OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 04-Nov-2006 14:18:33
Branch: OPENPKG_2_STABLE Handle: 2006110413183300
Modified files: (Branch: OPENPKG_2_STABLE)
openpkg-src/ruby ruby.patch ruby.spec
Log:
MFC: Security Fix (CVE-2006-5467)
Summary:
Revision Changes Path
1.6.4.4 +17 -0 openpkg-src/ruby/ruby.patch
1.40.2.5 +1 -1 openpkg-src/ruby/ruby.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/ruby/ruby.patch
============================================================================
$ cvs diff -u -r1.6.4.3 -r1.6.4.4 ruby.patch
--- openpkg-src/ruby/ruby.patch 20 Oct 2006 14:40:32 -0000 1.6.4.3
+++ openpkg-src/ruby/ruby.patch 4 Nov 2006 13:18:33 -0000 1.6.4.4
@@ -22,3 +22,20 @@
db_check(dblib) and break
end
end
+
+-----------------------------------------------------------------------------
+
+Security Fix (CVE-2006-5467)
+
+Index: lib/cgi.rb
+--- lib/cgi.rb.orig 2006-08-22 11:38:19 +0200
++++ lib/cgi.rb 2006-11-04 14:11:46 +0100
+@@ -1018,7 +1018,7 @@
+ else
+ stdinput.read(content_length)
+ end
+- if c.nil?
++ if c.nil? || c.empty?
+ raise EOFError, "bad content body"
+ end
+ buf.concat(c)
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/ruby/ruby.spec
============================================================================
$ cvs diff -u -r1.40.2.4 -r1.40.2.5 ruby.spec
--- openpkg-src/ruby/ruby.spec 20 Oct 2006 14:40:32 -0000 1.40.2.4
+++ openpkg-src/ruby/ruby.spec 4 Nov 2006 13:18:33 -0000 1.40.2.5
@@ -33,7 +33,7 @@
Group: Language
License: GPL
Version: 1.8.5
-Release: 2.20061020
+Release: 2.20061104
# list of sources
Source0: ftp://ftp.ruby-lang.org/pub/ruby/ruby-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
