-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-2458 2008-03-13 05:55:44 --------------------------------------------------------------------------------
Name : ruby Product : Fedora 7 Version : 1.8.6.114 Release : 1.fc7 URL : http://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 4 2008 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.114-1 - Security fix for CVE-2008-1145. - Improve a spec file. (#226381) - Correct License tag. - Fix a timestamp issue. - Own a arch-specific directory. * Tue Feb 19 2008 Fedora Release Engineering <[EMAIL PROTECTED]> - 1.8.6.111-9 - Autorebuild for GCC 4.3 * Tue Feb 19 2008 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-8 - Rebuild for gcc-4.3. * Tue Jan 15 2008 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-7 - Revert the change of libruby-static.a. (#428384) * Fri Jan 11 2008 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-6 - Fix an unnecessary replacement for shebang. (#426835) * Fri Jan 4 2008 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-5 - Rebuild. * Fri Dec 28 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-4 - Clean up again. * Fri Dec 21 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-3 - Clean up the spec file. - Remove ruby-man-1.4.6 stuff. this is entirely the out-dated document. this could be replaced by ri. - Disable the static library building. * Tue Dec 4 2007 Release Engineering <rel-eng at fedoraproject dot org> - 1.8.6.111-2 - Rebuild for openssl bump * Wed Oct 31 2007 Akira TAGOH <[EMAIL PROTECTED]> - Fix the dead link. * Mon Oct 29 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.111-1 - New upstream release. - ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the changes at trunk to enable the fix without any modifications on the users' scripts. Note that Net::HTTP#enable_post_connection_check isn't available anymore. If you want to disable this post-check, you should give OpenSSL::SSL::VERIFY_NONE to Net::HTTP#verify_mode= instead of. * Mon Oct 15 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.110-2 - Enable pthread support for ppc too. (#201452) - Fix unexpected dependencies appears in ruby-libs. (#253325) * Wed Oct 10 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.110-1 - New upstream release. - ruby-r12567.patch: removed. - ruby-1.8.6-CVE-2007-5162.patch: security fix for Net::HTTP that is insufficient verification of SSL certificate. * Thu Aug 23 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.36-4 - Rebuild * Fri Aug 10 2007 Akira TAGOH <[EMAIL PROTECTED]> - Update License tag. * Wed Jul 25 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.36-3 - ruby-r12567.patch: backport patch from upstream svn to get rid of the unnecessary declarations. (#245446) * Fri Jul 20 2007 Akira TAGOH <[EMAIL PROTECTED]> - 1.8.6.36-2 - New upstream release. - Fix Etc::getgrgid to get the correct gid as requested. (#236647) -------------------------------------------------------------------------------- References: [ 1 ] Bug #435902 - CVE-2008-1145 ruby: webrick directory traversal https://bugzilla.redhat.com/show_bug.cgi?id=435902 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
