pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q3]: pkgsrc/lang/ruby-base Pullup ticket 142 - requested b...
details: https://anonhg.NetBSD.org/pkgsrc/rev/7cadcf830d9c
branches: pkgsrc-2004Q3
changeset: 480743:7cadcf830d9c
user: salo <salo%pkgsrc.org@localhost>
date: Mon Nov 15 21:26:45 2004 +0000
description:
Pullup ticket 142 - requested by Takahiro Kambe
security fix for ruby-base
Module Name: pkgsrc
Committed By: taca
Date: Tue Nov 9 14:11:33 UTC 2004
Modified Files:
pkgsrc/lang/ruby-base: Makefile distinfo
Added Files:
pkgsrc/lang/ruby-base/patches: patch-ar
Log Message:
Fix potential DoS problem in CGI module from Ruby's CVS repository.
(noted by CAN-2004-0983)
Bump package revision.
diffstat:
lang/ruby-base/Makefile | 4 ++--
lang/ruby-base/distinfo | 3 ++-
lang/ruby-base/patches/patch-ar | 20 ++++++++++++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)
diffs (53 lines):
diff -r 49138c735ffc -r 7cadcf830d9c lang/ruby-base/Makefile
--- a/lang/ruby-base/Makefile Mon Nov 15 08:03:46 2004 +0000
+++ b/lang/ruby-base/Makefile Mon Nov 15 21:26:45 2004 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.29 2004/08/24 15:43:56 taca Exp $
+# $NetBSD: Makefile,v 1.29.2.1 2004/11/15 21:26:45 salo Exp $
# FreeBSD Id: ports/lang/ruby/Makefile,v 1.39 2000/10/20 19:56:03 knu Exp
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGNAMEPREFIX}base-${RUBY_VERSION}
-PKGREVISION= 5
+PKGREVISION= 7
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
diff -r 49138c735ffc -r 7cadcf830d9c lang/ruby-base/distinfo
--- a/lang/ruby-base/distinfo Mon Nov 15 08:03:46 2004 +0000
+++ b/lang/ruby-base/distinfo Mon Nov 15 21:26:45 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2004/08/24 15:43:56 taca Exp $
+$NetBSD: distinfo,v 1.15.2.1 2004/11/15 21:26:45 salo Exp $
SHA1 (ruby/ruby-1.6.8.tar.gz) = 4b475ac1c837cd62b6dfe85359e1502a71b08cd1
Size (ruby/ruby-1.6.8.tar.gz) = 1023403 bytes
@@ -15,3 +15,4 @@
SHA1 (patch-ao) = 1070614441174b30926ba1d8a4d1a4718172ce4b
SHA1 (patch-ap) = 19f520406a9b699a4bbe53b0e9e2b69b4eb7d96a
SHA1 (patch-aq) = cf9f16f056c2f5df2493b6f04232fb62edf4448f
+SHA1 (patch-ar) = 03e15c32b0865d11339f609b2e98613fc09083b4
diff -r 49138c735ffc -r 7cadcf830d9c lang/ruby-base/patches/patch-ar
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/ruby-base/patches/patch-ar Mon Nov 15 21:26:45 2004 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-ar,v 1.1.2.2 2004/11/15 21:26:45 salo Exp $
+
+--- lib/cgi.rb.orig 2002-08-29 18:05:06.000000000 +0900
++++ lib/cgi.rb
+@@ -823,10 +823,13 @@ convert string charset, and set language
+ end
+
+ c = if bufsize < content_length
+- stdinput.read(bufsize) or ''
++ stdinput.read(bufsize)
+ else
+- stdinput.read(content_length) or ''
++ stdinput.read(content_length)
+ end
++ if c.nil?
++ raise EOFError, "bad content body"
++ end
+ buf += c
+ content_length -= c.size
+
Home |
Main Index |
Thread Index |
Old Index