From d456071e6831458518a3d01c3ef9131d9e48258f Mon Sep 17 00:00:00 2001 From: taca Date: Fri, 3 Nov 2006 05:36:23 +0000 Subject: Add patch to cgi.rb for fixing security problem (CVE-2006-5467). Bump PKGREVISION. --- lang/ruby18-base/Makefile | 4 ++-- lang/ruby18-base/distinfo | 3 ++- lang/ruby18-base/patches/patch-bl | 13 +++++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 lang/ruby18-base/patches/patch-bl (limited to 'lang/ruby18-base') diff --git a/lang/ruby18-base/Makefile b/lang/ruby18-base/Makefile index 4473593c5f1..2776e622176 100644 --- a/lang/ruby18-base/Makefile +++ b/lang/ruby18-base/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.27 2006/10/29 02:45:42 taca Exp $ +# $NetBSD: Makefile,v 1.28 2006/11/03 05:36:23 taca Exp $ # DISTNAME= ${RUBY_DISTNAME} PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang ruby MASTER_SITES= ${MASTER_SITE_RUBY} diff --git a/lang/ruby18-base/distinfo b/lang/ruby18-base/distinfo index 64199dcdde9..ba22f5b1afe 100644 --- a/lang/ruby18-base/distinfo +++ b/lang/ruby18-base/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2006/10/29 02:45:42 taca Exp $ +$NetBSD: distinfo,v 1.16 2006/11/03 05:36:23 taca Exp $ SHA1 (ruby-1.8.5-base-20060906.patch.bz2) = 99c283e6d9df4f90ab6d765041b91d37c70dd3ee RMD160 (ruby-1.8.5-base-20060906.patch.bz2) = 3b51a6b1d9badd76dc50735971411fa0800d2e85 @@ -9,3 +9,4 @@ Size (ruby-1.8.5.tar.gz) = 4438603 bytes SHA1 (patch-aa) = c5413c506b93657d909bc3cbdcdb51e7c216491e SHA1 (patch-ab) = a1a76abd093a08e76be61678febd5f8c8cba164d SHA1 (patch-ae) = dfa9c5296c75f6193c790fca8d3eb15ad4a9f228 +SHA1 (patch-bl) = cfb31ebef08aebf9ce3bc6e44c83e1727950ef76 diff --git a/lang/ruby18-base/patches/patch-bl b/lang/ruby18-base/patches/patch-bl new file mode 100644 index 00000000000..1e732a78f4d --- /dev/null +++ b/lang/ruby18-base/patches/patch-bl @@ -0,0 +1,13 @@ +$NetBSD: patch-bl,v 1.3 2006/11/03 05:36:23 taca Exp $ + +--- lib/cgi.rb.orig 2006-11-02 22:44:37.000000000 +0900 ++++ lib/cgi.rb +@@ -1018,7 +1018,7 @@ class CGI + else + stdinput.read(content_length) + end +- if c.nil? ++ if c.nil? || c.empty? + raise EOFError, "bad content body" + end + buf.concat(c) -- cgit v1.2.3