commit rubygem-nokogiri for openSUSE:Factory

Thu, 11 Feb 2016 03:36:59 -0800 

Hello community,

here is the log from the commit of package rubygem-nokogiri for 
openSUSE:Factory checked in at 2016-02-11 12:36:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-nokogiri (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-nokogiri.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "rubygem-nokogiri"

Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-nokogiri/rubygem-nokogiri.changes        
2015-12-27 01:56:59.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-nokogiri.new/rubygem-nokogiri.changes   
2016-02-11 12:36:21.000000000 +0100
@@ -1,0 +2,53 @@
+Tue Jan 26 14:30:07 UTC 2016 - [email protected]
+
+- lockdown mini_portile2 to 2.0
+
+-------------------------------------------------------------------
+Mon Jan 25 14:00:09 UTC 2016 - [email protected]
+
+- update to version 1.6.7.2
+  This version pulls in several upstream patches to the vendored
+  libxml2 and libxslt to address:
+
+  CVE-2015-7499
+
+  Ubuntu classifies this as "Priority: Low", RedHat classifies this
+  as "Impact: Moderate", and NIST classifies this as "Severity: 5.0
+  (MEDIUM)".
+
+  MITRE record is
+  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
+
+  This is not effecting us as we are using the system copy.
+
+- refresh mini_portile patch to apply cleanly again
+  old: nokogiri-1.6.7.diff
+  new: nokogiri-1.6.7.2_mini_portile2_version.diff
+
+-------------------------------------------------------------------
+Thu Jan 21 13:19:15 UTC 2016 - [email protected]
+
+- fix buildrequires for mini_portile
+
+-------------------------------------------------------------------
+Thu Dec 17 05:32:41 UTC 2015 - [email protected]
+
+- updated to version 1.6.7.1
+ see installed CHANGELOG.rdoc
+
+  === 1.6.7.1 / 2015-12-16
+  
+  This version pulls in several upstream patches to the vendored libxml2 and 
libxslt to address:
+  
+    CVE-2015-5312
+    CVE-2015-7497
+    CVE-2015-7498
+    CVE-2015-7499
+    CVE-2015-7500
+    CVE-2015-8241
+    CVE-2015-8242
+    CVE-2015-8317
+  
+  See also http://www.ubuntu.com/usn/usn-2834-1/
+
+-------------------------------------------------------------------

Old:
----
  nokogiri-1.6.7.diff
  nokogiri-1.6.7.gem

New:
----
  nokogiri-1.6.7.2.gem
  nokogiri-1.6.7.2_mini_portile2_version.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-nokogiri.spec ++++++
--- /var/tmp/diff_new_pack.UxaHvr/_old  2016-02-11 12:36:22.000000000 +0100
+++ /var/tmp/diff_new_pack.UxaHvr/_new  2016-02-11 12:36:22.000000000 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package rubygem-nokogiri
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -24,27 +24,27 @@
 #
 
 Name:           rubygem-nokogiri
-Version:        1.6.7
+Version:        1.6.7.2
 Release:        0
 %define mod_name nokogiri
 %define mod_full_name %{mod_name}-%{version}
 # MANUAL
-BuildRequires:  %{rubygem mini_portile}
 BuildRequires:  libxml2-devel >= 2.6.21
 BuildRequires:  libxslt-devel
+BuildRequires:  %{rubygem mini_portile2:2.0}
 # /MANUAL
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+BuildRequires:  ruby-macros >= 5
 BuildRequires:  %{rubydevel >= 1.9.2}
 BuildRequires:  %{rubygem gem2rpm}
 BuildRequires:  %{rubygem rdoc > 3.10}
-BuildRequires:  ruby-macros >= 5
 BuildRequires:  update-alternatives
 Url:            http://nokogiri.org
 Source:         http://rubygems.org/gems/%{mod_full_name}.gem
 Source1:        rubygem-nokogiri-rpmlintrc
 Source2:        gem2rpm.yml
 # MANUAL
-Patch0:         nokogiri-1.6.7.diff
+Patch0:  nokogiri-1.6.7.2_mini_portile2_version.diff
 # /MANUAL
 Summary:        Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser
 License:        MIT
@@ -78,6 +78,7 @@
 rm -rf %{buildroot}%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_full_name}/ports
 # /MANUAL
 
+
 %gem_packages
 
 %changelog

++++++ gem2rpm.yml ++++++
--- /var/tmp/diff_new_pack.UxaHvr/_old  2016-02-11 12:36:22.000000000 +0100
+++ /var/tmp/diff_new_pack.UxaHvr/_new  2016-02-11 12:36:22.000000000 +0100
@@ -18,12 +18,12 @@
 :preamble: |-
   BuildRequires:  libxml2-devel >= 2.6.21
   BuildRequires:  libxslt-devel
-  BuildRequires:  %{rubygem mini_portile}
+  BuildRequires:  %{rubygem mini_portile2:2.0}
 #   BuildRequires: foobar
 #   Requires: foobar
 # ## used by gem2rpm
 :patches:
-  nokogiri-1.6.7.diff: -p1
+  nokogiri-1.6.7.2_mini_portile2_version.diff: -p1
 # ## used by gem2rpm
 :sources:
   - rubygem-nokogiri-rpmlintrc

++++++ nokogiri-1.6.7.gem -> nokogiri-1.6.7.2.gem ++++++
/work/SRC/openSUSE:Factory/rubygem-nokogiri/nokogiri-1.6.7.gem 
/work/SRC/openSUSE:Factory/.rubygem-nokogiri.new/nokogiri-1.6.7.2.gem differ: 
char 132, line 1

++++++ nokogiri-1.6.7.2_mini_portile2_version.diff ++++++
diff --git a/Gemfile b/Gemfile
index cc710de..808fcfd 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,7 +4,7 @@
 
 source "https://rubygems.org/";
 
-gem "mini_portile2", "~>2.0.0.rc2"
+gem "mini_portile2", "~>2.0.0"
 
 gem "rdoc", "~>4.0", :group => [:development, :test]
 gem "hoe-bundler", ">=1.1", :group => [:development, :test]
diff --git a/Rakefile b/Rakefile
index 0c92572..58d50ae 100644
--- a/Rakefile
+++ b/Rakefile
@@ -129,7 +129,7 @@ HOE = Hoe.spec 'nokogiri' do
   unless java?
     self.extra_deps += [
       # Keep this version in sync with the one in extconf.rb !
-      ["mini_portile2",    "~> 2.0.0.rc2"],
+      ["mini_portile2",    "~> 2.0.0"],
     ]
   end
 
diff --git a/ext/nokogiri/extconf.rb b/ext/nokogiri/extconf.rb
index b716ee3..93c2e19 100644
--- a/ext/nokogiri/extconf.rb
+++ b/ext/nokogiri/extconf.rb
@@ -393,7 +393,7 @@ else
 
   # The gem version constraint in the Rakefile is not respected at install 
time.
   # Keep this version in sync with the one in the Rakefile !
-  gem "mini_portile2", "~> 2.0.0.rc2"
+  gem "mini_portile2", "~> 2.0.0"
   require 'mini_portile2'
   message "Using mini_portile version #{MiniPortile::VERSION}\n"
 
--- a/nokogiri-1.6.7.2.gemspec  2016-01-25 14:55:00.142552615 +0100
+++ b/nokogiri-1.6.7.2.gemspec  2016-01-25 14:55:18.690556301 +0100
@@ -27,7 +27,7 @@
     s.specification_version = 4
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<mini_portile2>, ["~> 2.0.0.rc2"])
+      s.add_runtime_dependency(%q<mini_portile2>, ["~> 2.0.0"])
       s.add_development_dependency(%q<rdoc>, ["~> 4.0"])
       s.add_development_dependency(%q<hoe-bundler>, [">= 1.1"])
       s.add_development_dependency(%q<hoe-debugging>, ["~> 1.2.1"])
@@ -41,7 +41,7 @@
       s.add_development_dependency(%q<rexical>, [">= 1.0.5"])
       s.add_development_dependency(%q<hoe>, ["~> 3.14"])
     else
-      s.add_dependency(%q<mini_portile2>, ["~> 2.0.0.rc2"])
+      s.add_dependency(%q<mini_portile2>, ["~> 2.0.0"])
       s.add_dependency(%q<rdoc>, ["~> 4.0"])
       s.add_dependency(%q<hoe-bundler>, [">= 1.1"])
       s.add_dependency(%q<hoe-debugging>, ["~> 1.2.1"])
@@ -56,7 +56,7 @@
       s.add_dependency(%q<hoe>, ["~> 3.14"])
     end
   else
-    s.add_dependency(%q<mini_portile2>, ["~> 2.0.0.rc2"])
+    s.add_dependency(%q<mini_portile2>, ["~> 2.0.0"])
     s.add_dependency(%q<rdoc>, ["~> 4.0"])
     s.add_dependency(%q<hoe-bundler>, [">= 1.1"])
     s.add_dependency(%q<hoe-debugging>, ["~> 1.2.1"])

Reply via email to