diff options
| author | taca <taca> | 2013-02-12 15:30:42 +0000 |
|---|---|---|
| committer | taca <taca> | 2013-02-12 15:30:42 +0000 |
| commit | 9c61049ab38390580a2433276256e556ac2c0b52 (patch) | |
| tree | 111eaaf491e55ef7ccc631f0c1efda4c4966d884 /devel | |
| parent | 1f7323d80eb0b493bd3d02c6a3503f704cafc789 (diff) | |
| download | pkgsrc-9c61049ab38390580a2433276256e556ac2c0b52.tar.gz | |
Add fix for CVE-2013-0276.
Bump PKGREVISION.
Diffstat (limited to 'devel')
| -rw-r--r-- | devel/ruby-activemodel/Makefile | 3 | ||||
| -rw-r--r-- | devel/ruby-activemodel/distinfo | 3 | ||||
| -rw-r--r-- | devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb | 15 |
3 files changed, 19 insertions, 2 deletions
diff --git a/devel/ruby-activemodel/Makefile b/devel/ruby-activemodel/Makefile index edf3ec5782b..9d0fb90717c 100644 --- a/devel/ruby-activemodel/Makefile +++ b/devel/ruby-activemodel/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.11 2012/06/14 14:48:35 taca Exp $ +# $NetBSD: Makefile,v 1.12 2013/02/12 15:30:42 taca Exp $ DISTNAME= activemodel-${RUBY_RAILS_VERSION} +PKGREVISION= 1 CATEGORIES= devel MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/devel/ruby-activemodel/distinfo b/devel/ruby-activemodel/distinfo index df741a31db0..70b24dfc4c9 100644 --- a/devel/ruby-activemodel/distinfo +++ b/devel/ruby-activemodel/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.18 2013/01/29 15:38:40 taca Exp $ +$NetBSD: distinfo,v 1.19 2013/02/12 15:30:42 taca Exp $ SHA1 (activemodel-3.0.20.gem) = 80c7d881ed64ed7a66f4d82b12c2b98b43f6fbde RMD160 (activemodel-3.0.20.gem) = 20c74da6d7a173a5d5a252a138afa5b132f9a7b9 Size (activemodel-3.0.20.gem) = 38912 bytes +SHA1 (patch-lib_active__model_attribute__methods.rb) = a7b24bc83c4142a2b3955e24c4aa4bdeb4ce77eb diff --git a/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb new file mode 100644 index 00000000000..73ee0524893 --- /dev/null +++ b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb @@ -0,0 +1,15 @@ +$NetBSD$ + +Fix for CVE-2013-0276. + +--- lib/active_model/attribute_methods.rb.orig 2013-02-12 15:27:17.000000000 +0000 ++++ lib/active_model/attribute_methods.rb +@@ -347,7 +347,7 @@ module ActiveModel + def initialize(options = {}) + options.symbolize_keys! + @prefix, @suffix = options[:prefix] || '', options[:suffix] || '' +- @regex = /^(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})$/ ++ @regex = /\A(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})\z/ + end + + def match(method_name) |