From dd62649d25bb1b97c75475d6185db4d434b33b64 Mon Sep 17 00:00:00 2001 From: tron Date: Wed, 17 Sep 2008 10:41:37 +0000 Subject: Pullup ticket #2528 - requested by taca ruby18-base: security patch Revisions pulled up: - lang/ruby18-base/Makefile 1.47 - lang/ruby18-base/distinfo 1.34 - lang/ruby18-base/patches/patch-dg 1.5 - lang/ruby18-base/patches/patch-dh 1.3 --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 14 05:17:18 UTC 2008 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Added Files: pkgsrc/lang/ruby18-base/patches: patch-dg patch-dh Log Message: Add fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 (http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/) from ruby_1_8 branch. Bump PKGREVISION. --- lang/ruby18-base/Makefile | 3 ++- lang/ruby18-base/distinfo | 4 +++- lang/ruby18-base/patches/patch-dg | 43 +++++++++++++++++++++++++++++++++++++++ lang/ruby18-base/patches/patch-dh | 15 ++++++++++++++ 4 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 lang/ruby18-base/patches/patch-dg create mode 100644 lang/ruby18-base/patches/patch-dh diff --git a/lang/ruby18-base/Makefile b/lang/ruby18-base/Makefile index 1a2a2c2add4..e1f64efec57 100644 --- a/lang/ruby18-base/Makefile +++ b/lang/ruby18-base/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.45.4.1 2008/08/08 14:37:50 ghen Exp $ +# $NetBSD: Makefile,v 1.45.4.2 2008/09/17 10:41:37 tron Exp $ # DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX} +PKGREVISION= 1 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} #PKGREVISION= diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index f68cd6278c9..e5efbe065ad 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.31.4.2 2008/08/12 11:22:11 rtr Exp $ +$NetBSD: distinfo,v 1.31.4.3 2008/09/17 10:41:38 tron Exp $ SHA1 (ruby-1.8.7-p72.tar.bz2) = 462e990a724580e4dfeeac5a271b93f6cfcbf5c7 RMD160 (ruby-1.8.7-p72.tar.bz2) = 07bf0d6987ba111aed988093c569fb66ba54891b @@ -6,3 +6,5 @@ Size (ruby-1.8.7-p72.tar.bz2) = 4127450 bytes SHA1 (patch-aa) = 59f4462dada7e7b00c7a773c8a95454f3dc4f994 SHA1 (patch-ab) = 239872c5faf95c05d2a94fe5f40af5b8541423c7 SHA1 (patch-ac) = eb4dd068729ba2a2c7d4d659f6bcdb1410227f3b +SHA1 (patch-dg) = 6c92da2111af7dd09d9cc28d1d82612ead14283e +SHA1 (patch-dh) = ac637345ee171892b551f34d0deb65f238060c7c diff --git a/lang/ruby18-base/patches/patch-dg b/lang/ruby18-base/patches/patch-dg new file mode 100644 index 00000000000..843e041ec45 --- /dev/null +++ b/lang/ruby18-base/patches/patch-dg @@ -0,0 +1,43 @@ +$NetBSD: patch-dg,v 1.4.2.1 2008/09/17 10:41:38 tron Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790. +(http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/) + +--- lib/rexml/document.rb.orig 2008-06-06 17:05:24.000000000 +0900 ++++ lib/rexml/document.rb +@@ -32,6 +32,7 @@ module REXML + # @param context if supplied, contains the context of the document; + # this should be a Hash. + def initialize( source = nil, context = {} ) ++ @entity_expansion_count = 0 + super() + @context = context + return if source.nil? +@@ -200,6 +201,27 @@ module REXML + Parsers::StreamParser.new( source, listener ).parse + end + ++ @@entity_expansion_limit = 10_000 ++ ++ # Set the entity expansion limit. By default the limit is set to 10000. ++ def Document::entity_expansion_limit=( val ) ++ @@entity_expansion_limit = val ++ end ++ ++ # Get the entity expansion limit. By default the limit is set to 10000. ++ def Document::entity_expansion_limit ++ return @@entity_expansion_limit ++ end ++ ++ attr_reader :entity_expansion_count ++ ++ def record_entity_expansion ++ @entity_expansion_count += 1 ++ if @entity_expansion_count > @@entity_expansion_limit ++ raise "number of entity expansions exceeded, processing aborted." ++ end ++ end ++ + private + def build( source ) + Parsers::TreeParser.new( source, self ).parse diff --git a/lang/ruby18-base/patches/patch-dh b/lang/ruby18-base/patches/patch-dh new file mode 100644 index 00000000000..8f9f57b062f --- /dev/null +++ b/lang/ruby18-base/patches/patch-dh @@ -0,0 +1,15 @@ +$NetBSD: patch-dh,v 1.2.8.1 2008/09/17 10:41:38 tron Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790. +(http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/) + +--- lib/rexml/entity.rb.orig 2008-04-18 16:22:13.000000000 +0900 ++++ lib/rexml/entity.rb +@@ -73,6 +73,7 @@ module REXML + # all entities -- both %ent; and &ent; entities. This differs from + # +value()+ in that +value+ only replaces %ent; entities. + def unnormalized ++ document.record_entity_expansion + v = value() + return nil if v.nil? + @unnormalized = Text::unnormalize(v, parent) -- cgit v1.2.3