OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 04-Nov-2006 14:17:39
Branch: HEAD Handle: 2006110413173900
Modified files:
openpkg-src/ruby ruby.patch ruby.spec
Log:
Security Fix (CVE-2006-5467)
Summary:
Revision Changes Path
1.9 +17 -0 openpkg-src/ruby/ruby.patch
1.46 +1 -1 openpkg-src/ruby/ruby.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/ruby/ruby.patch
============================================================================
$ cvs diff -u -r1.8 -r1.9 ruby.patch
--- openpkg-src/ruby/ruby.patch 25 Aug 2006 19:37:37 -0000 1.8
+++ openpkg-src/ruby/ruby.patch 4 Nov 2006 13:17:39 -0000 1.9
@@ -22,3 +22,20 @@
db_check(dblib) and break
end
end
+
+-----------------------------------------------------------------------------
+
+Security Fix (CVE-2006-5467)
+
+Index: lib/cgi.rb
+--- lib/cgi.rb.orig 2006-08-22 11:38:19 +0200
++++ lib/cgi.rb 2006-11-04 14:11:46 +0100
+@@ -1018,7 +1018,7 @@
+ else
+ stdinput.read(content_length)
+ end
+- if c.nil?
++ if c.nil? || c.empty?
+ raise EOFError, "bad content body"
+ end
+ buf.concat(c)
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/ruby/ruby.spec
============================================================================
$ cvs diff -u -r1.45 -r1.46 ruby.spec
--- openpkg-src/ruby/ruby.spec 13 Oct 2006 17:33:53 -0000 1.45
+++ openpkg-src/ruby/ruby.spec 4 Nov 2006 13:17:39 -0000 1.46
@@ -33,7 +33,7 @@
Group: Language
License: GPL
Version: 1.8.5
-Release: 20061013
+Release: 20061104
# list of sources
Source0: ftp://ftp.ruby-lang.org/pub/ruby/ruby-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
