From ea5807830d4833b381a1ccb3452c7dc61e8622f1 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 27 Dec 2010 00:15:41 +0900 Subject: [PATCH] - Update to 1.8.6 p420 --- .gitignore | 1 + ruby-1.8.6.x-CVE-2010-0541.patch | 22 ---------------------- ruby.spec | 10 +++++----- sources | 3 +-- 4 files changed, 7 insertions(+), 29 deletions(-) delete mode 100644 ruby-1.8.6.x-CVE-2010-0541.patch diff --git a/.gitignore b/.gitignore index e4e63dc..de66a18 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ rubyfaq-990927.tar.gz rubyfaq-jp-990927.tar.gz ruby-1.8.6-p399.tar.bz2 ruby-1.8-rev27738_trunk-ext_tk.tar.gz +/ruby-1.8.6-p420.tar.bz2 diff --git a/ruby-1.8.6.x-CVE-2010-0541.patch b/ruby-1.8.6.x-CVE-2010-0541.patch deleted file mode 100644 index 2b5d808..0000000 --- a/ruby-1.8.6.x-CVE-2010-0541.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit 11183a22ef3998b9e822bb9322e49b8d6838aa81 -Author: wyhaines -Date: Tue Aug 17 18:36:29 2010 +0000 - - lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information. - - - git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@29026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e - -diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb -index 62156b1..48fe4b0 100644 ---- a/lib/webrick/httpresponse.rb -+++ b/lib/webrick/httpresponse.rb -@@ -209,7 +209,7 @@ module WEBrick - @keep_alive = false - self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR - end -- @header['content-type'] = "text/html" -+ @header['content-type'] = "text/html; charset=ISO-8859-1" - - if respond_to?(:create_error_page) - create_error_page() diff --git a/ruby.spec b/ruby.spec index 95f8ab8..16d1b1a 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %define rubyxver 1.8 %define rubyver 1.8.6 -%define _patchlevel 399 +%define _patchlevel 420 %define dotpatchlevel %{?_patchlevel:.%{_patchlevel}} %define patchlevel %{?_patchlevel:-p%{_patchlevel}} %define arcver %{rubyver}%{?patchlevel} @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 6%{?dist} +Release: 1%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -95,8 +95,6 @@ Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch # Once revert this patch to apply Patch34 cleanly Patch39: ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch -# From upstream ruby_1_8_6 branch: Patch for CVE-2010-0541 -Patch40: ruby-1.8.6.x-CVE-2010-0541.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -252,7 +250,6 @@ pushd %{name}-%{arcver} %patch36 -p1 %patch37 -p1 %patch38 -p1 -%patch40 -p1 popd %build @@ -643,6 +640,9 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Sun Dec 26 2010 Mamoru Tasaka - 1.8.6.420-1 +- Update to 1.8.6 p420 + * Mon Aug 23 2010 Mamoru Tasaka - 1.8.6.399-6 - Apply upstream patch for CVE-2010-0541 (bug 587731) diff --git a/sources b/sources index b1ee168..674141f 100644 --- a/sources +++ b/sources @@ -1,6 +1,5 @@ -f26cefbc8ab6728650ab9ae773d22bcb ruby-1.8.6-p388.tar.bz2 b6dd396f513efeb7864685c840f9643a ruby-refm-rdp-1.8.2-ja-html.tar.gz 634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz 4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz -f77c307cb72fb8808b0e85af5d05cefc ruby-1.8.6-p399.tar.bz2 6a8313c73087513f24e52d8cee5b3804 ruby-1.8-rev27738_trunk-ext_tk.tar.gz +1c7a978e9ffd4f56dc2ad74bbd2c34f3 ruby-1.8.6-p420.tar.bz2