summaryrefslogtreecommitdiff
path: root/lang/ruby200-base
diff options
context:
space:
mode:
authortaca <taca@pkgsrc.org>2013-09-10 16:25:51 +0000
committertaca <taca@pkgsrc.org>2013-09-10 16:25:51 +0000
commit5e410b81aa9fe316dc6c68dfa4b6467187848586 (patch)
treedb8813c340fb99839aeda1b31b6abcf83e6ad4fc /lang/ruby200-base
parentb4914eaa5b05c682d834b31628b7af319df03e76 (diff)
downloadpkgsrc-5e410b81aa9fe316dc6c68dfa4b6467187848586.tar.gz
Add a fix for CVE-2013-4287 in rubygems.
Bump PKGREVISION.
Diffstat (limited to 'lang/ruby200-base')
-rw-r--r--lang/ruby200-base/Makefile3
-rw-r--r--lang/ruby200-base/distinfo3
-rw-r--r--lang/ruby200-base/patches/patch-lib_rubygems_version.rb15
3 files changed, 19 insertions, 2 deletions
diff --git a/lang/ruby200-base/Makefile b/lang/ruby200-base/Makefile
index 22b0589cb35..22f6291f9a0 100644
--- a/lang/ruby200-base/Makefile
+++ b/lang/ruby200-base/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.1 2013/07/21 02:32:58 taca Exp $
+# $NetBSD: Makefile,v 1.2 2013/09/10 16:26:30 taca Exp $
#
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_FULL}
+PKGREVISION= 1
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
diff --git a/lang/ruby200-base/distinfo b/lang/ruby200-base/distinfo
index fbe2f6ae146..796edbe466a 100644
--- a/lang/ruby200-base/distinfo
+++ b/lang/ruby200-base/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.2 2013/08/15 16:27:35 joerg Exp $
+$NetBSD: distinfo,v 1.3 2013/09/10 16:26:30 taca Exp $
SHA1 (ruby-2.0.0-p247.tar.bz2) = 9d3e5758c87a2c8016aec246f278b7551f8cb675
RMD160 (ruby-2.0.0-p247.tar.bz2) = 4a3b6653f17c145c6938c538022c199f830a0dee
@@ -19,6 +19,7 @@ SHA1 (patch-lib_rubygems_install__update__options.rb) = 22cfafe090db72211253b852
SHA1 (patch-lib_rubygems_installer.rb) = ef2ab9f965fc7946e68c8d751d3c21a2c676f343
SHA1 (patch-lib_rubygems_specification.rb) = 4ffe57953051f2e091ae94e022b40146f8bec7aa
SHA1 (patch-lib_rubygems_uninstaller.rb) = bf525fc55e9bf94e1561a7cac76e09873d3aaca2
+SHA1 (patch-lib_rubygems_version.rb) = 16ef586c6028c248eff9d284c322f573910e4423
SHA1 (patch-man_erb.1) = 1fe6ce4f4fe6418bfabb5e132a63596562030116
SHA1 (patch-man_irb.1) = 2bf807b4c1b1c68d1f518caa054cfd900e0fedb7
SHA1 (patch-man_ri.1) = 7314829a437e3c4625188a818e18751997eda1ce
diff --git a/lang/ruby200-base/patches/patch-lib_rubygems_version.rb b/lang/ruby200-base/patches/patch-lib_rubygems_version.rb
new file mode 100644
index 00000000000..e5bb401e429
--- /dev/null
+++ b/lang/ruby200-base/patches/patch-lib_rubygems_version.rb
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_rubygems_version.rb,v 1.1 2013/09/10 16:26:31 taca Exp $
+
+A fix for CVE-2013-4287.
+
+--- lib/rubygems/version.rb.orig 2012-11-29 06:52:18.000000000 +0000
++++ lib/rubygems/version.rb
+@@ -147,7 +147,7 @@ class Gem::Version
+
+ # FIX: These are only used once, in .correct?. Do they deserve to be
+ # constants?
+- VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*' # :nodoc:
++ VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc:
+ ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc:
+
+ ##
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-03 19:50:17 +0000