From 9c61049ab38390580a2433276256e556ac2c0b52 Mon Sep 17 00:00:00 2001 From: taca Date: Tue, 12 Feb 2013 15:30:42 +0000 Subject: Add fix for CVE-2013-0276. Bump PKGREVISION. --- devel/ruby-activemodel/Makefile | 3 ++- devel/ruby-activemodel/distinfo | 3 ++- .../patches/patch-lib_active__model_attribute__methods.rb | 15 +++++++++++++++ 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb (limited to 'devel') diff --git a/devel/ruby-activemodel/Makefile b/devel/ruby-activemodel/Makefile index edf3ec5782b..9d0fb90717c 100644 --- a/devel/ruby-activemodel/Makefile +++ b/devel/ruby-activemodel/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.11 2012/06/14 14:48:35 taca Exp $ +# $NetBSD: Makefile,v 1.12 2013/02/12 15:30:42 taca Exp $ DISTNAME= activemodel-${RUBY_RAILS_VERSION} +PKGREVISION= 1 CATEGORIES= devel MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/devel/ruby-activemodel/distinfo b/devel/ruby-activemodel/distinfo index df741a31db0..70b24dfc4c9 100644 --- a/devel/ruby-activemodel/distinfo +++ b/devel/ruby-activemodel/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.18 2013/01/29 15:38:40 taca Exp $ +$NetBSD: distinfo,v 1.19 2013/02/12 15:30:42 taca Exp $ SHA1 (activemodel-3.0.20.gem) = 80c7d881ed64ed7a66f4d82b12c2b98b43f6fbde RMD160 (activemodel-3.0.20.gem) = 20c74da6d7a173a5d5a252a138afa5b132f9a7b9 Size (activemodel-3.0.20.gem) = 38912 bytes +SHA1 (patch-lib_active__model_attribute__methods.rb) = a7b24bc83c4142a2b3955e24c4aa4bdeb4ce77eb diff --git a/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb new file mode 100644 index 00000000000..73ee0524893 --- /dev/null +++ b/devel/ruby-activemodel/patches/patch-lib_active__model_attribute__methods.rb @@ -0,0 +1,15 @@ +$NetBSD$ + +Fix for CVE-2013-0276. + +--- lib/active_model/attribute_methods.rb.orig 2013-02-12 15:27:17.000000000 +0000 ++++ lib/active_model/attribute_methods.rb +@@ -347,7 +347,7 @@ module ActiveModel + def initialize(options = {}) + options.symbolize_keys! + @prefix, @suffix = options[:prefix] || '', options[:suffix] || '' +- @regex = /^(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})$/ ++ @regex = /\A(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})\z/ + end + + def match(method_name) -- cgit v1.2.3