pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang/ruby18-base
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 20 15:39:29 UTC 2008
Modified Files:
pkgsrc/lang/ruby18-base: distinfo
pkgsrc/lang/ruby18-base/patches: patch-aa patch-ab
Log Message:
Update Ruby 1.8.7 patchlevel 22.
This is security fix:
http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
Fri Jun 20 18:25:18 2008 Nobuyoshi Nakada <nobu%ruby-lang.org@localhost>
* string.c (rb_str_buf_append): should infect.
Fri Jun 20 16:33:09 2008 Nobuyoshi Nakada <nobu%ruby-lang.org@localhost>
* array.c (rb_ary_store, rb_ary_splice): not depend on unspecified
behavior at integer overflow.
* string.c (str_buf_cat): ditto.
Wed Jun 18 22:24:46 2008 URABE Shyouhei <shyouhei%ruby-lang.org@localhost>
* array.c (ary_new, rb_ary_initialize, rb_ary_store,
rb_ary_aplice, rb_ary_times): integer overflows should be
checked. based on patches from Drew Yao <ayao at apple.com>
fixed CVE-2008-2726
* string.c (rb_str_buf_append): fixed unsafe use of alloca,
which led memory corruption. based on a patch from Drew Yao
<ayao at apple.com> fixed CVE-2008-2726
* sprintf.c (rb_str_format): backported from trunk.
* intern.h: ditto.
Tue Jun 17 15:09:46 2008 Nobuyoshi Nakada <nobu%ruby-lang.org@localhost>
* file.c (file_expand_path): no need to expand root path which has no
short file name. [ruby-dev:35095]
Sun Jun 15 19:27:40 2008 Akinori MUSHA <knu%iDaemons.org@localhost>
* configure.in: Fix $LOAD_PATH. Properly expand vendor_ruby
directories; submitted by Takahiro Kambe <taca at
back-street.net> in [ruby-dev:35099].
To generate a diff of this commit:
cvs rdiff -r1.28 -r1.29 pkgsrc/lang/ruby18-base/distinfo
cvs rdiff -r1.11 -r1.12 pkgsrc/lang/ruby18-base/patches/patch-aa \
pkgsrc/lang/ruby18-base/patches/patch-ab
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index