pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang Update ruby18-base package to 1.8.7-pl357 (Ruby 1...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6bc2842a9d6e
branches: trunk
changeset: 599556:6bc2842a9d6e
user: taca <taca%pkgsrc.org@localhost>
date: Thu Feb 16 16:36:07 2012 +0000
description:
Update ruby18-base package to 1.8.7-pl357 (Ruby 1.8.7 patchlevel 357).
Wed Feb 8 14:06:59 2012 Hiroshi Nakamura <nahi%ruby-lang.org@localhost>
* ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL
option to prevent BEAST attack. See [Bug #5353].
In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent
TLS-CBC-IV vulunerability described at
http://www.openssl.org/~bodo/tls-cbc.txt
It's known issue of TLSv1/SSLv3 but it attracts lots of attention
these days as BEAST attack. (CVE-2011-3389)
Until now ossl sets OP_ALL at SSLContext allocation and call
SSL_CTX_set_options at connection. SSL_CTX_set_options updates the
value by using |= so bits set by OP_ALL cannot be unset afterwards.
This commit changes to call SSL_CTX_set_options only 1 time for each
SSLContext. It sets the specified value if SSLContext#options= are
called and sets OP_ALL if not.
To help users to unset bits in OP_ALL, this commit also adds several
constant to SSL such as
OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. These constants were
not exposed in Ruby because there's no way to unset bits in OP_ALL
before.
Following is an example to enable 0/n split for BEAST prevention.
ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS
* test/openssl/test_ssl.rb: Test above option exists.
diffstat:
lang/ruby/rubyversion.mk | 4 ++--
lang/ruby18-base/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diffs (34 lines):
diff -r d0da9216ad73 -r 6bc2842a9d6e lang/ruby/rubyversion.mk
--- a/lang/ruby/rubyversion.mk Thu Feb 16 16:30:03 2012 +0000
+++ b/lang/ruby/rubyversion.mk Thu Feb 16 16:36:07 2012 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.71 2012/02/04 09:43:32 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.72 2012/02/16 16:36:07 taca Exp $
#
# This file determines which Ruby version is used as a dependency for
@@ -203,7 +203,7 @@
RUBY193_VERSION= 1.9.3
# patch
-RUBY18_PATCHLEVEL= pl357
+RUBY18_PATCHLEVEL= pl358
RUBY19_PATCHLEVEL= pl290
RUBY193_PATCHLEVEL= p0
diff -r d0da9216ad73 -r 6bc2842a9d6e lang/ruby18-base/distinfo
--- a/lang/ruby18-base/distinfo Thu Feb 16 16:30:03 2012 +0000
+++ b/lang/ruby18-base/distinfo Thu Feb 16 16:36:07 2012 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.51 2011/12/28 16:40:06 taca Exp $
+$NetBSD: distinfo,v 1.52 2012/02/16 16:36:08 taca Exp $
-SHA1 (ruby-1.8.7-p357.tar.bz2) = ba5ec0ab663976f00fb405be6cfef546bcf0e4e9
-RMD160 (ruby-1.8.7-p357.tar.bz2) = 9034fb641f0260aed590856cd9400f186a3dd56a
-Size (ruby-1.8.7-p357.tar.bz2) = 4208157 bytes
+SHA1 (ruby-1.8.7-p358.tar.bz2) = 2b78dc421cfbca81ef1375a1c3da9f0f70c548fa
+RMD160 (ruby-1.8.7-p358.tar.bz2) = 7196a000d39e4cd24e7911839c828642d54377bd
+Size (ruby-1.8.7-p358.tar.bz2) = 4209883 bytes
SHA1 (patch-aa) = 4c1572b5a1eb65e89a98c60540433a69cb96dd23
SHA1 (patch-ab) = b56b6c2ba182414492c803d36433730602e0a591
SHA1 (patch-ac) = 0119134d778bb85c58ef5bfe30d337dc76ed47e0
Home |
Main Index |
Thread Index |
Old Index