=	1
+PKGREVISION=	3
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}
 
diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo
index 792bf49ffe5..d5eef2b510a 100644
--- a/lang/ruby18-base/distinfo
+++ b/lang/ruby18-base/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.48 2011/03/28 14:10:25 taca Exp $
+$NetBSD: distinfo,v 1.48.2.1 2011/05/31 11:04:22 sbd Exp $
 
 SHA1 (ruby-1.8.7-p334.tar.bz2) = 4311ce257f2e54f247bfe07b48e799d293d041f2
 RMD160 (ruby-1.8.7-p334.tar.bz2) = f3d078d526f1b19d3255dc236f5a46062883e7c9
@@ -46,6 +46,7 @@ SHA1 (patch-et) = eba90415e5279c9eb8bea67635f5f8cab5d1e7ac
 SHA1 (patch-eu) = dbf65258dcdc619d220ab39864389c4ec4c5c625
 SHA1 (patch-ev) = 6178be681ca1cf2647cab9a61c8ef989ff5b23cb
 SHA1 (patch-ew) = ddb8066a3e63b049e43c569e8d95b872eea0c247
+SHA1 (patch-ext_bigdecimal_bigdecimal.c) = d67011dd6026c2f66bc2558b3aafa0b6d7e0bc29
 SHA1 (patch-ga) = 73f50504baf74ee77d00dcfb5a9446bbaf122726
 SHA1 (patch-gb) = 345ad3e5df6fd9febe7b398f091662fd7c300dc4
 SHA1 (patch-lib_rdoc_options.rb) = 0f14417733ad6fc6fbc93af1c8463ecd59abce7c
diff --git a/lang/ruby18-base/patches/patch-ext_bigdecimal_bigdecimal.c b/lang/ruby18-base/patches/patch-ext_bigdecimal_bigdecimal.c
new file mode 100644
index 00000000000..753f616c204
--- /dev/null
+++ b/lang/ruby18-base/patches/patch-ext_bigdecimal_bigdecimal.c
@@ -0,0 +1,19 @@
+$NetBSD: patch-ext_bigdecimal_bigdecimal.c,v 1.1.2.2 2011/05/31 11:04:23 sbd Exp $
+
+* Fix for CVE-2011-0188 from repository, r30993.
+
+--- ext/bigdecimal/bigdecimal.c.orig	2010-06-08 07:49:18.000000000 +0000
++++ ext/bigdecimal/bigdecimal.c
+@@ -2032,9 +2032,9 @@ static int gnAlloc=0; /* Memory allocati
+ VP_EXPORT void *
+ VpMemAlloc(U_LONG mb)
+ {
+-    void *p = xmalloc((unsigned int)mb);
+-    if(!p) {
+-        VpException(VP_EXCEPTION_MEMORY,"failed to allocate memory",1);
++    void *p = xmalloc(mb);
++    if (!p) {
++        VpException(VP_EXCEPTION_MEMORY, "failed to allocate memory", 1);
+     }
+     memset(p,0,mb);
+ #ifdef _DEBUG
author	sbd <sbd>	2011-05-31 11:04:22 +0000
committer	sbd <sbd>	2011-05-31 11:04:22 +0000
commit	01b84f6afc041f8086c79cbd9a62e7e0f504988d (patch)
tree	fddb3e26a6ab28abc1c3cfbc408991de44f1097f
parent	dbc603d2c221b16de796947e98ae81307a7524d9 (diff)
download	pkgsrc-01b84f6afc041f8086c79cbd9a62e7e0f504988d.tar.gz