diff options
| author | taca <taca@pkgsrc.org> | 2004-11-09 14:11:33 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2004-11-09 14:11:33 +0000 |
| commit | a8481a3a0766cae617964206c9f9f46adf03fda5 (patch) | |
| tree | f342382e12a655ddf176dd97e2484fdd2f1f373c /lang | |
| parent | 1c30fa6df1c8df0cb78692582ee8128fb0cf2547 (diff) | |
| download | pkgsrc-a8481a3a0766cae617964206c9f9f46adf03fda5.tar.gz | |
Fix potential DoS problem in CGI module from Ruby's CVS repository.
(noted by CAN-2004-0983)
Bump package revision.
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/ruby-base/Makefile | 4 | ||||
| -rw-r--r-- | lang/ruby-base/distinfo | 3 | ||||
| -rw-r--r-- | lang/ruby-base/patches/patch-ar | 20 |
3 files changed, 24 insertions, 3 deletions
diff --git a/lang/ruby-base/Makefile b/lang/ruby-base/Makefile index c0a64bcf16c..75f0c96a35a 100644 --- a/lang/ruby-base/Makefile +++ b/lang/ruby-base/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.30 2004/10/03 00:15:02 tv Exp $ +# $NetBSD: Makefile,v 1.31 2004/11/09 14:11:33 taca Exp $ # FreeBSD Id: ports/lang/ruby/Makefile,v 1.39 2000/10/20 19:56:03 knu Exp DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGNAMEPREFIX}base-${RUBY_VERSION} -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} diff --git a/lang/ruby-base/distinfo b/lang/ruby-base/distinfo index 821d57771ac..2da2b22fbaa 100644 --- a/lang/ruby-base/distinfo +++ b/lang/ruby-base/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2004/08/24 15:43:56 taca Exp $ +$NetBSD: distinfo,v 1.16 2004/11/09 14:11:33 taca Exp $ SHA1 (ruby/ruby-1.6.8.tar.gz) = 4b475ac1c837cd62b6dfe85359e1502a71b08cd1 Size (ruby/ruby-1.6.8.tar.gz) = 1023403 bytes @@ -15,3 +15,4 @@ SHA1 (patch-an) = 72461b10296cb9a03fc37bba6af69650c8777741 SHA1 (patch-ao) = 1070614441174b30926ba1d8a4d1a4718172ce4b SHA1 (patch-ap) = 19f520406a9b699a4bbe53b0e9e2b69b4eb7d96a SHA1 (patch-aq) = cf9f16f056c2f5df2493b6f04232fb62edf4448f +SHA1 (patch-ar) = 03e15c32b0865d11339f609b2e98613fc09083b4 diff --git a/lang/ruby-base/patches/patch-ar b/lang/ruby-base/patches/patch-ar new file mode 100644 index 00000000000..64e16abbb8e --- /dev/null +++ b/lang/ruby-base/patches/patch-ar @@ -0,0 +1,20 @@ +$NetBSD: patch-ar,v 1.1 2004/11/09 14:11:33 taca Exp $ + +--- lib/cgi.rb.orig 2002-08-29 18:05:06.000000000 +0900 ++++ lib/cgi.rb +@@ -823,10 +823,13 @@ convert string charset, and set language + end + + c = if bufsize < content_length +- stdinput.read(bufsize) or '' ++ stdinput.read(bufsize) + else +- stdinput.read(content_length) or '' ++ stdinput.read(content_length) + end ++ if c.nil? ++ raise EOFError, "bad content body" ++ end + buf += c + content_length -= c.size + |