diff options
| author | taca <taca@pkgsrc.org> | 2008-06-20 15:39:29 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2008-06-20 15:39:29 +0000 |
| commit | 91b4bc2c48033c907075f1251668abcddbe2a5fe (patch) | |
| tree | c0f7918df77302e990b4d0612319e7e1c7141fa6 /lang | |
| parent | 730341d6566f104c701c3af2c218da7cc29cece0 (diff) | |
| download | pkgsrc-91b4bc2c48033c907075f1251668abcddbe2a5fe.tar.gz | |
Update Ruby 1.8.7 patchlevel 22.
This is security fix:
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
Fri Jun 20 18:25:18 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
* string.c (rb_str_buf_append): should infect.
Fri Jun 20 16:33:09 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
* array.c (rb_ary_store, rb_ary_splice): not depend on unspecified
behavior at integer overflow.
* string.c (str_buf_cat): ditto.
Wed Jun 18 22:24:46 2008 URABE Shyouhei <shyouhei@ruby-lang.org>
* array.c (ary_new, rb_ary_initialize, rb_ary_store,
rb_ary_aplice, rb_ary_times): integer overflows should be
checked. based on patches from Drew Yao <ayao at apple.com>
fixed CVE-2008-2726
* string.c (rb_str_buf_append): fixed unsafe use of alloca,
which led memory corruption. based on a patch from Drew Yao
<ayao at apple.com> fixed CVE-2008-2726
* sprintf.c (rb_str_format): backported from trunk.
* intern.h: ditto.
Tue Jun 17 15:09:46 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
* file.c (file_expand_path): no need to expand root path which has no
short file name. [ruby-dev:35095]
Sun Jun 15 19:27:40 2008 Akinori MUSHA <knu@iDaemons.org>
* configure.in: Fix $LOAD_PATH. Properly expand vendor_ruby
directories; submitted by Takahiro Kambe <taca at
back-street.net> in [ruby-dev:35099].
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/ruby18-base/distinfo | 11 | ||||
| -rw-r--r-- | lang/ruby18-base/patches/patch-aa | 21 | ||||
| -rw-r--r-- | lang/ruby18-base/patches/patch-ab | 25 |
3 files changed, 6 insertions, 51 deletions
diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index d53ab3cb2d1..0bc0b0ddc6a 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,8 +1,5 @@ -$NetBSD: distinfo,v 1.28 2008/06/19 14:35:37 taca Exp $ +$NetBSD: distinfo,v 1.29 2008/06/20 15:39:29 taca Exp $ -SHA1 (ruby-1.8.7-p17.tar.bz2) = 0119f0af48eafe4d7b8cfc95f23588556d25cc21 -RMD160 (ruby-1.8.7-p17.tar.bz2) = d220bd233dddba6c7ceeba84a7da5d2e6a78988b -Size (ruby-1.8.7-p17.tar.bz2) = 4114057 bytes -SHA1 (patch-aa) = c1b07842dc872d9c5f522b7ba48c9e4419ffed64 -SHA1 (patch-ab) = 26260b203644839837b456f5e1ec0a7a3de49503 -SHA1 (patch-ac) = eb4dd068729ba2a2c7d4d659f6bcdb1410227f3b +SHA1 (ruby-1.8.7-p22.tar.bz2) = a54e59393f0ca8fcc39f9e23e63a04b1cd4e3b7a +RMD160 (ruby-1.8.7-p22.tar.bz2) = 249253406204151d9448ec43ddc61712556ae023 +Size (ruby-1.8.7-p22.tar.bz2) = 4121532 bytes diff --git a/lang/ruby18-base/patches/patch-aa b/lang/ruby18-base/patches/patch-aa index 2f8747fa3b1..319d89bbb55 100644 --- a/lang/ruby18-base/patches/patch-aa +++ b/lang/ruby18-base/patches/patch-aa @@ -1,4 +1,4 @@ -$NetBSD: patch-aa,v 1.11 2008/06/19 14:35:37 taca Exp $ +$NetBSD: patch-aa,v 1.12 2008/06/20 15:39:29 taca Exp $ --- configure.in.orig 2008-06-09 03:23:46.000000000 +0900 +++ configure.in @@ -49,22 +49,3 @@ $NetBSD: patch-aa,v 1.11 2008/06/19 14:35:37 taca Exp $ fi LDFLAGS="-L. $LDFLAGS" -@@ -1717,14 +1736,14 @@ AC_ARG_WITH(vendordir, - VENDOR_DIR=`eval echo \\"${vendordir}\\"` - case "$target_os" in - cygwin*|mingw*|*djgpp*|os2-emx*) -- RUBY_VENDOR_LIB_PATH="`expr "$VENDOR_DIR" : "$prefix\(/.*\)"`" || -- RUBY_VENDOR_LIB_PATH="$VENDOR_DIR";; -+ RUBY_VENDOR_LIB_PATH="`eval echo "$VENDOR_DIR" | sed 's|^NONE/|/|;s|^'"$prefix"'/|/|'`" -+ ;; - *) -- RUBY_VENDOR_LIB_PATH="$VENDOR_DIR";; -+ RUBY_VENDOR_LIB_PATH="`eval echo \\"$VENDOR_DIR\\" | sed 's|^NONE/|'"$prefix"'/|'`" -+ ;; - esac - RUBY_VENDOR_LIB_PATH2="${RUBY_VENDOR_LIB_PATH}/${MAJOR}.${MINOR}" - --AC_DEFINE_UNQUOTED(RUBY_LIB, "${RUBY_LIB_PATH}") - AC_DEFINE_UNQUOTED(RUBY_VENDOR_LIB, "${RUBY_VENDOR_LIB_PATH}") - AC_DEFINE_UNQUOTED(RUBY_VENDOR_LIB2, "${RUBY_VENDOR_LIB_PATH2}") - diff --git a/lang/ruby18-base/patches/patch-ab b/lang/ruby18-base/patches/patch-ab index e7845572039..11fd9813145 100644 --- a/lang/ruby18-base/patches/patch-ab +++ b/lang/ruby18-base/patches/patch-ab @@ -1,4 +1,4 @@ -$NetBSD: patch-ab,v 1.11 2008/06/19 14:35:37 taca Exp $ +$NetBSD: patch-ab,v 1.12 2008/06/20 15:39:29 taca Exp $ --- configure.orig 2008-06-09 18:38:04.000000000 +0900 +++ configure @@ -49,26 +49,3 @@ $NetBSD: patch-ab,v 1.11 2008/06/19 14:35:37 taca Exp $ fi LDFLAGS="-L. $LDFLAGS" -@@ -17563,18 +17582,15 @@ fi - VENDOR_DIR=`eval echo \\"${vendordir}\\"` - case "$target_os" in - cygwin*|mingw*|*djgpp*|os2-emx*) -- RUBY_VENDOR_LIB_PATH="`expr "$VENDOR_DIR" : "$prefix\(/.*\)"`" || -- RUBY_VENDOR_LIB_PATH="$VENDOR_DIR";; -+ RUBY_VENDOR_LIB_PATH="`eval echo "$VENDOR_DIR" | sed 's|^NONE/|/|;s|^'"$prefix"'/|/|'`" -+ ;; - *) -- RUBY_VENDOR_LIB_PATH="$VENDOR_DIR";; -+ RUBY_VENDOR_LIB_PATH="`eval echo \\"$VENDOR_DIR\\" | sed 's|^NONE/|'"$prefix"'/|'`" -+ ;; - esac - RUBY_VENDOR_LIB_PATH2="${RUBY_VENDOR_LIB_PATH}/${MAJOR}.${MINOR}" - - cat >>confdefs.h <<_ACEOF --#define RUBY_LIB "${RUBY_LIB_PATH}" --_ACEOF -- --cat >>confdefs.h <<_ACEOF - #define RUBY_VENDOR_LIB "${RUBY_VENDOR_LIB_PATH}" - _ACEOF - |