diff options
author | taca <taca@pkgsrc.org> | 2013-09-10 16:25:51 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2013-09-10 16:25:51 +0000 |
commit | 5e410b81aa9fe316dc6c68dfa4b6467187848586 (patch) | |
tree | db8813c340fb99839aeda1b31b6abcf83e6ad4fc /lang/ruby200-base | |
parent | b4914eaa5b05c682d834b31628b7af319df03e76 (diff) | |
download | pkgsrc-5e410b81aa9fe316dc6c68dfa4b6467187848586.tar.gz |
Add a fix for CVE-2013-4287 in rubygems.
Bump PKGREVISION.
Diffstat (limited to 'lang/ruby200-base')
-rw-r--r-- | lang/ruby200-base/Makefile | 3 | ||||
-rw-r--r-- | lang/ruby200-base/distinfo | 3 | ||||
-rw-r--r-- | lang/ruby200-base/patches/patch-lib_rubygems_version.rb | 15 |
3 files changed, 19 insertions, 2 deletions
diff --git a/lang/ruby200-base/Makefile b/lang/ruby200-base/Makefile index 22b0589cb35..22f6291f9a0 100644 --- a/lang/ruby200-base/Makefile +++ b/lang/ruby200-base/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.1 2013/07/21 02:32:58 taca Exp $ +# $NetBSD: Makefile,v 1.2 2013/09/10 16:26:30 taca Exp $ # DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_FULL} +PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} diff --git a/lang/ruby200-base/distinfo b/lang/ruby200-base/distinfo index fbe2f6ae146..796edbe466a 100644 --- a/lang/ruby200-base/distinfo +++ b/lang/ruby200-base/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.2 2013/08/15 16:27:35 joerg Exp $ +$NetBSD: distinfo,v 1.3 2013/09/10 16:26:30 taca Exp $ SHA1 (ruby-2.0.0-p247.tar.bz2) = 9d3e5758c87a2c8016aec246f278b7551f8cb675 RMD160 (ruby-2.0.0-p247.tar.bz2) = 4a3b6653f17c145c6938c538022c199f830a0dee @@ -19,6 +19,7 @@ SHA1 (patch-lib_rubygems_install__update__options.rb) = 22cfafe090db72211253b852 SHA1 (patch-lib_rubygems_installer.rb) = ef2ab9f965fc7946e68c8d751d3c21a2c676f343 SHA1 (patch-lib_rubygems_specification.rb) = 4ffe57953051f2e091ae94e022b40146f8bec7aa SHA1 (patch-lib_rubygems_uninstaller.rb) = bf525fc55e9bf94e1561a7cac76e09873d3aaca2 +SHA1 (patch-lib_rubygems_version.rb) = 16ef586c6028c248eff9d284c322f573910e4423 SHA1 (patch-man_erb.1) = 1fe6ce4f4fe6418bfabb5e132a63596562030116 SHA1 (patch-man_irb.1) = 2bf807b4c1b1c68d1f518caa054cfd900e0fedb7 SHA1 (patch-man_ri.1) = 7314829a437e3c4625188a818e18751997eda1ce diff --git a/lang/ruby200-base/patches/patch-lib_rubygems_version.rb b/lang/ruby200-base/patches/patch-lib_rubygems_version.rb new file mode 100644 index 00000000000..e5bb401e429 --- /dev/null +++ b/lang/ruby200-base/patches/patch-lib_rubygems_version.rb @@ -0,0 +1,15 @@ +$NetBSD: patch-lib_rubygems_version.rb,v 1.1 2013/09/10 16:26:31 taca Exp $ + +A fix for CVE-2013-4287. + +--- lib/rubygems/version.rb.orig 2012-11-29 06:52:18.000000000 +0000 ++++ lib/rubygems/version.rb +@@ -147,7 +147,7 @@ class Gem::Version + + # FIX: These are only used once, in .correct?. Do they deserve to be + # constants? +- VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*' # :nodoc: ++ VERSION_PATTERN = '[0-9]+(\.[0-9a-zA-Z]+)*(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?' # :nodoc: + ANCHORED_VERSION_PATTERN = /\A\s*(#{VERSION_PATTERN})*\s*\z/ # :nodoc: + + ## |