diff options
author | bsiegert <bsiegert> | 2015-11-24 20:10:28 +0000 |
---|---|---|
committer | bsiegert <bsiegert> | 2015-11-24 20:10:28 +0000 |
commit | 77d31aa4e006ee66821f7b84ccf8510ce60eff80 (patch) | |
tree | 3d0bf2e6b5d0753e9422cf1edb8ea7a439a3b486 | |
parent | c50de2f3343ac2306f3a9b0db0114e9bb62ca65f (diff) | |
download | pkgsrc-77d31aa4e006ee66821f7b84ccf8510ce60eff80.tar.gz |
Pullup ticket #4863 - requested by taca
textproc/ruby-nokogiri: security fix
Revisions pulled up:
- textproc/ruby-nokogiri/ALTERNATIVES 1.1
- textproc/ruby-nokogiri/Makefile 1.27-1.28
- textproc/ruby-nokogiri/PLIST 1.15-1.16
- textproc/ruby-nokogiri/distinfo 1.17-1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 18 16:04:50 UTC 2015
Modified Files:
pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo
Added Files:
pkgsrc/textproc/ruby-nokogiri: ALTERNATIVES
Log Message:
Update ruby-nokogiri to 1.6.6.3.
pkgsrc change: Add pkg_alternatives support.
=== 1.6.6.3 / 2015-11-16
This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
* CVE-2015-1819
* CVE-2015-7941_1
* CVE-2015-7941_2
* CVE-2015-7942
* CVE-2015-7942-2
* CVE-2015-8035
* CVE-2015-7995
See #1374 for details.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Nov 23 07:28:01 UTC 2015
Modified Files:
pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo
Log Message:
Update ruby-nokogiri to 1.6.8.4.
=== 1.6.6.4 / 2015-11-19
This version pulls in an upstream patche to the vendored libxml2 to address:
* unclosed comment uninitialized access issue (#1376)
This issue does not have a CVE assigned to it as this time.
-rw-r--r-- | textproc/ruby-nokogiri/ALTERNATIVES | 1 | ||||
-rw-r--r-- | textproc/ruby-nokogiri/Makefile | 11 | ||||
-rw-r--r-- | textproc/ruby-nokogiri/PLIST | 12 | ||||
-rw-r--r-- | textproc/ruby-nokogiri/distinfo | 10 |
4 files changed, 22 insertions, 12 deletions
diff --git a/textproc/ruby-nokogiri/ALTERNATIVES b/textproc/ruby-nokogiri/ALTERNATIVES new file mode 100644 index 00000000000..1102a4d0be6 --- /dev/null +++ b/textproc/ruby-nokogiri/ALTERNATIVES @@ -0,0 +1 @@ +bin/nokogiri @PREFIX@/bin/nokogiri@RUBY_SUFFIX@ diff --git a/textproc/ruby-nokogiri/Makefile b/textproc/ruby-nokogiri/Makefile index 3420aad7c61..869abe7eff1 100644 --- a/textproc/ruby-nokogiri/Makefile +++ b/textproc/ruby-nokogiri/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.26 2015/06/07 16:07:42 taca Exp $ +# $NetBSD: Makefile,v 1.26.4.1 2015/11/24 20:10:28 bsiegert Exp $ -DISTNAME= nokogiri-1.6.6.2 +DISTNAME= nokogiri-1.6.6.4 CATEGORIES= textproc MAINTAINER= pkgsrc-users@NetBSD.org @@ -8,15 +8,14 @@ HOMEPAGE= http://nokogiri.org/ COMMENT= HTML, XML, SAX, and Reader parser with XPath and CSS selector support LICENSE= mit -CONFLICTS+= ruby[1-9][0-9][0-9]-nokogiri-[0-9]* - DEPENDS+= ${RUBY_PKGPREFIX}-mini_portile>=0.6.0<0.7:../../misc/ruby-mini_portile USE_GCC_RUNTIME= yes USE_TOOLS+= pkg-config MAKE_ENV+= NOKOGIRI_USE_SYSTEM_LIBRARIES=yes -OVERRIDE_GEMSPEC= :files ports/archives/libxml2-2.8.0.tar.gz= \ - ports/archives/libxslt-1.1.26.tar.gz= +RUBYGEM_OPTIONS+= --format-executable +OVERRIDE_GEMSPEC= :files ports/archives/libxml2-2.9.2.tar.gz= \ + ports/archives/libxslt-1.1.28.tar.gz= .include "../../textproc/libxml2/buildlink3.mk" .include "../../textproc/libxslt/buildlink3.mk" diff --git a/textproc/ruby-nokogiri/PLIST b/textproc/ruby-nokogiri/PLIST index a8aa558ca7b..71339db1e4f 100644 --- a/textproc/ruby-nokogiri/PLIST +++ b/textproc/ruby-nokogiri/PLIST @@ -1,5 +1,5 @@ -@comment $NetBSD: PLIST,v 1.14 2015/03/08 15:17:21 taca Exp $ -bin/nokogiri +@comment $NetBSD: PLIST,v 1.14.6.1 2015/11/24 20:10:28 bsiegert Exp $ +bin/nokogiri${RUBY_SUFFIX} ${GEM_HOME}/cache/${GEM_NAME}.gem ${GEM_EXTSDIR}/gem.build_complete ${GEM_EXTSDIR}/nokogiri/nokogiri.${RUBY_DLEXT} @@ -157,6 +157,13 @@ ${GEM_LIBDIR}/lib/nokogiri/xslt/stylesheet.rb ${GEM_LIBDIR}/lib/xsd/xmlparser/nokogiri.rb ${GEM_LIBDIR}/ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch ${GEM_LIBDIR}/ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch +${GEM_LIBDIR}/ports/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch +${GEM_LIBDIR}/ports/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch +${GEM_LIBDIR}/ports/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch +${GEM_LIBDIR}/ports/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch +${GEM_LIBDIR}/ports/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch +${GEM_LIBDIR}/ports/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch +${GEM_LIBDIR}/ports/patches/libxml2/0010-Fix-parsering-short-unclosed-comment-uninitialized-access.patch ${GEM_LIBDIR}/ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch ${GEM_LIBDIR}/ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch ${GEM_LIBDIR}/ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch @@ -169,6 +176,7 @@ ${GEM_LIBDIR}/ports/patches/libxslt/0010-Fix-handling-of-UTF-8-strings-in-EXSLT- ${GEM_LIBDIR}/ports/patches/libxslt/0013-Memory-leak-in-xsltCompileIdKeyPattern-error-path.patch ${GEM_LIBDIR}/ports/patches/libxslt/0014-Fix-for-bug-436589.patch ${GEM_LIBDIR}/ports/patches/libxslt/0015-Fix-mkdir-for-mingw.patch +${GEM_LIBDIR}/ports/patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch ${GEM_LIBDIR}/ports/patches/sort-patches-by-date ${GEM_LIBDIR}/suppressions/README.txt ${GEM_LIBDIR}/suppressions/nokogiri_ree-1.8.7.358.supp diff --git a/textproc/ruby-nokogiri/distinfo b/textproc/ruby-nokogiri/distinfo index 04ca834d72a..5b0d68790fb 100644 --- a/textproc/ruby-nokogiri/distinfo +++ b/textproc/ruby-nokogiri/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.15 2015/02/05 15:11:35 taca Exp $ +$NetBSD: distinfo,v 1.15.6.1 2015/11/24 20:10:28 bsiegert Exp $ + +SHA1 (nokogiri-1.6.6.4.gem) = 5c40b25ed1f7f469584a6a3ce992f1e6273e4b54 +RMD160 (nokogiri-1.6.6.4.gem) = ae54c57d4075cbdd9de5f6d6cdbc85b2010d1999 +SHA512 (nokogiri-1.6.6.4.gem) = 7c8ffb751a48b0843410fd0fc1cc3899133c51353ad20e7e0c47b06bb89381b04a4f739004f7dbe211cb34eef61ef35bf588a117bcedf571985bd48045f88a9b +Size (nokogiri-1.6.6.4.gem) = 9254912 bytes -SHA1 (nokogiri-1.6.6.2.gem) = d05f23c90be242d7e1bff447874e75207c36a207 -RMD160 (nokogiri-1.6.6.2.gem) = b3f4a8b9fc15b660197b45b22826ee8b3d33ab7e -Size (nokogiri-1.6.6.2.gem) = 9249280 bytes |