Hello, This patch add lang/ruby to WEBrick security fix.
http://www.ruby-lang.org/en/news/2010/08/16/xss-in-webrick-cve-2010-0541/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0541 Could you update ports/lang/ruby? Thanks. % cvs diff -r OPENBSD_4_8: Index: Makefile =================================================================== RCS file: /cvs/ports/lang/ruby/Makefile,v retrieving revision 1.77 diff -u -r1.77 Makefile --- Makefile 24 Jul 2010 23:05:08 -0000 1.77 +++ Makefile 29 Aug 2010 13:55:02 -0000 @@ -15,7 +15,7 @@ PKGNAME-iconv= ruby-iconv-${VERSION}.${PATCHLEVEL} PKGNAME-gdbm= ruby-gdbm-${VERSION}.${PATCHLEVEL} PKGNAME-tk= ruby-tk-${VERSION}.${PATCHLEVEL} -REVISION-main= 3 +REVISION-main= 4 REVISION-iconv= 4 REVISION-gdbm= 3 REVISION-tk= 4 Index: patches/patch-lib_webrick_httpresponse_rb =================================================================== RCS file: patches/patch-lib_webrick_httpresponse_rb diff -N patches/patch-lib_webrick_httpresponse_rb --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-lib_webrick_httpresponse_rb 29 Aug 2010 13:55:02 -0000 @@ -0,0 +1,12 @@ +$OpenBSD$ +--- lib/webrick/httpresponse.rb.orig ++++ lib/webrick/httpresponse.rb +@@ -208,7 +208,7 @@ + @keep_alive = false + self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR + end +- @header['content-type'] = "text/html" ++ @header['content-type'] = "text/html; charset=ISO-8859-1" + + if respond_to?(:create_error_page) + create_error_page()
