diff options
author | tron <tron@pkgsrc.org> | 2013-02-15 13:51:53 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2013-02-15 13:51:53 +0000 |
commit | c6bb3032b0db65838e0668def677440e5af75d3c (patch) | |
tree | ed40a88ae78fcd99cd954d4dd06d26da770db122 /devel | |
parent | c4480adb5f66d241e457f633ad0b92597e199015 (diff) | |
download | pkgsrc-c6bb3032b0db65838e0668def677440e5af75d3c.tar.gz |
Pullup ticket #4073 - requested by taca
databases/ruby-activerecord3: security patch
devel/ruby-activemodel: security patch
Revisions pulled up:
- databases/ruby-activerecord3/Makefile 1.9
- databases/ruby-activerecord3/distinfo 1.19-1.20
- databases/ruby-activerecord3/patches/patch-lib_active__record_attribute__methods_write.rb 1.1-1.2
- devel/ruby-activemodel/Makefile 1.12
- devel/ruby-activemodel/distinfo 1.19-1.20
- devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb 1.1-1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 12 13:23:20 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: Makefile distinfo
Added Files:
pkgsrc/databases/ruby-activerecord3/patches:
patch-lib_active__record_attribute__methods_write.rb
Log Message:
Add fix for Fix for CVE-2013-0277.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 13 14:08:07 UTC 2013
Modified Files:
pkgsrc/databases/ruby-activerecord3: distinfo
pkgsrc/databases/ruby-activerecord3/patches:
patch-lib_active__record_attribute__methods_write.rb
Log Message:
Correct comment in a patch file.
This change dosen't fix CVE-2013-0276 but give workaround for it.
No PKGREVISION bump.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 12 15:30:42 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: Makefile distinfo
Added Files:
pkgsrc/devel/ruby-activemodel/patches:
patch-lib_active__model_attribute__methods.rb
Log Message:
Add fix for CVE-2013-0276.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 13 14:07:31 UTC 2013
Modified Files:
pkgsrc/devel/ruby-activemodel: distinfo
pkgsrc/devel/ruby-activemodel/patches:
patch-lib_active__model_attribute__methods.rb
Log Message:
Correct comment in a patch file.
This change dosen't fix CVE-2013-0276 but give workaround for it.
No PKGREVISION bump.
Diffstat (limited to 'devel')
-rw-r--r-- | devel/ruby-activemodel/Makefile | 3 | ||||
-rw-r--r-- | devel/ruby-activemodel/distinfo | 3 | ||||
-rw-r--r-- | devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb | 15 |
3 files changed, 19 insertions, 2 deletions
diff --git a/devel/ruby-activemodel/Makefile b/devel/ruby-activemodel/Makefile index edf3ec5782b..62786070a5b 100644 --- a/devel/ruby-activemodel/Makefile +++ b/devel/ruby-activemodel/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.11 2012/06/14 14:48:35 taca Exp $ +# $NetBSD: Makefile,v 1.11.6.1 2013/02/15 13:51:53 tron Exp $ DISTNAME= activemodel-${RUBY_RAILS_VERSION} +PKGREVISION= 1 CATEGORIES= devel MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/devel/ruby-activemodel/distinfo b/devel/ruby-activemodel/distinfo index ff72bdc05b9..a895fe2c10d 100644 --- a/devel/ruby-activemodel/distinfo +++ b/devel/ruby-activemodel/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.15.4.3 2013/02/02 10:40:00 tron Exp $ +$NetBSD: distinfo,v 1.15.4.4 2013/02/15 13:51:53 tron Exp $ SHA1 (activemodel-3.0.20.gem) = 80c7d881ed64ed7a66f4d82b12c2b98b43f6fbde RMD160 (activemodel-3.0.20.gem) = 20c74da6d7a173a5d5a252a138afa5b132f9a7b9 Size (activemodel-3.0.20.gem) = 38912 bytes +SHA1 (patch-lib_active__model_attribute__methods.rb) = bd38ac936bc8777473c1a02685156207661344fb diff --git a/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb new file mode 100644 index 00000000000..2b3de5e3263 --- /dev/null +++ b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb @@ -0,0 +1,15 @@ +$NetBSD$ + +Workaround for CVE-2013-0276. + +--- lib/active_model/attribute_methods.rb.orig 2013-02-12 15:27:17.000000000 +0000 ++++ lib/active_model/attribute_methods.rb +@@ -347,7 +347,7 @@ module ActiveModel + def initialize(options = {}) + options.symbolize_keys! + @prefix, @suffix = options[:prefix] || '', options[:suffix] || '' +- @regex = /^(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})$/ ++ @regex = /\A(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})\z/ + end + + def match(method_name) |