diff options
author | taca <taca> | 2011-12-28 16:40:06 +0000 |
---|---|---|
committer | taca <taca> | 2011-12-28 16:40:06 +0000 |
commit | 8de42a6625d6d9ec9cfe86ccd85cd1cd54b820a4 (patch) | |
tree | 6595071dd9d6aa7e0e580e6120562ea46cf799cb /lang/ruby18-base | |
parent | e512af382cce7aab0aa4ae86fc8521a45e2be6ca (diff) | |
download | pkgsrc-8de42a6625d6d9ec9cfe86ccd85cd1cd54b820a4.tar.gz |
Update ruby18-base package to 1.8.7.357.
It contains security fix for CVE-2011-4815 (DoS).
Wed Dec 28 21:34:23 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* string.c (rb_str_hash): randomize hash to avoid algorithmic
complexity attacks. CVE-2011-4815
* st.c (strhash): ditto.
* string.c (Init_String): initialization of hash_seed to be at the
beginning of the process.
* st.c (Init_st): ditto.
Thu Dec 8 11:57:04 2011 Tanaka Akira <akr@fsij.org>
* inits.c (rb_call_inits): call Init_RandomSeed at first.
* random.c (seed_initialized): defined.
(fill_random_seed): extracted from random_seed.
(make_seed_value): extracted from random_seed.
(rb_f_rand): initialize random seed at first.
(initial_seed): defined.
(Init_RandomSeed): defined.
(Init_RandomSeed2): defined.
(rb_reset_random_seed): defined.
(Init_Random): call Init_RandomSeed2.
Sat Dec 10 20:44:23 2011 Tanaka Akira <akr@fsij.org>
* lib/securerandom.rb: call OpenSSL::Random.seed at the
SecureRandom.random_bytes call.
insert separators for array join.
patch by Masahiro Tomita. [ruby-dev:44270]
Mon Oct 17 04:20:22 2011 Nobuyoshi Nakada <nobu@ruby-lang.org>
* mkconfig.rb: fix for continued lines. based on a patch from
Marcus Rueckert <darix AT opensu.se> at [ruby-core:20420].
Mon Oct 17 04:19:39 2011 Yukihiro Matsumoto <matz@ruby-lang.org>
* numeric.c (flo_cmp): Infinity is greater than any bignum
number. [ruby-dev:38672]
* bignum.c (rb_big_cmp): ditto.
Mon Oct 17 03:56:12 2011 Yusuke Endoh <mame@tsg.ne.jp>
* ext/openssl/ossl_x509store.c (ossl_x509store_initialize): initialize
store->ex_data.sk. [ruby-core:28907] [ruby-core:23971]
[ruby-core:18121]
Diffstat (limited to 'lang/ruby18-base')
-rw-r--r-- | lang/ruby18-base/Makefile | 3 | ||||
-rw-r--r-- | lang/ruby18-base/distinfo | 10 | ||||
-rw-r--r-- | lang/ruby18-base/patches/patch-ew | 8 |
3 files changed, 10 insertions, 11 deletions
diff --git a/lang/ruby18-base/Makefile b/lang/ruby18-base/Makefile index 88248f822ac..fd20d6c47ac 100644 --- a/lang/ruby18-base/Makefile +++ b/lang/ruby18-base/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.67 2011/11/13 15:44:58 taca Exp $ +# $NetBSD: Makefile,v 1.68 2011/12/28 16:40:06 taca Exp $ # DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_FULL} -PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index 6171dc79ede..90117ca6f0c 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.50 2011/08/12 15:33:12 taca Exp $ +$NetBSD: distinfo,v 1.51 2011/12/28 16:40:06 taca Exp $ -SHA1 (ruby-1.8.7-p352.tar.bz2) = 9f3d039e9bfeda54ea2c2175bbeace375a1ea1ae -RMD160 (ruby-1.8.7-p352.tar.bz2) = 9a0ea7e7eb83c809d2890b08db2e78eeb93dee0d -Size (ruby-1.8.7-p352.tar.bz2) = 4207576 bytes +SHA1 (ruby-1.8.7-p357.tar.bz2) = ba5ec0ab663976f00fb405be6cfef546bcf0e4e9 +RMD160 (ruby-1.8.7-p357.tar.bz2) = 9034fb641f0260aed590856cd9400f186a3dd56a +Size (ruby-1.8.7-p357.tar.bz2) = 4208157 bytes SHA1 (patch-aa) = 4c1572b5a1eb65e89a98c60540433a69cb96dd23 SHA1 (patch-ab) = b56b6c2ba182414492c803d36433730602e0a591 SHA1 (patch-ac) = 0119134d778bb85c58ef5bfe30d337dc76ed47e0 @@ -44,7 +44,7 @@ SHA1 (patch-er) = 666fc6c22544c7f74f7c17ffef30563effcb4df7 SHA1 (patch-et) = eba90415e5279c9eb8bea67635f5f8cab5d1e7ac SHA1 (patch-eu) = dbf65258dcdc619d220ab39864389c4ec4c5c625 SHA1 (patch-ev) = 6178be681ca1cf2647cab9a61c8ef989ff5b23cb -SHA1 (patch-ew) = ddb8066a3e63b049e43c569e8d95b872eea0c247 +SHA1 (patch-ew) = 3f23697dddbb11a10d1f0c3e47fb602822ecd11f SHA1 (patch-ga) = 73f50504baf74ee77d00dcfb5a9446bbaf122726 SHA1 (patch-gb) = 345ad3e5df6fd9febe7b398f091662fd7c300dc4 SHA1 (patch-lib_rdoc_options.rb) = 0f14417733ad6fc6fbc93af1c8463ecd59abce7c diff --git a/lang/ruby18-base/patches/patch-ew b/lang/ruby18-base/patches/patch-ew index fd42dde9f92..1ac43cecdd3 100644 --- a/lang/ruby18-base/patches/patch-ew +++ b/lang/ruby18-base/patches/patch-ew @@ -1,10 +1,10 @@ -$NetBSD: patch-ew,v 1.1 2010/09/10 03:29:01 taca Exp $ +$NetBSD: patch-ew,v 1.2 2011/12/28 16:40:07 taca Exp $ * r26583: don't use O_NOFOLLOW because /dev/urandom is a symlink in OpenSolaris. ---- random.c.orig 2009-01-17 03:18:21.000000000 +0000 +--- random.c.orig 2011-12-28 12:47:15.000000000 +0000 +++ random.c -@@ -280,9 +280,6 @@ random_seed() +@@ -276,9 +276,6 @@ fill_random_seed(ptr) #ifdef O_NOCTTY |O_NOCTTY #endif @@ -13,4 +13,4 @@ $NetBSD: patch-ew,v 1.1 2010/09/10 03:29:01 taca Exp $ -#endif )) >= 0) { if (fstat(fd, &statbuf) == 0 && S_ISCHR(statbuf.st_mode)) { - read(fd, seed, seed_len); + read(fd, seed, DEFAULT_SEED_LEN); |