diff options
author | taca <taca> | 2010-08-16 07:08:12 +0000 |
---|---|---|
committer | taca <taca> | 2010-08-16 07:08:12 +0000 |
commit | 2ab932cdf93f3e1f8d064656e24618a36f82b46c (patch) | |
tree | 4c6f4451dc12d77ddec6ca30875fafa834a96fc7 /lang/ruby18-base | |
parent | 70727e566c0c75212cc924acb93112347f3e144b (diff) | |
download | pkgsrc-2ab932cdf93f3e1f8d064656e24618a36f82b46c.tar.gz |
Add a patch to fix for possible cross-site scripting (CVE-2010-0541)
from r29002 in Ruby's repository. (Sadly, Ruby 1.8.7 pl301 missed
this change...)
Bump PKGREVISION.
Diffstat (limited to 'lang/ruby18-base')
-rw-r--r-- | lang/ruby18-base/Makefile | 4 | ||||
-rw-r--r-- | lang/ruby18-base/distinfo | 3 | ||||
-rw-r--r-- | lang/ruby18-base/patches/patch-ea | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/lang/ruby18-base/Makefile b/lang/ruby18-base/Makefile index ee8efc444ee..d2f3dade080 100644 --- a/lang/ruby18-base/Makefile +++ b/lang/ruby18-base/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.55 2010/06/02 13:27:57 taca Exp $ +# $NetBSD: Makefile,v 1.56 2010/08/16 07:08:12 taca Exp $ # DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX} CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} -PKGREVISION= 5 +PKGREVISION= 6 MAINTAINER= taca@NetBSD.org HOMEPAGE= ${RUBY_HOMEPAGE} diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index 32b23e84858..4e836a6368c 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.43 2010/06/02 13:27:57 taca Exp $ +$NetBSD: distinfo,v 1.44 2010/08/16 07:08:13 taca Exp $ SHA1 (ruby-1.8.7-p174.tar.bz2) = 9e84b49ad545ad54b8e7dc3c227eaaefeb1041aa RMD160 (ruby-1.8.7-p174.tar.bz2) = f854d456003af1e31d50330c88c3cb152c434249 @@ -25,3 +25,4 @@ SHA1 (patch-dw) = 51ad1f521713af85be9ae192049930285e89be41 SHA1 (patch-dx) = d25267d700f997b951a65c016f45347a8b1a1517 SHA1 (patch-dy) = 7c57240a1447346c8e6f2e4e9c7104b1a7d9dbc9 SHA1 (patch-dz) = 52af1fbf17b6e6df6112d08c291215d54a25af67 +SHA1 (patch-ea) = 85ad73f8bdb59bc78167bde021ce64879d3c234c diff --git a/lang/ruby18-base/patches/patch-ea b/lang/ruby18-base/patches/patch-ea new file mode 100644 index 00000000000..4258bf4997f --- /dev/null +++ b/lang/ruby18-base/patches/patch-ea @@ -0,0 +1,16 @@ +$NetBSD: patch-ea,v 1.1 2010/08/16 07:08:13 taca Exp $ + +* Fix for possible cross-site scripting (CVE-2010-0541) from r29002 in + Ruby's repository. + +--- lib/webrick/httpresponse.rb.orig 2008-06-06 08:05:24.000000000 +0000 ++++ lib/webrick/httpresponse.rb +@@ -209,7 +209,7 @@ module WEBrick + @keep_alive = false + self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR + end +- @header['content-type'] = "text/html" ++ @header['content-type'] = "text/html; charset=ISO-8859-1" + + if respond_to?(:create_error_page) + create_error_page() |