pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/lang/ruby18-base Update ruby18-base to 1.8.7.71.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/3d5b131c2bf9
branches:  trunk
changeset: 545579:3d5b131c2bf9
user:      taca <taca%pkgsrc.org@localhost>
date:      Fri Aug 08 12:42:44 2008 +0000

description:
Update ruby18-base to 1.8.7.71.

pkgsrc change:

        Apply fix for sunpro compilre, provided by PR pkg/37771 from
        Naoto Morishima.


This release includes fix for multiple vulnerabilities.

http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

        * Several vulnerabilities in safe level
        * DoS vulnerability in WEBrick
        * Lack of taintness check in dl
        * DNS spoofing vulnerability in resolv.rb

Full changes are too many, please refer ChangeLog file.

diffstat:

 lang/ruby18-base/Makefile         |   6 +++---
 lang/ruby18-base/distinfo         |   9 ++++-----
 lang/ruby18-base/patches/patch-ad |  20 --------------------
 3 files changed, 7 insertions(+), 28 deletions(-)

diffs (67 lines):

diff -r 5e5f53d8795d -r 3d5b131c2bf9 lang/ruby18-base/Makefile
--- a/lang/ruby18-base/Makefile Fri Aug 08 12:38:59 2008 +0000
+++ b/lang/ruby18-base/Makefile Fri Aug 08 12:42:44 2008 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.45 2008/07/03 21:06:10 tonnerre Exp $
+# $NetBSD: Makefile,v 1.46 2008/08/08 12:42:44 taca Exp $
 #
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX}
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
-PKGREVISION=   1
+#PKGREVISION=
 
 MAINTAINER=    taca%NetBSD.org@localhost
 HOMEPAGE=      ${RUBY_HOMEPAGE}
@@ -36,7 +36,7 @@
 .if !empty(PKGSRC_COMPILER:Msunpro)
 LIBS.SunOS+=   -B static -lsunmath -B dynamic -lm
 LDFLAGS.SunOS+=        -L${SUNWSPROBASE}/lib -Wl,-R${SUNWSPROBASE}/lib
-MAKE_FLAGS+=   LDSHARED="${CC} -G"
+CONFIGURE_ENV+=        LDSHARED="${CC} -G"
 .else
 LIBS.SunOS+=   -lm
 .endif
diff -r 5e5f53d8795d -r 3d5b131c2bf9 lang/ruby18-base/distinfo
--- a/lang/ruby18-base/distinfo Fri Aug 08 12:38:59 2008 +0000
+++ b/lang/ruby18-base/distinfo Fri Aug 08 12:42:44 2008 +0000
@@ -1,9 +1,8 @@
-$NetBSD: distinfo,v 1.31 2008/07/03 21:06:10 tonnerre Exp $
+$NetBSD: distinfo,v 1.32 2008/08/08 12:42:44 taca Exp $
 
-SHA1 (ruby-1.8.7-p22.tar.bz2) = a54e59393f0ca8fcc39f9e23e63a04b1cd4e3b7a
-RMD160 (ruby-1.8.7-p22.tar.bz2) = 249253406204151d9448ec43ddc61712556ae023
-Size (ruby-1.8.7-p22.tar.bz2) = 4121532 bytes
+SHA1 (ruby-1.8.7-p71.tar.bz2) = 5ac1e6dec35a2b38f1f244f9d1a7b9b4c6c788bd
+RMD160 (ruby-1.8.7-p71.tar.bz2) = cd1a6c9dc2595e1d11c8a880f822928f5ed0a180
+Size (ruby-1.8.7-p71.tar.bz2) = 4127519 bytes
 SHA1 (patch-aa) = 59f4462dada7e7b00c7a773c8a95454f3dc4f994
 SHA1 (patch-ab) = 239872c5faf95c05d2a94fe5f40af5b8541423c7
 SHA1 (patch-ac) = eb4dd068729ba2a2c7d4d659f6bcdb1410227f3b
-SHA1 (patch-ad) = 289682b47332eec16cc88e4f8ff7b5a6be0d75e7
diff -r 5e5f53d8795d -r 3d5b131c2bf9 lang/ruby18-base/patches/patch-ad
--- a/lang/ruby18-base/patches/patch-ad Fri Aug 08 12:38:59 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
-$NetBSD: patch-ad,v 1.9 2008/07/03 21:06:10 tonnerre Exp $
-
-Avoid memory size integer overflow memory exhaustion DoS in filling
-arrays (SN-2008-02).
-
---- array.c.orig       2008-07-03 22:56:32.000000000 +0200
-+++ array.c
-@@ -2416,10 +2416,10 @@ rb_ary_fill(argc, argv, ary)
-       break;
-     }
-     rb_ary_modify(ary);
--    end = beg + len;
--    if (end < 0) {
-+    if (beg >= ARY_MAX_SIZE || len > ARY_MAX_SIZE - beg) {
-       rb_raise(rb_eArgError, "argument too big");
-     }
-+    end = beg + len;
-     if (end > RARRAY(ary)->len) {
-       if (end >= RARRAY(ary)->aux.capa) {
-           REALLOC_N(RARRAY(ary)->ptr, VALUE, end);



Home | Main Index | Thread Index | Old Index