pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/lang Update ruby18-base package to 1.8.7-pl357 (Ruby 1...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/6bc2842a9d6e
branches:  trunk
changeset: 599556:6bc2842a9d6e
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu Feb 16 16:36:07 2012 +0000

description:
Update ruby18-base package to 1.8.7-pl357 (Ruby 1.8.7 patchlevel 357).


Wed Feb  8 14:06:59 2012  Hiroshi Nakamura  <nahi%ruby-lang.org@localhost>

        * ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL
          option to prevent BEAST attack. See [Bug #5353].

          In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent
          TLS-CBC-IV vulunerability described at
          http://www.openssl.org/~bodo/tls-cbc.txt
          It's known issue of TLSv1/SSLv3 but it attracts lots of attention
          these days as BEAST attack. (CVE-2011-3389)

          Until now ossl sets OP_ALL at SSLContext allocation and call
          SSL_CTX_set_options at connection.  SSL_CTX_set_options updates the
          value by using |= so bits set by OP_ALL cannot be unset afterwards.

          This commit changes to call SSL_CTX_set_options only 1 time for each
          SSLContext. It sets the specified value if SSLContext#options= are
          called and sets OP_ALL if not.

          To help users to unset bits in OP_ALL, this commit also adds several
          constant to SSL such as
          OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS.  These constants were
          not exposed in Ruby because there's no way to unset bits in OP_ALL
          before.

          Following is an example to enable 0/n split for BEAST prevention.

            ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS

        * test/openssl/test_ssl.rb: Test above option exists.

diffstat:

 lang/ruby/rubyversion.mk  |  4 ++--
 lang/ruby18-base/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (34 lines):

diff -r d0da9216ad73 -r 6bc2842a9d6e lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk  Thu Feb 16 16:30:03 2012 +0000
+++ b/lang/ruby/rubyversion.mk  Thu Feb 16 16:36:07 2012 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.71 2012/02/04 09:43:32 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.72 2012/02/16 16:36:07 taca Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -203,7 +203,7 @@
 RUBY193_VERSION=       1.9.3
 
 # patch
-RUBY18_PATCHLEVEL=     pl357
+RUBY18_PATCHLEVEL=     pl358
 RUBY19_PATCHLEVEL=     pl290
 RUBY193_PATCHLEVEL=    p0
 
diff -r d0da9216ad73 -r 6bc2842a9d6e lang/ruby18-base/distinfo
--- a/lang/ruby18-base/distinfo Thu Feb 16 16:30:03 2012 +0000
+++ b/lang/ruby18-base/distinfo Thu Feb 16 16:36:07 2012 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.51 2011/12/28 16:40:06 taca Exp $
+$NetBSD: distinfo,v 1.52 2012/02/16 16:36:08 taca Exp $
 
-SHA1 (ruby-1.8.7-p357.tar.bz2) = ba5ec0ab663976f00fb405be6cfef546bcf0e4e9
-RMD160 (ruby-1.8.7-p357.tar.bz2) = 9034fb641f0260aed590856cd9400f186a3dd56a
-Size (ruby-1.8.7-p357.tar.bz2) = 4208157 bytes
+SHA1 (ruby-1.8.7-p358.tar.bz2) = 2b78dc421cfbca81ef1375a1c3da9f0f70c548fa
+RMD160 (ruby-1.8.7-p358.tar.bz2) = 7196a000d39e4cd24e7911839c828642d54377bd
+Size (ruby-1.8.7-p358.tar.bz2) = 4209883 bytes
 SHA1 (patch-aa) = 4c1572b5a1eb65e89a98c60540433a69cb96dd23
 SHA1 (patch-ab) = b56b6c2ba182414492c803d36433730602e0a591
 SHA1 (patch-ac) = 0119134d778bb85c58ef5bfe30d337dc76ed47e0



Home | Main Index | Thread Index | Old Index