pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/ruby-http Update ruby-http to 0.7.3, security fix.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/b79d9e954612
branches:  trunk
changeset: 649022:b79d9e954612
user:      taca <taca%pkgsrc.org@localhost>
date:      Sat Mar 28 04:32:15 2015 +0000

description:
Update ruby-http to 0.7.3, security fix.

## 0.7.3 (2015-03-24)

* SECURITY FIX: http.rb failed to call the #post_connection_check method
  on SSL connections. This method implements hostname verification, and
  without it http.rb was vulnerable to MitM attacks. The problem was
  corrected by calling #post_connection_check (CVE-2015-1828)

diffstat:

 www/ruby-http/Makefile |  4 ++--
 www/ruby-http/PLIST    |  8 +++++++-
 www/ruby-http/distinfo |  8 ++++----
 3 files changed, 13 insertions(+), 7 deletions(-)

diffs (50 lines):

diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/Makefile
--- a/www/ruby-http/Makefile    Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/Makefile    Sat Mar 28 04:32:15 2015 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.4 2015/03/03 13:20:18 taca Exp $
+# $NetBSD: Makefile,v 1.5 2015/03/28 04:32:15 taca Exp $
 #
 
-DISTNAME=      http-0.7.2
+DISTNAME=      http-0.7.3
 CATEGORIES=    www
 
 MAINTAINER=    tsutsui%NetBSD.org@localhost
diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/PLIST
--- a/www/ruby-http/PLIST       Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/PLIST       Sat Mar 28 04:32:15 2015 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2015/02/05 15:36:01 taca Exp $
+@comment $NetBSD: PLIST,v 1.5 2015/03/28 04:32:15 taca Exp $
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_LIBDIR}/.coveralls.yml
 ${GEM_LIBDIR}/.gitignore
@@ -55,8 +55,14 @@
 ${GEM_LIBDIR}/spec/lib/http/response_spec.rb
 ${GEM_LIBDIR}/spec/lib/http_spec.rb
 ${GEM_LIBDIR}/spec/spec_helper.rb
+${GEM_LIBDIR}/spec/support/black_hole.rb
 ${GEM_LIBDIR}/spec/support/capture_warning.rb
+${GEM_LIBDIR}/spec/support/create_certs.rb
+${GEM_LIBDIR}/spec/support/dummy_server.rb
+${GEM_LIBDIR}/spec/support/dummy_server/servlet.rb
 ${GEM_LIBDIR}/spec/support/example_server.rb
 ${GEM_LIBDIR}/spec/support/example_server/servlet.rb
 ${GEM_LIBDIR}/spec/support/proxy_server.rb
+${GEM_LIBDIR}/spec/support/servers/config.rb
+${GEM_LIBDIR}/spec/support/servers/runner.rb
 ${GEM_HOME}/specifications/${GEM_NAME}.gemspec
diff -r f91f5d64c1cf -r b79d9e954612 www/ruby-http/distinfo
--- a/www/ruby-http/distinfo    Sat Mar 28 04:22:11 2015 +0000
+++ b/www/ruby-http/distinfo    Sat Mar 28 04:32:15 2015 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.4 2015/03/03 13:20:18 taca Exp $
+$NetBSD: distinfo,v 1.5 2015/03/28 04:32:15 taca Exp $
 
-SHA1 (http-0.7.2.gem) = f91b6614a24a7eb450e62dea47de8f0608c370b6
-RMD160 (http-0.7.2.gem) = e15343d62b2ce6ad92d03a6c953c8d4350c22403
-Size (http-0.7.2.gem) = 52736 bytes
+SHA1 (http-0.7.3.gem) = ba3d8e819bc8ff0b111ea62cd4d23a8e3983e9ee
+RMD160 (http-0.7.3.gem) = 1c0a3f4e5006976f900350cf532e590de22d4254
+Size (http-0.7.3.gem) = 54784 bytes



Home | Main Index | Thread Index | Old Index