pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/ruby-http Update ruby-http to 0.7.3, security fix.
details: https://anonhg.NetBSD.org/pkgsrc/rev/b79d9e954612
branches: trunk
changeset: 649022:b79d9e954612
user: taca <taca%pkgsrc.org@localhost>
date: Sat Mar 28 04:32:15 2015 +0000
description:
Update ruby-http to 0.7.3, security fix.
## 0.7.3 (2015-03-24)
* SECURITY FIX: http.rb failed to call the #post_connection_check method
on SSL connections. This method implements hostname verification, and
without it http.rb was vulnerable to MitM attacks. The problem was
corrected by calling #post_connection_check (CVE-2015-1828)
diffstat:
www/ruby-http/Makefile | 4 ++--
www/ruby-http/PLIST | 8 +++++++-
www/ruby-http/distinfo | 8 ++++----
3 files changed, 13 insertions(+), 7 deletions(-)
diffs (50 lines):
diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/Makefile
--- a/www/ruby-http/Makefile Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/Makefile Sat Mar 28 04:32:15 2015 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.4 2015/03/03 13:20:18 taca Exp $
+# $NetBSD: Makefile,v 1.5 2015/03/28 04:32:15 taca Exp $
#
-DISTNAME= http-0.7.2
+DISTNAME= http-0.7.3
CATEGORIES= www
MAINTAINER= tsutsui%NetBSD.org@localhost
diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/PLIST
--- a/www/ruby-http/PLIST Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/PLIST Sat Mar 28 04:32:15 2015 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2015/02/05 15:36:01 taca Exp $
+@comment $NetBSD: PLIST,v 1.5 2015/03/28 04:32:15 taca Exp $
${GEM_HOME}/cache/${GEM_NAME}.gem
${GEM_LIBDIR}/.coveralls.yml
${GEM_LIBDIR}/.gitignore
@@ -55,8 +55,14 @@
${GEM_LIBDIR}/spec/lib/http/response_spec.rb
${GEM_LIBDIR}/spec/lib/http_spec.rb
${GEM_LIBDIR}/spec/spec_helper.rb
+${GEM_LIBDIR}/spec/support/black_hole.rb
${GEM_LIBDIR}/spec/support/capture_warning.rb
+${GEM_LIBDIR}/spec/support/create_certs.rb
+${GEM_LIBDIR}/spec/support/dummy_server.rb
+${GEM_LIBDIR}/spec/support/dummy_server/servlet.rb
${GEM_LIBDIR}/spec/support/example_server.rb
${GEM_LIBDIR}/spec/support/example_server/servlet.rb
${GEM_LIBDIR}/spec/support/proxy_server.rb
+${GEM_LIBDIR}/spec/support/servers/config.rb
+${GEM_LIBDIR}/spec/support/servers/runner.rb
${GEM_HOME}/specifications/${GEM_NAME}.gemspec
diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/distinfo
--- a/www/ruby-http/distinfo Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/distinfo Sat Mar 28 04:32:15 2015 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4 2015/03/03 13:20:18 taca Exp $
+$NetBSD: distinfo,v 1.5 2015/03/28 04:32:15 taca Exp $
-SHA1 (http-0.7.2.gem) = f91b6614a24a7eb450e62dea47de8f0608c370b6
-RMD160 (http-0.7.2.gem) = e15343d62b2ce6ad92d03a6c953c8d4350c22403
-Size (http-0.7.2.gem) = 52736 bytes
+SHA1 (http-0.7.3.gem) = ba3d8e819bc8ff0b111ea62cd4d23a8e3983e9ee
+RMD160 (http-0.7.3.gem) = 1c0a3f4e5006976f900350cf532e590de22d4254
+Size (http-0.7.3.gem) = 54784 bytes
Home |
Main Index |
Thread Index |
Old Index