1.8.6.287-7

.cvsignore

@@ -1,25 +1,4 @@
-ruby-1.8.1.tar.gz
-ruby-man-1.4.6.tar.bz2
+ruby-1.8.6-p287.tar.bz2
 ruby-refm-rdp-1.8.1-ja-html.tar.gz
-rubyfaq-990927.tar.bz2
-rubyfaq-jp-990927.tar.bz2
-*.rpm
-*.gz
-*.bz2
-ruby-1.8.2.tar.gz
-ruby-1.8.3.tar.gz
-ruby-1.8.4-preview1.tar.gz
-ruby-1.8.4-preview2.tar.gz
-ruby-1.8.4.tar.gz
-ruby-1.8.5.tar.gz
-ruby-1.8.5-p2.tar.gz
-ruby-1.8.5-p12.tar.gz
-ruby-1.8.6.tar.bz2
-ruby-1.8.6-p36.tar.bz2
-ruby-1.8.6-p110.tar.bz2
-ruby-1.8.6-p111.tar.bz2
 rubyfaq-990927.tar.gz
 rubyfaq-jp-990927.tar.gz
-ruby-1.8.6-p114.tar.bz2
-ruby-1.8.6-p230.tar.bz2
-ruby-1.8.6-p287.tar.bz2

import.log

@@ -0,0 +1 @@
+ruby-1_8_6_287-7_fc11:F-10:ruby-1.8.6.287-7.fc11.src.rpm:1237351889

ruby-1.8.6-p287-CVE-2008-5189.patch

@@ -0,0 +1,14 @@
+--- lib/cgi.rb  (revision 19665)
++++ lib/cgi.rb  (working copy)
+@@ -546,6 +546,11 @@
+     when Hash
+       options = options.dup
+     end
++    options.each_value do |value|
++      if /\n(?![ \t])/ === value
++        raise ArgumentError, "potential HTTP header injection detected"
++      end
++    end
+
+     unless options.has_key?("type")
+       options["type"] = "text/html"

ruby-1.8.6-p287-remove-ssl-rand-range.patch

@@ -0,0 +1,113 @@
+diff -ur ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.c ruby-1.8.6-p287/ext/openssl/openssl_missing.c
+--- ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.c	2007-02-13 00:01:19.000000000 +0100
++++ ruby-1.8.6-p287/ext/openssl/openssl_missing.c	2009-03-15 05:32:31.000000000 +0100
+@@ -43,7 +43,7 @@
+ {
+     return CRYPTO_set_ex_data(&str->ex_data, idx, data);
+ }
+- 
++
+ void *X509_STORE_get_ex_data(X509_STORE *str, int idx)
+ {
+     return CRYPTO_get_ex_data(&str->ex_data, idx);
+@@ -113,7 +113,7 @@
+ #endif
+ 
+ #if !defined(HAVE_EVP_CIPHER_CTX_COPY)
+-/* 
++/*
+  * this function does not exist in OpenSSL yet... or ever?.
+  * a future version may break this function.
+  * tested on 0.9.7d.
+@@ -182,12 +182,12 @@
+ 		(ASN1_STRING *)(*a)->serialNumber,
+ 		(ASN1_STRING *)(*b)->serialNumber));
+ }
+-		    
++
+ int
+ X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+ {
+     X509_CRL_INFO *inf;
+-    
++
+     inf = crl->crl;
+     if (!inf->revoked)
+ 	inf->revoked = sk_X509_REVOKED_new(OSSL_X509_REVOKED_cmp);
+@@ -233,54 +233,6 @@
+ }
+ #endif
+ 
+-#if !defined(HAVE_BN_RAND_RANGE) || !defined(HAVE_BN_PSEUDO_RAND_RANGE)
+-static int
+-bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
+-{
+-    int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
+-    int n;
+-
+-    if (range->neg || BN_is_zero(range)) return 0;
+-
+-    n = BN_num_bits(range);
+-
+-    if (n == 1) {
+-	if (!BN_zero(r)) return 0;
+-    } else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
+-	do {
+-	    if (!bn_rand(r, n + 1, -1, 0)) return 0;
+-	    if (BN_cmp(r ,range) >= 0) {
+-		if (!BN_sub(r, r, range)) return 0;
+-		if (BN_cmp(r, range) >= 0)
+-		    if (!BN_sub(r, r, range)) return 0;
+-	    }
+-	} while (BN_cmp(r, range) >= 0);
+-    } else {
+-	do {
+-	    if (!bn_rand(r, n, -1, 0)) return 0;
+-	} while (BN_cmp(r, range) >= 0);
+-    }
+-
+-    return 1;
+-}
+-#endif
+-
+-#if !defined(HAVE_BN_RAND_RANGE)
+-int
+-BN_rand_range(BIGNUM *r, BIGNUM *range)
+-{
+-    return bn_rand_range(0, r, range);
+-}
+-#endif
+-
+-#if !defined(HAVE_BN_PSEUDO_RAND_RANGE)
+-int
+-BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
+-{
+-    return bn_rand_range(1, r, range);
+-}
+-#endif
+-
+ #if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE)
+ #define OPENSSL_CONF "openssl.cnf"
+ char *
+@@ -315,7 +267,7 @@
+ {
+     int i,j;
+     const char *prompt;
+-    
++
+     if (key) {
+ 	i = strlen(key);
+ 	i = (i > num) ? num : i;
+diff -ur ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.h ruby-1.8.6-p287/ext/openssl/openssl_missing.h
+--- ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.h	2008-08-04 06:43:34.000000000 +0200
++++ ruby-1.8.6-p287/ext/openssl/openssl_missing.h	2009-03-15 05:33:56.000000000 +0100
+@@ -120,8 +120,6 @@
+ int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+ int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
+ int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
+-int BN_rand_range(BIGNUM *r, BIGNUM *range);
+-int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range);
+ char *CONF_get1_default_config_file(void);
+ int PEM_def_callback(char *buf, int num, int w, void *key);
+ 
+Only in ruby-1.8.6-p287/ext/openssl: .openssl_missing.h.swp

ruby-1.8.6-rexml-CVE-2008-3790.patch

@@ -12,7 +12,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/
 @@ -200,6 +201,27 @@ module REXML
  			Parsers::StreamParser.new( source, listener ).parse
  		end
- 
+
 +    @@entity_expansion_limit = 10_000
 +
 +    # Set the entity expansion limit. By defualt the limit is set to 10000.
@@ -26,7 +26,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/
 +    end
 +
 +    attr_reader :entity_expansion_count
-+    
++
 +    def record_entity_expansion
 +      @entity_expansion_count += 1
 +      if @entity_expansion_count > @@entity_expansion_limit
@@ -44,7 +44,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/entity.rb ruby-1.8.6-p287/lib/rexml/en
  		# all entities -- both %ent; and &ent; entities.  This differs from
  		# +value()+ in that +value+ only replaces %ent; entities.
  		def unnormalized
-+      document.record_entity_expansion
++      document.record_entity_expansion unless document.nil?
  			v = value()
  			return nil if v.nil?
  			@unnormalized = Text::unnormalize(v, parent)

ruby-always-use-i386.patch

@@ -0,0 +1,11 @@
+--- ruby-1.8.6-p287/configure.in.i386	2009-03-16 00:55:15.000000000 +0900
++++ ruby-1.8.6-p287/configure.in	2009-03-16 01:42:41.000000000 +0900
+@@ -1662,6 +1662,8 @@
+ configure_args=$ac_configure_args
+ AC_SUBST(configure_args)dnl
+ 
++target_cpu=`echo $target_cpu | sed s/i.86/i386/`
++
+ if test "$fat_binary" != no ; then
+     arch="fat-${target_os}"
+ 

ruby.spec

@@ -8,11 +8,11 @@
 # This is required to ensure that noarch files puts under /usr/lib/... for
 # multilib because ruby library is installed under /usr/{lib,lib64}/ruby anyway.
 %define	sitedir2	%{_prefix}/lib/ruby/site_ruby
-%define	_normalized_cpu	%(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/'`)
+%define	_normalized_cpu	%(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`)
 
 Name:		ruby
 Version:	%{rubyver}%{?dotpatchlevel}
-Release:	2%{?dist}
+Release:	7%{?dist}
 License:	Ruby or GPLv2
 URL:		http://www.ruby-lang.org/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -34,7 +34,10 @@ Patch21:	ruby-deprecated-sitelib-search-path.patch
 Patch22:	ruby-deprecated-search-path.patch
 Patch23:	ruby-multilib.patch
 Patch25:	ruby-1.8.6.111-gcc43.patch
-Patch26:	ruby-1.8.6-rexml-CVE-2008-3790.patch
+Patch26:        ruby-1.8.6-rexml-CVE-2008-3790.patch
+Patch27:        ruby-1.8.6-p287-CVE-2008-5189.patch
+Patch28:        ruby-1.8.6-p287-remove-ssl-rand-range.patch
+Patch29:	ruby-always-use-i386.patch
 
 Summary:	An interpreter of object-oriented scripting language
 Group:		Development/Languages
@@ -154,6 +157,9 @@ pushd %{name}-%{arcver}
 %endif
 %patch25 -p1
 %patch26 -p1
+%patch27 -p0
+%patch28 -p1
+%patch29 -p1
 popd
 
 %build
@@ -165,7 +171,7 @@ autoconf
 
 rb_cv_func_strtod=no
 export rb_cv_func_strtod
-CFLAGS="$RPM_OPT_FLAGS -Wall"
+CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
 export CFLAGS
 %configure \
   --with-sitedir='%{sitedir}' \
@@ -279,11 +285,11 @@ done
 find -type f | xargs chmod 0644
 
 # convert to utf-8
-for i in `find -type f`; do
-	iconv -f utf-8 -t utf-8 $i > /dev/null 2>&1 || (iconv -f euc-jp -t utf-8 $i > $i.new && mv $i.new $i || exit 1)
-	if [ $? != 0 ]; then
-		iconv -f iso8859-1 -t utf-8 $i > $.new && mv $i.new $i || exit 1
-	fi
+for i in `find -type f ! -name "*.gif"`; do
+    sh -c "iconv -f utf-8 -t utf-8 $i > /dev/null 2>&1 || (iconv -f euc-jp -t utf-8 $i > $i.new && mv $i.new $i || exit 1)
+    if [ $? != 0 ]; then
+        iconv -f iso8859-1 -t utf-8 $i > $.new && mv $i.new $i || exit 1
+    fi"
 done
 
 # done
@@ -326,6 +332,8 @@ for i in $RPM_BUILD_ROOT%{_prefix}/lib/ruby/1.8/{abbrev,generator,irb/{cmd/subir
 	sed -i -e '/^#!.*/,1D' $i
 done
 
+find $RPM_BUILD_ROOT/ -name "*.so" -exec chmod 755 {} \;
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 rm -rf tmp-ruby-docs
@@ -341,10 +349,10 @@ rm -rf tmp-ruby-docs
 %doc %{name}-%{arcver}/GPL
 %doc %{name}-%{arcver}/LEGAL
 %doc %{name}-%{arcver}/LGPL
-%doc %{name}-%{arcver}/NEWS 
+%doc %{name}-%{arcver}/NEWS
 %doc %{name}-%{arcver}/README
 %lang(ja) %doc %{name}-%{arcver}/README.ja
-%doc %{name}-%{arcver}/ToDo 
+%doc %{name}-%{arcver}/ToDo
 %doc %{name}-%{arcver}/doc/ChangeLog-1.8.0
 %doc %{name}-%{arcver}/doc/NEWS-1.8.0
 %doc tmp-ruby-docs/ruby/*
@@ -504,6 +512,19 @@ rm -rf tmp-ruby-docs
 %{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el
 
 %changelog
+* Wed Mar 18 2009 Jeroen van Meeuwen <j.van.meeuwen@ogd.nl> - 1.8.6.287-7
+- Fix regression in CVE-2008-3790 (#485383)
+
+* Mon Mar 16 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.287-6
+- Again use -O2 optimization level
+- i586 should search i386-linux directory
+
+* Thu Mar 05 2009 Jeroen van Meeuwen <kanarip@fedoraproject.org> - 1.8.6.287-5
+- Rebuild for gcc4.4
+
+* Fri Feb 27 2009 Jeroen van Meeuwen <kanarip@fedoraproject.org> - 1.8.6.287-3
+- CVE-2008-5189: CGI header injection.
+
 * Wed Oct  8 2008 Akira TAGOH <tagoh@redhat.com> - 1.8.6.287-2
 - CVE-2008-3790: DoS vulnerability in the REXML module.
 
@@ -882,8 +903,8 @@ rm -rf tmp-ruby-docs
 
 * Mon Dec 16 2002 Elliot Lee <sopwith@redhat.com> 1.6.7-13
 - Remove ExcludeArch: x86_64
-- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long) 
-  == sizeof(int). The patch does not fix the source of the problem, just 
+- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long)
+  == sizeof(int). The patch does not fix the source of the problem, just
   makes it a non-issue.)
 - _smp_mflags
 
@@ -940,7 +961,7 @@ rm -rf tmp-ruby-docs
   removed.
 - ruby-1.6.7-100.patch: applied a bug fix patch.
   (ruby-dev#16274: patch for 'wm state')
-  (PR#206ja: SEGV handle EXIT) 
+  (PR#206ja: SEGV handle EXIT)
 - ruby-1.6.7-101.patch: applied a bug fix patch.
   (ruby-list#34313: singleton should not be Marshal.dump'ed)
   (ruby-dev#16411: block local var)
@@ -1041,7 +1062,7 @@ rm -rf tmp-ruby-docs
 * Thu Dec 14 2000 akira yamada <akira@vinelinux.org>
 - Removed ruby_cvs.2000101901.patch, added ruby_cvs.2000121413.patch
   (upgraded ruby to latest cvs version).
-- Removed ruby-dev.11262.patch, ruby-dev.11265.patch, 
+- Removed ruby-dev.11262.patch, ruby-dev.11265.patch,
   and ruby-dev.11268.patch (included into above patch).
 
 * Sun Nov 12 2000 MACHINO, Satoshi <machino@vinelinux.org> 1.6.1-0vl9
@@ -1055,7 +1076,7 @@ rm -rf tmp-ruby-docs
   (upgraded ruby to latest cvs version).
 - Added ruby-dev.11262.patch.
 - Added ruby-dev.11265.patch.
-  
+
 * Wed Oct 11 2000 akira yamada <akira@vinelinux.org>
 - Removed ruby_cvs.2000100313.patch and added ruby_cvs.2000101117.patch
   (upgraded ruby to latest cvs version).

sources

@@ -1,5 +1,4 @@
-8336b859400795ec51d05878c1a658b7  ruby-man-1.4.6.tar.bz2
+80b5f3db12531d36e6c81fac6d05dda9  ruby-1.8.6-p287.tar.bz2
 d65e3a216d6d345a2a6f1aa8758c2f75  ruby-refm-rdp-1.8.1-ja-html.tar.gz
 634c25b14e19925d10af3720d72e8741  rubyfaq-990927.tar.gz
 4fcec898f51d8371cc42d0a013940469  rubyfaq-jp-990927.tar.gz
-80b5f3db12531d36e6c81fac6d05dda9  ruby-1.8.6-p287.tar.bz2