pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang/ruby18-base Add a patch to fix for possible cross...
details: https://anonhg.NetBSD.org/pkgsrc/rev/ceb605cc4099
branches: trunk
changeset: 578785:ceb605cc4099
user: taca <taca%pkgsrc.org@localhost>
date: Mon Aug 16 07:08:12 2010 +0000
description:
Add a patch to fix for possible cross-site scripting (CVE-2010-0541)
from r29002 in Ruby's repository. (Sadly, Ruby 1.8.7 pl301 missed
this change...)
Bump PKGREVISION.
diffstat:
lang/ruby18-base/Makefile | 4 ++--
lang/ruby18-base/distinfo | 3 ++-
lang/ruby18-base/patches/patch-ea | 16 ++++++++++++++++
3 files changed, 20 insertions(+), 3 deletions(-)
diffs (51 lines):
diff -r d3bf6f2ac64b -r ceb605cc4099 lang/ruby18-base/Makefile
--- a/lang/ruby18-base/Makefile Mon Aug 16 02:21:23 2010 +0000
+++ b/lang/ruby18-base/Makefile Mon Aug 16 07:08:12 2010 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.55 2010/06/02 13:27:57 taca Exp $
+# $NetBSD: Makefile,v 1.56 2010/08/16 07:08:12 taca Exp $
#
DISTNAME= ${RUBY_DISTNAME}
PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX}
CATEGORIES= lang ruby
MASTER_SITES= ${MASTER_SITE_RUBY}
-PKGREVISION= 5
+PKGREVISION= 6
MAINTAINER= taca%NetBSD.org@localhost
HOMEPAGE= ${RUBY_HOMEPAGE}
diff -r d3bf6f2ac64b -r ceb605cc4099 lang/ruby18-base/distinfo
--- a/lang/ruby18-base/distinfo Mon Aug 16 02:21:23 2010 +0000
+++ b/lang/ruby18-base/distinfo Mon Aug 16 07:08:12 2010 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.43 2010/06/02 13:27:57 taca Exp $
+$NetBSD: distinfo,v 1.44 2010/08/16 07:08:13 taca Exp $
SHA1 (ruby-1.8.7-p174.tar.bz2) = 9e84b49ad545ad54b8e7dc3c227eaaefeb1041aa
RMD160 (ruby-1.8.7-p174.tar.bz2) = f854d456003af1e31d50330c88c3cb152c434249
@@ -25,3 +25,4 @@
SHA1 (patch-dx) = d25267d700f997b951a65c016f45347a8b1a1517
SHA1 (patch-dy) = 7c57240a1447346c8e6f2e4e9c7104b1a7d9dbc9
SHA1 (patch-dz) = 52af1fbf17b6e6df6112d08c291215d54a25af67
+SHA1 (patch-ea) = 85ad73f8bdb59bc78167bde021ce64879d3c234c
diff -r d3bf6f2ac64b -r ceb605cc4099 lang/ruby18-base/patches/patch-ea
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/ruby18-base/patches/patch-ea Mon Aug 16 07:08:12 2010 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ea,v 1.1 2010/08/16 07:08:13 taca Exp $
+
+* Fix for possible cross-site scripting (CVE-2010-0541) from r29002 in
+ Ruby's repository.
+
+--- lib/webrick/httpresponse.rb.orig 2008-06-06 08:05:24.000000000 +0000
++++ lib/webrick/httpresponse.rb
+@@ -209,7 +209,7 @@ module WEBrick
+ @keep_alive = false
+ self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR
+ end
+- @header['content-type'] = "text/html"
++ @header['content-type'] = "text/html; charset=ISO-8859-1"
+
+ if respond_to?(:create_error_page)
+ create_error_page()
Home |
Main Index |
Thread Index |
Old Index