diff options
| author | taca <taca@pkgsrc.org> | 2011-02-21 14:35:37 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2011-02-21 14:35:37 +0000 |
| commit | 2d49e6d21af315f5a5ace8a4c3c0c841ab27bc70 (patch) | |
| tree | 0049bf160bab441678a564e5d68d4ee8a11f5a37 /lang/ruby18-base | |
| parent | 5dd58288741fc0474d0426c1cf1e391d3fcca3e0 (diff) | |
| download | pkgsrc-2d49e6d21af315f5a5ace8a4c3c0c841ab27bc70.tar.gz | |
Update ruby18-base package to 1.8.7.334 (Ruby 1.8.7p334).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* The $SAFE Vulnerability
Fri Feb 18 21:18:55 2011 Shugo Maeda <shugo@ruby-lang.org>
* test/ruby/test_exception.rb (TestException::test_to_s_taintness_propagation):
Test for below.
Fri Feb 18 21:18:55 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* error.c (exc_to_s): untainted strings can be tainted via
Exception#to_s, which enables attackers to overwrite sane strings.
Reported by: Yusuke Endoh <mame at tsg.ne.jp>.
* error.c (name_err_to_s): ditto.
Fri Feb 18 21:17:22 2011 Shugo Maeda <shugo@ruby-lang.org>
* lib/fileutils.rb (FileUtils::remove_entry_secure): there is a
race condition in the case where the given path is a directory,
and some other user can move that directory, and create a
symlink while this method is executing.
Reported by: Nicholas Jefferson <nicholas at pythonic.com.au>
Fri Feb 18 19:46:46 2011 NAKAMURA Usaku <usa@ruby-lang.org>
* win32/win32.c (init_stdhandle): backport mistake of r29382.
some code are needless in ruby 1.8.
[ruby-core:34579]
Fri Feb 18 19:22:17 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* configure.in: revert revision r29854. This revision introduced
binary incompatibilities on some circumstances. The bug that
revision was fixing gets reopened by this reversion.
[ruby-dev:43152] cf. [Bug #2553]
Diffstat (limited to 'lang/ruby18-base')
| -rw-r--r-- | lang/ruby18-base/distinfo | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index c27008aa010..fa0406c5857 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.46 2010/12/26 12:31:20 taca Exp $ +$NetBSD: distinfo,v 1.47 2011/02/21 14:35:37 taca Exp $ -SHA1 (ruby-1.8.7-p330.tar.bz2) = 92a7eddcfe41f8c10013cbd8122eeb88624eb335 -RMD160 (ruby-1.8.7-p330.tar.bz2) = abe8eb36618e0b3d005a883d73887686177795c2 -Size (ruby-1.8.7-p330.tar.bz2) = 4191156 bytes +SHA1 (ruby-1.8.7-p334.tar.bz2) = 4311ce257f2e54f247bfe07b48e799d293d041f2 +RMD160 (ruby-1.8.7-p334.tar.bz2) = f3d078d526f1b19d3255dc236f5a46062883e7c9 +Size (ruby-1.8.7-p334.tar.bz2) = 4190857 bytes SHA1 (patch-aa) = 4c1572b5a1eb65e89a98c60540433a69cb96dd23 SHA1 (patch-ab) = b56b6c2ba182414492c803d36433730602e0a591 SHA1 (patch-ac) = 0119134d778bb85c58ef5bfe30d337dc76ed47e0 |