Hello community,
here is the log from the commit of package rubygem-activesupport-3_2.2387 for
openSUSE:12.2:Update checked in at 2013-12-23 14:39:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.2:Update/rubygem-activesupport-3_2.2387 (Old)
and /work/SRC/openSUSE:12.2:Update/.rubygem-activesupport-3_2.2387.new
(New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-activesupport-3_2.2387"
Changes:
--------
New Changes file:
--- /dev/null 2013-11-25 01:44:08.036031256 +0100
+++
/work/SRC/openSUSE:12.2:Update/.rubygem-activesupport-3_2.2387.new/rubygem-activesupport-3_2.changes
2013-12-23 14:39:24.000000000 +0100
@@ -0,0 +1,74 @@
+-------------------------------------------------------------------
+Thu Dec 12 17:28:43 UTC 2013 - [email protected]
+
+- fix CVE-2013-4389: rubygem-actionmailer-3_1: possible DoS
+ vulnerability in the log subscriber component (bnc#846239)
+ File CVE-2013-4389.patch contains the fix.
+
+-------------------------------------------------------------------
+Wed Feb 13 23:52:39 UTC 2013 - [email protected]
+
+- update to version 3.2.12 (bnc#803336) CVE-2013-0276:
+ * Version bump
+
+-------------------------------------------------------------------
+Thu Jan 17 13:23:24 UTC 2013 - [email protected]
+
+- update to 3.2.11: (bnc#796712, bnc#797449, bnc#797452)
+ * Hash.from_xml raises when it encounters type="symbol" or
+ type="yaml". Use Hash.from_trusted_xml to parse this XML.
+ CVE-2013-0156 [Jeremy Kemper]
+ * Add logger.push_tags and .pop_tags to complement logger.tagged:
+ Jeremy Kemper
+ * Add %:z and %::z format string support to
+ ActiveSupport::TimeWithZone#strftime. [fixes #6962] kennyj
+ * Fix ActiveSupport integration with Mocha > 0.12.1. Mike Gunderloy
+ * Reverted the deprecation of ActiveSupport::JSON::Variable.
+ Rafael Mendonça França
+ * ERB::Util.html_escape now escapes single quotes.
+ Santiago Pastorino
+
+-------------------------------------------------------------------
+Thu Aug 2 14:31:23 UTC 2012 - [email protected]
+
+- update to 3.2.7 (includes changes for 3.2.4-3.2.6)
+ * Hash#fetch(fetch) is not the same as doing hash[key]
+ * adds a missing require [fixes #6896]
+ * make sure the inflection rules are loaded when cherry-picking
+ active_support/core_ext/string/inflections.rb [fixes #6884]
+ * Merge pull request #6857 from
+ rsutphin/as_core_ext_time_missing_require
+ * bump AS deprecation_horizon to 4.0
+ * ActiveSupport::JSON::Variable is deprecated. Define your own
+ #as_json and #encode_json methods for custom JSON string
+ literals. *Erich Menge*
+ * Added #beginning_of_hour and #end_of_hour to Time and DateTime
+ core extensions. *Mark J. Titorenko*
+
+-------------------------------------------------------------------
+Wed Apr 4 15:28:10 UTC 2012 - [email protected]
+
+- update to 3.2.3, no changes (it says literally)
+
+-------------------------------------------------------------------
+Fri Mar 23 11:00:44 UTC 2012 - [email protected]
+
+- Spec file cleanup:
+ * Factory preparation
+
+-------------------------------------------------------------------
+Fri Jan 27 00:58:12 UTC 2012 - [email protected]
+
+- update to 3.2.1
+ * Documentation fixes and improvements.
+ * Update time zone offset information. *Ravil Bayramgalin*
+ * The deprecated `ActiveSupport::Base64.decode64` calls
+ `::Base64.decode64` now. *Jonathan Viney*
+ * Fixes uninitialized constant
+ `ActiveSupport::TaggedLogging::ERROR`. *kennyj*
+
+-------------------------------------------------------------------
+Thu Jan 26 16:23:06 UTC 2012 - [email protected]
+
+- initial package of the 3.2 branch
+
New:
----
CVE-2013-4389.patch
activesupport-3.2.12.gem
rubygem-activesupport-3_2.changes
rubygem-activesupport-3_2.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-activesupport-3_2.spec ++++++
#
# spec file for package rubygem-activesupport-3_2
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: rubygem-activesupport-3_2
Version: 3.2.12
Release: 0
Summary: A toolkit of support libraries and Ruby core extensions
extracted from the Rails framework
License: MIT
Group: Development/Languages/Ruby
Url: http://www.rubyonrails.org
%define mod_name activesupport
%define mod_full_name %{mod_name}-%{version}
Source: %{mod_full_name}.gem
Source1: CVE-2013-4389.patch
BuildRequires: ruby-devel >= 1.8.7
BuildRequires: rubygem-i18n-0_6 >= 0.6
BuildRequires: rubygem-multi_json-1 >= 1.0
BuildRequires: rubygem-rdoc
BuildRequires: rubygems_with_buildroot_patch
Requires: ruby >= 1.8.7
Requires: rubygem-i18n-0_6 >= 0.6
Requires: rubygem-multi_json-1 >= 1.0
Provides: rubygem-%{mod_name} = %{version}
Provides: rubygem-%{mod_name}-3 = %{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%rubygems_requires
%description
A toolkit of support libraries and Ruby core extensions extracted from the
Rails framework. Rich support for multibyte strings, internationalization, time
zones, and testing.
%package doc
Summary: RDoc documentation for %{mod_name}
Group: Development/Languages/Ruby
Requires: %{name} = %{version}
%description doc
Documentation generated at gem installation time.
Usually in RDoc and RI formats.
%prep
%build
%install
%gem_install %{SOURCE0}
pushd %{buildroot}/%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}
patch -p2 < %{S:1}
popd
%files
%defattr(-,root,root,-)
%{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_full_name}.gem
%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/
%{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_full_name}.gemspec
%files doc
%defattr(-,root,root,-)
%doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_full_name}/
%changelog
++++++ CVE-2013-4389.patch ++++++
diff --git a/activesupport/lib/active_support/log_subscriber.rb
b/activesupport/lib/active_support/log_subscriber.rb
index 6296c1d..ed7c73b 100644
--- a/activesupport/lib/active_support/log_subscriber.rb
+++ b/activesupport/lib/active_support/log_subscriber.rb
@@ -118,5 +118,9 @@ module ActiveSupport
bold = bold ? BOLD : ""
"#{bold}#{color}#{text}#{CLEAR}"
end
+
+ def format_duration(duration)
+ "%.1fms" % duration
+ end
end
end
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
