CVS commit: pkgsrc/lang

["Takahiro Kambe" <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Dec 28 16:40:07 UTC 2011

Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby18-base: Makefile distinfo
        pkgsrc/lang/ruby18-base/patches: patch-ew

Log Message:
Update ruby18-base package to 1.8.7.357.
It contains security fix for CVE-2011-4815 (DoS).

Wed Dec 28 21:34:23 2011  URABE Shyouhei  <shyouhei%ruby-lang.org@localhost>

        * string.c (rb_str_hash): randomize hash to avoid algorithmic
          complexity attacks. CVE-2011-4815

        * st.c (strhash): ditto.

        * string.c (Init_String): initialization of hash_seed to be at the
          beginning of the process.

        * st.c (Init_st): ditto.

Thu Dec  8 11:57:04 2011  Tanaka Akira  <akr%fsij.org@localhost>

        * inits.c (rb_call_inits): call Init_RandomSeed at first.

        * random.c (seed_initialized): defined.
          (fill_random_seed): extracted from random_seed.
          (make_seed_value): extracted from random_seed.
          (rb_f_rand): initialize random seed at first.
          (initial_seed): defined.
          (Init_RandomSeed): defined.
          (Init_RandomSeed2): defined.
          (rb_reset_random_seed): defined.
          (Init_Random): call Init_RandomSeed2.

Sat Dec 10 20:44:23 2011  Tanaka Akira  <akr%fsij.org@localhost>

        * lib/securerandom.rb: call OpenSSL::Random.seed at the
          SecureRandom.random_bytes call.
          insert separators for array join.
          patch by Masahiro Tomita.  [ruby-dev:44270]

Mon Oct 17 04:20:22 2011  Nobuyoshi Nakada  <nobu%ruby-lang.org@localhost>

        * mkconfig.rb: fix for continued lines.  based on a patch from
          Marcus Rueckert <darix AT opensu.se> at [ruby-core:20420].

Mon Oct 17 04:19:39 2011  Yukihiro Matsumoto  <matz%ruby-lang.org@localhost>

        * numeric.c (flo_cmp): Infinity is greater than any bignum
          number.  [ruby-dev:38672]

        * bignum.c (rb_big_cmp): ditto.

Mon Oct 17 03:56:12 2011  Yusuke Endoh  <mame%tsg.ne.jp@localhost>

        * ext/openssl/ossl_x509store.c (ossl_x509store_initialize): initialize
          store->ex_data.sk.  [ruby-core:28907] [ruby-core:23971]
          [ruby-core:18121]


To generate a diff of this commit:
cvs rdiff -u -r1.69 -r1.70 pkgsrc/lang/ruby/rubyversion.mk
cvs rdiff -u -r1.67 -r1.68 pkgsrc/lang/ruby18-base/Makefile
cvs rdiff -u -r1.50 -r1.51 pkgsrc/lang/ruby18-base/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/ruby18-base/patches/patch-ew

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.