rpm/ruby
SHA256
1
0
Fork 0
forked from pool/ruby
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ruby?expand=0&rev=2

Browse Source
This commit is contained in:
OBS User unknown 2007-02-23 16:11:35 +00:00 committed by Git OBS Bridge
parent 00d9807f83
commit 4f5aa2f5f3
13 changed files with 192 additions and 302 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cgi_multipart_eof_fix.patch
View File

@ -1,11 +0,0 @@
--- lib/cgi.rb 2005-10-06 19:01:22.000000000 -0600
+++ lib/cgi.rb 2006-09-22 16:38:08.000000000 -0600
@@ -1017,7 +1017,7 @@
else
stdinput.read(content_length)
end
- if c.nil?
+ if c.nil? || c.empty?
raise EOFError, "bad content body"
end
buf.concat(c)

36
ruby-1.8.4-fix-alias-safe-level.patch
View File

@ -1,36 +0,0 @@
diff -ruN ruby-1.8.4.orig/eval.c ruby-1.8.4/eval.c
--- ruby-1.8.4.orig/eval.c 2005-12-20 22:41:47.000000000 +0900
+++ ruby-1.8.4/eval.c 2006-07-20 18:33:50.000000000 +0900
@@ -2097,7 +2097,8 @@
}
}
st_insert(RCLASS(klass)->m_tbl, name,
- (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), orig->nd_noex));
+ (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin),
+ NOEX_WITH_SAFE(orig->nd_noex)));
if (singleton) {
rb_funcall(singleton, singleton_added, 1, ID2SYM(name));
}
@@ -5638,6 +5639,11 @@
TMP_PROTECT;
volatile int safe = -1;
+ if (NOEX_SAFE(flags) > ruby_safe_level &&
+ !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
+ rb_raise(rb_eSecurityError, "calling insecure method: %s",
+ rb_id2name(id));
+ }
switch (ruby_iter->iter) {
case ITER_PRE:
case ITER_PAS:
@@ -5742,10 +5748,6 @@
b2 = body = body->nd_next;
if (NOEX_SAFE(flags) > ruby_safe_level) {
- if (!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
- rb_raise(rb_eSecurityError, "calling insecure method: %s",
- rb_id2name(id));
- }
safe = ruby_safe_level;
ruby_safe_level = NOEX_SAFE(flags);
}

31
ruby-1.8.4-fix-insecure-dir-operation.patch
View File

@ -1,31 +0,0 @@
diff -ruN ruby-1.8.4.orig/dir.c ruby-1.8.4/dir.c
--- ruby-1.8.4.orig/dir.c 2005-09-14 22:40:58.000000000 +0900
+++ ruby-1.8.4/dir.c 2006-07-19 22:14:05.000000000 +0900
@@ -325,7 +325,17 @@
rb_raise(rb_eIOError, "closed directory");
}
+static void
+dir_check(dir)
+ VALUE dir;
+{
+ if (!OBJ_TAINTED(dir) && rb_safe_level() >= 4)
+ rb_raise(rb_eSecurityError, "Insecure: operation on untainted Dir");
+ rb_check_frozen(dir);
+}
+
#define GetDIR(obj, dirp) do {\
+ dir_check(dir);\
Data_Get_Struct(obj, struct dir_data, dirp);\
if (dirp->dir == NULL) dir_closed();\
} while (0)
@@ -536,6 +546,9 @@
{
struct dir_data *dirp;
+ if (rb_safe_level() >= 4 && !OBJ_TAINTED(dir)) {
+ rb_raise(rb_eSecurityError, "Insecure: can't close");
+ }
GetDIR(dir, dirp);
closedir(dirp->dir);
dirp->dir = NULL;

66
ruby-1.8.4-fix-insecure-regexp-modification.patch
View File

@ -1,66 +0,0 @@
diff -ruN ruby-1.8.4.orig/re.c ruby-1.8.4/re.c
--- ruby-1.8.4.orig/re.c 2005-12-13 12:27:51.000000000 +0900
+++ ruby-1.8.4/re.c 2006-07-19 18:07:59.000000000 +0900
@@ -70,10 +70,11 @@
#endif
int
-rb_memcicmp(p1, p2, len)
- char *p1, *p2;
+rb_memcicmp(x, y, len)
+ const void *x, *y;
long len;
{
+ const unsigned char *p1 = x, *p2 = y;
int tmp;
while (len--) {
@@ -85,7 +86,7 @@
int
rb_memcmp(p1, p2, len)
- char *p1, *p2;
+ const void *p1, *p2;
long len;
{
if (!ruby_ignorecase) {
@@ -96,11 +97,11 @@
long
rb_memsearch(x0, m, y0, n)
- char *x0, *y0;
+ const void *x0, *y0;
long m, n;
{
- unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0;
- unsigned char *s, *e;
+ const unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0;
+ const unsigned char *s, *e;
long i;
int d;
unsigned long hx, hy;
@@ -1332,6 +1333,8 @@
{
struct RRegexp *re = RREGEXP(obj);
+ if (!OBJ_TAINTED(obj) && rb_safe_level() >= 4)
+ rb_raise(rb_eSecurityError, "Insecure: can't modify regexp");
if (re->ptr) re_free_pattern(re->ptr);
if (re->str) free(re->str);
re->ptr = 0;
diff -ruN ruby-1.8.4.orig/intern.h ruby-1.8.4/intern.h
--- ruby-1.8.4.orig/intern.h 2006-07-19 18:13:49.000000000 +0900
+++ ruby-1.8.4/intern.h 2006-07-19 18:20:34.000000000 +0900
@@ -353,9 +353,9 @@
VALUE rb_range_beg_len _((VALUE, long*, long*, long, int));
VALUE rb_length_by_each _((VALUE));
/* re.c */
-int rb_memcmp _((char*,char*,long));
-int rb_memcicmp _((char*,char*,long));
-long rb_memsearch _((char*,long,char*,long));
+int rb_memcmp _((const void*,const void*,long));
+int rb_memcicmp _((const void*,const void*,long));
+long rb_memsearch _((const void*,long,const void*,long));
VALUE rb_reg_nth_defined _((int, VALUE));
VALUE rb_reg_nth_match _((int, VALUE));
VALUE rb_reg_last_match _((VALUE));

93
ruby-1.8.4-no-eaccess.diff
View File

@ -1,93 +0,0 @@
see bug:
http://rubyforge.org/tracker/?func=detail&atid=1698&aid=3317&group_id=426
adapted patch from:
http://www.atdot.net/~ko1/w3ml/w3ml.cgi/ruby-cvs/msg/16358
Index: ChangeLog
===================================================================
--- ChangeLog.orig
+++ ChangeLog
@@ -1,3 +1,8 @@
+Wed Jan 25 22:29:04 2006 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * configure.in, dln.c, file.c, intern.h, missing.h (eaccess): use
+ system routine if provided. fixed: [ruby-core:07195]
+
Sat Dec 24 18:58:14 2005 Yukihiro Matsumoto <matz@ruby-lang.org>
* stable version 1.8.4 released.
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -437,7 +437,7 @@ AC_CHECK_FUNCS(ftello)
AC_REPLACE_FUNCS(dup2 memmove strcasecmp strncasecmp strerror strftime\
strchr strstr strtoul crypt flock vsnprintf\
isnan finite isinf hypot acosh erf)
-AC_CHECK_FUNCS(fmod killpg wait4 waitpid syscall chroot fsync getcwd\
+AC_CHECK_FUNCS(fmod killpg wait4 waitpid syscall chroot fsync getcwd eaccess\
truncate chsize times utimes fcntl lockf lstat symlink link\
readlink setitimer setruid seteuid setreuid setresuid\
setproctitle setrgid setegid setregid setresgid issetugid pause\
Index: dln.c
===================================================================
--- dln.c.orig
+++ dln.c
@@ -89,8 +89,6 @@ char *getenv();
# include <image.h>
#endif
-int eaccess();
-
#ifndef NO_DLN_LOAD
#if defined(HAVE_DLOPEN) && !defined(USE_DLN_A_OUT) && !defined(_AIX) && !defined(__APPLE__) && !defined(_UNICOSMP)
Index: file.c
===================================================================
--- file.c.orig
+++ file.c
@@ -849,6 +849,7 @@ group_member(gid)
# define S_IXUGO (S_IXUSR | S_IXGRP | S_IXOTH)
#endif
+#if !defined(HAVE_EACCESS) || !(defined(__USE_GNU) && (__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 4))
int
eaccess(path, mode)
const char *path;
@@ -887,6 +888,7 @@ eaccess(path, mode)
return access(path, mode);
#endif
}
+#endif
/*
Index: intern.h
===================================================================
--- intern.h.orig
+++ intern.h
@@ -221,7 +221,6 @@ VALUE rb_thread_local_aset _((VALUE, ID,
void rb_thread_atfork _((void));
VALUE rb_funcall_rescue __((VALUE, ID, int, ...));
/* file.c */
-int eaccess _((const char*, int));
VALUE rb_file_s_expand_path _((int, VALUE *));
VALUE rb_file_expand_path _((VALUE, VALUE));
void rb_file_const _((const char*, VALUE));
Index: missing.h
===================================================================
--- missing.h.orig
+++ missing.h
@@ -39,6 +39,10 @@ extern char *crypt _((char *, char *));
extern int dup2 _((int, int));
#endif
+#if !defined(HAVE_EACCESS) || !(defined(__USE_GNU) && (__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 4))
+extern int eaccess(const char*, int);
+#endif
+
#ifndef HAVE_FINITE
extern int finite _((double));
#endif

13
ruby-1.8.4-warnings.patch
View File

@ -1,13 +0,0 @@
Index: file.c
===================================================================
--- file.c.orig
+++ file.c
@@ -1692,7 +1692,7 @@
const char *path;
void *mode;
{
- if (chmod(path, (int)mode) < 0)
+ if (chmod(path, (intptr_t)mode) < 0)
rb_sys_fail(path);
}

3
ruby-1.8.5-p12.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7775cef022f5788fa6c1c65f638860676b63fbdcb6a57873e71fc6b3a4143afe
size 3859578

12
ruby-1.8.1-lib64.diff → ruby-1.8.5.p12-lib64.diff
View File

@ -1,8 +1,8 @@
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -1117,7 +1117,7 @@
--- configure.in.orig 2006-12-06 11:58:08.000000000 +0100
+++ configure.in 2007-02-12 16:52:09.790878221 +0100
@@ -1183,7 +1183,7 @@ rb_cv_missing_fconvert=yes, rb_cv_missin
if test "$rb_cv_missing_fconvert" = yes; then
AC_DEFINE(MISSING_FCONVERT)
fi
@ -11,7 +11,7 @@ Index: configure.in
CFLAGS="$CFLAGS -fansi-only"
XCFLAGS="$XCFLAGS -cc1-stack=262144 -cpp-stack=2694144"
EXEEXT=.x
@@ -1438,7 +1438,7 @@
@@ -1510,7 +1510,7 @@ case "$target_os" in
RUBY_LIB_PREFIX="/lib/ruby"
;;
*)
@ -20,12 +20,12 @@ Index: configure.in
;;
esac
RUBY_LIB_PATH="${RUBY_LIB_PREFIX}/${MAJOR}.${MINOR}"
@@ -1446,7 +1446,7 @@
@@ -1518,7 +1518,7 @@ RUBY_LIB_PATH="${RUBY_LIB_PREFIX}/${MAJO
AC_ARG_WITH(sitedir,
[ --with-sitedir=DIR site libraries in DIR [PREFIX/lib/ruby/site_ruby]],
[sitedir=$withval],
- [sitedir='${prefix}/lib/ruby/site_ruby'])
+ [sitedir='${libdir}/ruby/site_ruby'])
SITE_DIR="`eval \"echo ${sitedir}\"`"
SITE_DIR=`eval echo \\"${sitedir}\\"`
case "$target_os" in
cygwin*|mingw*|*djgpp*|os2-emx*)

3
ruby-1.8.5.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b8ed3157a1387ced7b7d3a88318ee7b38498075e443677406dbfadcc810d844f
size 3851318

77
ruby-1.8.x-autoconf_2.61a.patch Normal file
View File

@ -0,0 +1,77 @@
Tue Jan 30 12:05:35 2007 Nobuyoshi Nakada <nobu@ruby-lang.org>
* mkconfig.rb: autoconf 2.61 support. [ruby-core:10016]
Index: mkconfig.rb
===================================================================
--- mkconfig.rb.orig 2006-06-25 16:03:10.000000000 +0200
+++ mkconfig.rb 2007-02-12 17:53:24.000000000 +0100
@@ -36,12 +36,39 @@ v_fast = []
v_others = []
vars = {}
has_version = false
+continued_name = nil
+continued_line = nil
File.foreach "config.status" do |line|
next if /^#/ =~ line
- if /^s([%,])@(\w+)@\1(?:\|\#_!!_\#\|)?(.*)\1/ =~ line
+ name = nil
+ case line
+ when /^s([%,])@(\w+)@\1(?:\|\#_!!_\#\|)?(.*)\1/
name = $2
val = $3.gsub(/\\(?=,)/, '')
- next if /^(?:ac_.*|DEFS|configure_input)$/ =~ name
+ when /^S\["(\w+)"\]\s*=\s*"(.*)"\s*(\\)?$/
+ name = $1
+ val = $2
+ if $3
+ continued_line = []
+ continued_line << val
+ continued_name = name
+ next
+ end
+ when /^"(.+)"\s*(\\)?$/
+ if continued_line
+ continued_line << $1
+ unless $2
+ val = continued_line.join("")
+ name = continued_name
+ continued_line = nil
+ end
+ end
+ when /^(?:ac_given_)?INSTALL=(.*)/
+ v_fast << " CONFIG[\"INSTALL\"] = " + $1 + "\n"
+ end
+
+ if name
+ next if /^(?:ac_.*|DEFS|configure_input|(?:top_)?srcdir|\w+OBJS)$/ =~ name
next if /^\$\(ac_\w+\)$/ =~ val
next if /^\$\{ac_\w+\}$/ =~ val
next if /^\$ac_\w+$/ =~ val
@@ -54,6 +81,7 @@ File.foreach "config.status" do |line|
name = "ruby_install_name"
val = "ruby".sub(/#{ptn[0]}/, ptn[1])
end
+ val.gsub!(/ +(?!-)/, "=") if name == "configure_args" && /mswin32/ =~ RUBY_PLATFORM
val = val.gsub(/\$(?:\$|\{?(\w+)\}?)/) {$1 ? "$(#{$1})" : $&}.dump
if /^prefix$/ =~ name
val = "(TOPDIR || DESTDIR + #{val})"
@@ -66,8 +94,6 @@ File.foreach "config.status" do |line|
v_others << v
end
has_version = true if name == "MAJOR"
- elsif /^(?:ac_given_)?INSTALL=(.*)/ =~ line
- v_fast << " CONFIG[\"INSTALL\"] = " + $1 + "\n"
end
# break if /^CEOF/
end
@@ -105,7 +131,8 @@ if $so_name
v_fast << " CONFIG[\"RUBY_SO_NAME\"] = \"" + $so_name + "\"\n"
end
-print v_fast, v_others
+print(*v_fast)
+print(*v_others)
print <<EOS
CONFIG["ruby_version"] = "$(MAJOR).$(MINOR)"
CONFIG["rubylibdir"] = "$(libdir)/ruby/$(ruby_version)"

11
ruby-fix-autoconf-magic-code.patch
View File

@ -1,11 +0,0 @@
diff -ruN ruby-1.8.4.orig/mkconfig.rb ruby-1.8.4/mkconfig.rb
--- ruby-1.8.4.orig/mkconfig.rb 2006-07-19 20:39:48.000000000 +0900
+++ ruby-1.8.4/mkconfig.rb 2006-07-19 20:40:12.000000000 +0900
@@ -37,6 +37,7 @@
has_version = false
File.foreach "config.status" do |line|
next if /^#/ =~ line
+ line.gsub!(/\|#_!!_#\|/, '')
if /^s[%,]@program_transform_name@[%,]s,(.*)/ =~ line
next if $install_name
ptn = $1.sub(/\$\$/, '$').split(/,/) #'

44
ruby.changes
View File

@ -1,3 +1,47 @@
-------------------------------------------------------------------
-------------------------------------------------------------------
Mon Feb 12 16:53:19 CET 2007 - mrueckert@suse.de
- update to 1.8.5-p12:
* stable version 1.8.5-p12 released.
* ext/tk/tcltklib.c: shouldn't run the killed thread at callback.
[ruby-talk: 227408]
* lib/rdoc/ri/ri_options.rb: prevent NameError. [ruby-dev:29597]
* dir.c (glob_helper): get rid of possible memory leak.
* win32/win32.c (cmdglob, rb_w32_cmdvector, rb_w32_opendir,
rb_w32_get_environ): not to use GC before initialization.
* configure.in (SITE_DIR): fixed to emtpy RUBY_SITE_LIB in
config.h on NetBSD. fixed: [ruby-dev:29358]
* parse.y (dyna_init_gen): dvar initialization only if dvar is
assigned inner block. [ruby-talk:227402]
* stable version 1.8.5-p2 released.
* lib/cgi.rb (CGI::QueryExtension::read_multipart): should
quote boundary. JVN#84798830 (BNC #225983) (CVE-2006-6303)
* bignum.c (bignorm): avoid segmentation. a patch from Hiroyuki
Ito <ZXB01226@nifty.com>. [ruby-list:43012]
* parse.y (primary): should set NODE even when compstmt is NULL.
merge from trunk. fixed: [ruby-dev:29732]
* lib/cgi.rb (CGI::QueryExtension::read_multipart): CGI content
may be empty. a patch from Jamis Buck <jamis at 37signals.com>.
* ext/dbm/extconf.rb: create makefile according to the result of
check for dbm header. fixed: [ruby-dev:29445]
* hash.c (rb_hash_s_create): fixed memory leak, based on the
patch by Kent Sibilev <ksruby at gmail.com>.
fixed: [ruby-talk:211233]
- rediffed ruby-1.8.1-lib64.diff
new name ruby-1.8.5.p12-lib64.diff
- patches included in the update:
cgi_multipart_eof_fix.patch
ruby-1.8.4-fix-alias-safe-level.patch
ruby-1.8.4-fix-insecure-dir-operation.patch
ruby-1.8.4-fix-insecure-regexp-modification.patch
ruby-1.8.4-no-eaccess.diff
ruby-1.8.4-warnings.patch
ruby-fix-autoconf-magic-code.patch
- added ruby-1.8.x-autoconf_2.61a.patch:
config.status changed to awk in 2.61a. adapt mkconfig.rb to the
new syntax.
-------------------------------------------------------------------
Mon Oct 30 18:37:50 CET 2006 - mrueckert@suse.de

94
ruby.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package ruby (Version 1.8.5)
# spec file for package ruby (Version 1.8.5.pl12)
#
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@ -11,11 +11,13 @@
# norootforbuild
Name: ruby
Version: 1.8.5
Release: 8
%define rb_ver %(echo %{version} | sed -e 's/\\\.[0-9]\\\+$//')
Version: 1.8.5.pl12
Release: 1
%define pkg_version 1.8.5
%define patch_level p12
%define rb_ver %(echo %{pkg_version} | sed -e 's/\\\.[0-9]\\\+$//')
#
License: GNU General Public License (GPL) - all versions, Other License(s), see package
License: GNU General Public License (GPL)
Group: Development/Languages/Ruby
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -28,24 +30,18 @@ BuildRequires: xorg-x11-devel xorg-x11-fonts-scalable
Provides: /usr/bin/ruby
#
URL: http://www.ruby-lang.org/
Source0: ruby-%{version}.tar.bz2
Source0: ruby-%{pkg_version}-%{patch_level}.tar.bz2
Source1: irb.1
Source2: ruby-doc-bundle.tar.bz2
Patch0: ruby-1.8.2-gc.diff
Patch1: ruby-1.8.1-lib64.diff
Patch2: ruby-1.8.4-no-eaccess.diff
Patch4: ruby-1.8.2-tcltk-multilib.patch
Patch7: ruby-socket_ipv6.patch
Patch8: ruby-1.8.4-warnings.patch
Patch9: ruby-1.8.5_linkerflags.patch
Patch10: ruby-1.8.4-fix-insecure-dir-operation.patch
Patch11: ruby-1.8.4-fix-insecure-regexp-modification.patch
Patch12: ruby-1.8.4-fix-alias-safe-level.patch
Patch13: ruby-fix-autoconf-magic-code.patch
Patch15: cgi_multipart_eof_fix.patch
Patch1: ruby-1.8.5.p12-lib64.diff
Patch2: ruby-1.8.2-tcltk-multilib.patch
Patch3: ruby-socket_ipv6.patch
Patch4: ruby-1.8.5_linkerflags.patch
# vendor ruby files taken from:
# http://svn.macports.org/repository/macports/trunk/dports/lang/ruby/
Patch14: ruby-1.8.5-vendor_ruby.patch
Patch5: ruby-1.8.5-vendor_ruby.patch
Patch6: ruby-1.8.x-autoconf_2.61a.patch
Source3: site-specific.rb
Source4: vendor-specific.rb
#
@ -195,20 +191,14 @@ Authors:
Yukihiro Matsumoto <matz@netlab.co.jp>
%prep
%setup -q -a2
%setup -q -n ruby-%{pkg_version}-%{patch_level} -a2
%patch0
%patch1
#%patch2
%patch2
%patch3
%patch4
%patch7
#%patch8
%patch9
#%patch10 -p1
#%patch11 -p1
#%patch12 -p1
#%patch13 -p1
%patch14
%patch15
%patch5
%patch6
find . -type f | xargs -n 1 sed -i "s@#!\s*/usr/local/bin/ruby@#!/usr/bin/ruby@"
touch parse.y
@ -219,7 +209,7 @@ export CFLAGS="%{optflags} -g -fno-strict-aliasing"
--with-default-kcode=none \
--with-mantype=man \
--enable-shared \
--enable-static
--disable-static
%{__make} all
%{__make} -C ext/tk/ all
#
@ -462,7 +452,47 @@ mv %{buildroot}%{_datadir}{,/ri/%{rb_ver}}/created.rid
%defattr(-,root,root)
%doc %{_docdir}/%{name}/examples
%changelog -n ruby
%changelog
* Mon Feb 12 2007 - mrueckert@suse.de
- update to 1.8.5-p12:
* stable version 1.8.5-p12 released.
* ext/tk/tcltklib.c: shouldn't run the killed thread at callback.
[ruby-talk: 227408]
* lib/rdoc/ri/ri_options.rb: prevent NameError. [ruby-dev:29597]
* dir.c (glob_helper): get rid of possible memory leak.
* win32/win32.c (cmdglob, rb_w32_cmdvector, rb_w32_opendir,
rb_w32_get_environ): not to use GC before initialization.
* configure.in (SITE_DIR): fixed to emtpy RUBY_SITE_LIB in
config.h on NetBSD. fixed: [ruby-dev:29358]
* parse.y (dyna_init_gen): dvar initialization only if dvar is
assigned inner block. [ruby-talk:227402]
* stable version 1.8.5-p2 released.
* lib/cgi.rb (CGI::QueryExtension::read_multipart): should
quote boundary. JVN#84798830 (BNC #225983) (CVE-2006-6303)
* bignum.c (bignorm): avoid segmentation. a patch from Hiroyuki
Ito <ZXB01226@nifty.com>. [ruby-list:43012]
* parse.y (primary): should set NODE even when compstmt is NULL.
merge from trunk. fixed: [ruby-dev:29732]
* lib/cgi.rb (CGI::QueryExtension::read_multipart): CGI content
may be empty. a patch from Jamis Buck <jamis at 37signals.com>.
* ext/dbm/extconf.rb: create makefile according to the result of
check for dbm header. fixed: [ruby-dev:29445]
* hash.c (rb_hash_s_create): fixed memory leak, based on the
patch by Kent Sibilev <ksruby at gmail.com>.
fixed: [ruby-talk:211233]
- rediffed ruby-1.8.1-lib64.diff
new name ruby-1.8.5.p12-lib64.diff
- patches included in the update:
cgi_multipart_eof_fix.patch
ruby-1.8.4-fix-alias-safe-level.patch
ruby-1.8.4-fix-insecure-dir-operation.patch
ruby-1.8.4-fix-insecure-regexp-modification.patch
ruby-1.8.4-no-eaccess.diff
ruby-1.8.4-warnings.patch
ruby-fix-autoconf-magic-code.patch
- added ruby-1.8.x-autoconf_2.61a.patch:
config.status changed to awk in 2.61a. adapt mkconfig.rb to the
new syntax.
* Mon Oct 30 2006 - mrueckert@suse.de
- added cgi_multipart_eof_fix.patch:
fix for a denial of service condition in cgi.rb CVE-2006-5467