summaryrefslogtreecommitdiff
path: root/lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb
diff options
context:
space:
mode:
authortron <tron@pkgsrc.org>2015-09-03 18:49:44 +0000
committertron <tron@pkgsrc.org>2015-09-03 18:49:44 +0000
commit4f43d633c4d70f7debf5e0280d07dbb65ee21975 (patch)
treeeee0f90268ff35f6c99188ab1e0de5b3c5e4806e /lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb
parentd8d68c248cffd817df3af0bac6c7f3c9fb865dc1 (diff)
downloadpkgsrc-4f43d633c4d70f7debf5e0280d07dbb65ee21975.tar.gz
Pullup ticket #4803 - requested by taca
lang/ruby21-base: security update Revisions pulled up: - lang/ruby/rubyversion.mk 1.146 - lang/ruby21-base/Makefile 1.15 - lang/ruby21-base/PLIST 1.7 - lang/ruby21-base/distinfo 1.19 - lang/ruby21-base/patches/patch-ext_tk_extconf.rb deleted - lang/ruby21-base/patches/patch-ext_tk_lib_tk.rb deleted - lang/ruby21-base/patches/patch-ext_tk_tcltklib.c deleted - lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb deleted --- Module Name: pkgsrc Committed By: taca Date: Thu Aug 20 15:27:43 UTC 2015 Modified Files: pkgsrc/lang/ruby: rubyversion.mk pkgsrc/lang/ruby21-base: Makefile PLIST distinfo Removed Files: pkgsrc/lang/ruby21-base/patches: patch-ext_tk_extconf.rb patch-ext_tk_lib_tk.rb patch-ext_tk_tcltklib.c patch-lib_rubygems_remote__fetcher.rb Log Message: Update ruby21-base to 2.1.7 (Ruby 2.1.7). Release announce: Ruby 2.1.7 Released Posted by usa on 18 Aug 2015 Ruby 2.1.7 has been released. This release includes the security fix for a RubyGems domain name verification vulnerability. Please view the topic below for more details. CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier And, many bug fixes are also included. See tickets and ChangeLog for details.
Diffstat (limited to 'lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb')
-rw-r--r--lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb21
1 files changed, 0 insertions, 21 deletions
diff --git a/lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb b/lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb
deleted file mode 100644
index 8511d602784..00000000000
--- a/lang/ruby21-base/patches/patch-lib_rubygems_remote__fetcher.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-$NetBSD: patch-lib_rubygems_remote__fetcher.rb,v 1.1 2015/06/23 14:04:03 taca Exp $
-
-Fix for CVE-2015-3900.
-
---- lib/rubygems/remote_fetcher.rb.orig 2014-02-06 02:59:36.000000000 +0000
-+++ lib/rubygems/remote_fetcher.rb
-@@ -90,7 +90,13 @@ class Gem::RemoteFetcher
- rescue Resolv::ResolvError
- uri
- else
-- URI.parse "#{uri.scheme}://#{res.target}#{uri.path}"
-+ target = res.target.to_s.strip
-+
-+ if /\.#{Regexp.quote(host)}\z/ =~ target
-+ return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
-+ end
-+
-+ uri
- end
- end
-
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-12 13:03:13 +0000