pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/ruby-rack-ssl Add security fix for CVE-2014-2538.
details: https://anonhg.NetBSD.org/pkgsrc/rev/6cc04ef0524c
branches: trunk
changeset: 632232:6cc04ef0524c
user: taca <taca%pkgsrc.org@localhost>
date: Fri Mar 21 01:06:47 2014 +0000
description:
Add security fix for CVE-2014-2538.
Bump PKGREVISION.
diffstat:
www/ruby-rack-ssl/Makefile | 4 ++--
www/ruby-rack-ssl/distinfo | 3 ++-
www/ruby-rack-ssl/patches/patch-lib_rack_ssl.rb | 15 +++++++++++++++
3 files changed, 19 insertions(+), 3 deletions(-)
diffs (43 lines):
diff -r 70567bfbc197 -r 6cc04ef0524c www/ruby-rack-ssl/Makefile
--- a/www/ruby-rack-ssl/Makefile Thu Mar 20 22:21:37 2014 +0000
+++ b/www/ruby-rack-ssl/Makefile Fri Mar 21 01:06:47 2014 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.3 2013/03/10 09:16:46 taca Exp $
+# $NetBSD: Makefile,v 1.4 2014/03/21 01:06:47 taca Exp $
DISTNAME= rack-ssl-1.3.3
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= www
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
diff -r 70567bfbc197 -r 6cc04ef0524c www/ruby-rack-ssl/distinfo
--- a/www/ruby-rack-ssl/distinfo Thu Mar 20 22:21:37 2014 +0000
+++ b/www/ruby-rack-ssl/distinfo Fri Mar 21 01:06:47 2014 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.2 2013/02/11 04:03:45 taca Exp $
+$NetBSD: distinfo,v 1.3 2014/03/21 01:06:47 taca Exp $
SHA1 (rack-ssl-1.3.3.gem) = 5f9c879b43d909e3425f82d461bc5353e4bd6496
RMD160 (rack-ssl-1.3.3.gem) = f784aead5548ba73f57048c0647dcea503b5b01b
Size (rack-ssl-1.3.3.gem) = 5120 bytes
+SHA1 (patch-lib_rack_ssl.rb) = 2f1fbc07c36a5291b832a9ac67edad05f4b2266f
diff -r 70567bfbc197 -r 6cc04ef0524c www/ruby-rack-ssl/patches/patch-lib_rack_ssl.rb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/ruby-rack-ssl/patches/patch-lib_rack_ssl.rb Fri Mar 21 01:06:47 2014 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_rack_ssl.rb,v 1.1 2014/03/21 01:06:47 taca Exp $
+
+Security fix for CVE-2014-2538.
+
+--- lib/rack/ssl.rb.orig 2014-03-19 13:38:14.000000000 +0000
++++ lib/rack/ssl.rb
+@@ -55,6 +55,8 @@ module Rack
+ 'Location' => url.to_s)
+
+ [status, headers, []]
++ rescue URI::InvalidURIError
++ [400, {"Content-Type" => "text/plain"}, []]
+ end
+
+ # http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02
Home |
Main Index |
Thread Index |
Old Index