Hello community, here is the log from the commit of package ruby.1497 for openSUSE:12.1:Update checked in at 2013-04-03 16:20:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update/ruby.1497 (Old) and /work/SRC/openSUSE:12.1:Update/.ruby.1497.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ruby.1497", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-02-26 18:15:11.936010755 +0100 +++ /work/SRC/openSUSE:12.1:Update/.ruby.1497.new/ruby.changes 2013-04-03 16:20:30.000000000 +0200 @@ -0,0 +1,775 @@ +------------------------------------------------------------------- +Mon Mar 25 17:30:25 UTC 2013 - mrueck...@suse.de + +- added CVE-2013-1821.patch: (bnc#808137) + Fix entity expansion DoS vulnerability in REXML. When reading + text nodes from an XML document, the REXML parser could be + coerced into allocating extremely large string objects which + could consume all available memory on the system. CVE-2013-1821 + (Patch taken from debian (Salvatore Bonaccorso)) + +------------------------------------------------------------------- +Fri Oct 26 10:47:35 UTC 2012 - mrueck...@suse.de + +- added ruby-1.8.7_safe_level_bypass.patch: (bnc#783525) + Fixes a SAFE_LEVEL bypass in name_err_to_s. CVE-2012-4466 + +------------------------------------------------------------------- +Thu Jan 12 15:51:50 UTC 2012 - mrueck...@suse.de + +- update to 1.8.7.p357 (bnc#739122) + - randomize hash to avoid algorithmic complexity attacks. + CVE-2011-4815 + - initialization of hash_seed to be at the beginning of the + process. + - initialize random seed at first. + - call OpenSSL::Random.seed at the SecureRandom.random_bytes + call. insert separators for array join. patch by Masahiro + Tomita. [ruby-dev:44270] + - mkconfig.rb: fix for continued lines. based on a patch from + Marcus Rueckert <darix AT opensu.se> at [ruby-core:20420]. + - Infinity is greater than any bignum number. [ruby-dev:38672] + - initialize store->ex_data.sk. [ruby-core:28907] + [ruby-core:23971] [ruby-core:18121] + +------------------------------------------------------------------- +Thu Jul 7 13:02:17 UTC 2011 - mrueck...@suse.de + +- update to 1.8.7.p352 + - support for openssl compiled without SSLv2 + - multilib support for tk build + - some IPv6 related fixes + - zlib fixes + - reinitialize PRNG when forking children + - uri route_to fixes + - fix race condition with variables and autoload +- drop 1887f60a8540f64f5c7bb14d57c0be70506941b8.patch + included upstream +- drop ruby-1.8.7.p22_tcltk-multilib.patch + solved differently upstream + +------------------------------------------------------------------- +Fri May 20 13:26:07 UTC 2011 - mrueck...@suse.de + +- drop ruby-1.8.7.p299_webrick_error_page_encoding.patch: + we will stick to the upstream charset + +------------------------------------------------------------------- +Fri Mar 18 13:46:36 UTC 2011 - mrueck...@suse.de + +- added ruby-1.8.x_rubylibdir.patch: + allows us to also change the path for the stdlib part of the ruby + directory tree + +------------------------------------------------------------------- +Tue Feb 22 16:38:09 UTC 2011 - mrueck...@suse.de + +- update to 1.8.7.p334 (bnc#673740, bnc#673750, bnc#600752) + - A symlink race condition vulnerability was found in + FileUtils.remove_entry_secure. The vulnerability allows local + users to delete arbitrary files and directories. CVE-2011-1004 + - Exception#to_s method can be used to trick $SAFE check, which + makes a untrusted codes to modify arbitrary strings. + CVE-2011-1005 + - Ruby WEBrick character set issue (XSS) CVE-2010-0541 + + for all non security changes see + /usr/share/doc/packages/ruby/ChangeLog + +- refreshed ruby-1.8.x_openssl_branch_update.patch +- buildrequires openssl to make the last openssl test work +- https://github.com/ruby/ruby/commit/1887f60a8540f64f5c7bb14d57c0be70506941b8.patch + * ext/zlib/zlib.c (zstream_append_input2): add RB_GC_GUARD. + This caused failure when test/csv is executed with GC.stress = + true. +- added ruby-1.8.7.p334_remove_zlib_test_params_test.patch: + remove the test_params patch from backport in r27917 + It doesnt pass atm. +- removed ruby-1.8.6.p36_socket_ipv6.patch: + included upstream + +------------------------------------------------------------------- +Tue Sep 7 14:38:54 UTC 2010 - mrueck...@suse.de + +- the testsuite and doc-html package should of course require the + main package + +------------------------------------------------------------------- +Fri Jul 2 09:50:00 UTC 2010 - mrueck...@suse.de + +- add ruby(abi) = 1.8 provides + +------------------------------------------------------------------- +Thu Jul 1 15:27:17 UTC 2010 - mrueck...@suse.de + +- update to 1.8.7.p299 (bnc#606056 and bnc#603914) + - OpenSSL 1.0.0 support + - Use OpenSSL engines which exist + - Fixed range and chunked support for Net::HTTP + - Iconv fixes + - Backported pack/unpack from the 1.9 branch (bnc#606056 bnc#603914) + - Multiple fixes in the resolver + - Fixed Unicode inspection bug. + - Escape characters properly for the accesslog (bnc#570616) +- cleaned up rpmlintrc +- refreshed patches: + old: ruby-1.8.7.p22_lib64.patch + new: ruby-1.8.7.p299_lib64.patch + old: ruby_1.8.6.p36_date_remove_privat.patch + new: ruby-1.8.7.p299_date_remove_privat.patch + old: ruby-pedantic-headers.diff + new: ruby-1.8.7.p299_pedantic-headers.patch +- replaced patches ruby-1.8.x_openssl-1.0.patch and + ruby-1.8.x_openssl-1.0-tests.patch with + ruby-1.8.x_openssl_branch_update.patch + +------------------------------------------------------------------- +Wed May 19 14:44:51 UTC 2010 - mrueck...@suse.de + +- fix build on ix86: + --target got removed from the %configure macro. add it back + locally for now. + +------------------------------------------------------------------- +Thu Apr 22 22:06:56 UTC 2010 - mrueck...@suse.de + +- added ruby-1.8.x_openssl-1.0.patch and + ruby-1.8.x_openssl-1.0-tests.patch: + fix building with openssl 1.0.0 (taken from svn) +- added ruby-1.8.x_yaml2byte.patch: + fix warning about sequence point +- remove requires on glibc-devel again + +------------------------------------------------------------------- +Sat Mar 13 21:25:30 UTC 2010 - crrodrig...@opensuse.org + +- ruby-devel requires glibc-devel + +------------------------------------------------------------------- +Tue Feb 23 12:02:11 UTC 2010 - mrueck...@suse.de + +- added ruby-1.8.x_digest_non_void_return.patch: + patch pulled from SVN to fix the warnings about no return in + non-void functions. + +------------------------------------------------------------------- +Sun Jan 31 21:56:19 CET 2010 - meiss...@suse.de + +- ruby calls "ppc" "powerpc". + +------------------------------------------------------------------- +Fri Jan 29 19:12:11 UTC 2010 - mrueck...@suse.de + +- update to 1.8.7p249 + small big fix release in the 1.8.7 branch, this includes the fix + for: + - ruby webrick doesn't sanitize non-printable characters in log + (bnc#570616) CVE-2009-4492 +- drop ruby-1.8.6.p36_gc.patch: solution is upstream + +------------------------------------------------------------------- +Thu Dec 17 00:42:51 CET 2009 - jeng...@medozas.de + +- package documentation as noarch +- adjust ruby.macros to ask the ruby binary for the target plaform. + This is because %_host_cpu can expand to sparc64, while ruby is + built for the sparcv9 target, and %_target_cpu can expand to + noarch. +- in ruby.spec, %rb_arch is statically reset to %_target_cpu, as + we need the target name. Since it won't be noarch in this case, + that is good. + +------------------------------------------------------------------- +Thu Aug 20 19:19:52 UTC 2009 - jansimon.moel...@opensuse.org + +- remove s/armv5tel/armv4l/ in macros as it breaks build for armv5tel + +------------------------------------------------------------------- +Fri Nov 21 20:37:17 CET 2008 - mrueck...@suse.de + +- add ruby-1.8.7-p72_topdir.patch: + Config::TOPDIR was broken on lib64 systems as the code was + assuming $prefix/lib. + +------------------------------------------------------------------- +Fri Nov 21 17:03:25 CET 2008 - mrueck...@suse.de + +- added more ruby macros in /etc/rpm/macros.ruby ++++ 578 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.1:Update/.ruby.1497.new/ruby.changes New: ---- CVE-2013-1821.patch irb.1 ruby-1.8.7-p357.tar.bz2 ruby-1.8.7.p299_date_remove_privat.patch ruby-1.8.7.p299_lib64.patch ruby-1.8.7.p299_pedantic-headers.patch ruby-1.8.7.p334_remove_zlib_test_params_test.patch ruby-1.8.7.p72_topdir.patch ruby-1.8.7.p72_vendor_specific.patch ruby-1.8.7_safe_level_bypass.patch ruby-1.8.x_digest_non_void_return.patch ruby-1.8.x_openssl_branch_update.patch ruby-1.8.x_rubylibdir.patch ruby-1.8.x_yaml2byte.patch ruby-doc-bundle.tar.bz2 ruby-rpmlintrc ruby.changes ruby.macros ruby.spec site-specific.rb vendor-specific.rb ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ruby.spec ++++++ # # spec file for package ruby # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: ruby Version: 1.8.7.p357 Release: 0 # %define pkg_version 1.8.7 %define patch_level p357 %define rb_arch %(echo %{_target_cpu}-linux | sed -e "s/i686/i586/" -e "s/hppa2.0/hppa/" -e "s/ppc/powerpc/") %define rb_ver %(echo %{pkg_version} | sed -e 's/\\\.[0-9]\\\+$//') # License: GPLv2+ Group: Development/Languages/Ruby # BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bison gdbm-devel gperf graphviz libjpeg-devel openssl-devel readline-devel tk-devel # for openssl testsuite BuildRequires: openssl #define with_bleak_house 1 %if 0%{suse_version} >= 1030 %define use_fdupes 1 %endif %if 0%{?use_fdupes} BuildRequires: fdupes %endif %if 0%{?suse_version} < 930 BuildRequires: XFree86-devel XFree86-fonts-scalable %else BuildRequires: xorg-x11-devel xorg-x11-fonts-scalable %endif # Provides: /usr/bin/ruby %if 0%{?with_bleak_house} %define bleak_house_version 4.0 Provides: ruby_with_bleak_house = %{bleak_house_version}-%{release} %endif Provides: ruby(abi) = %{rb_ver} # Url: http://www.ruby-lang.org/ Source: ftp://ftp.ruby-lang.org/pub/ruby/ruby-%{pkg_version}-%{patch_level}.tar.bz2 Source1: irb.1 Source2: ruby-doc-bundle.tar.bz2 Patch1: ruby-1.8.7.p299_lib64.patch Patch5: ruby-1.8.7.p299_date_remove_privat.patch Patch6: ruby-1.8.7.p299_pedantic-headers.patch Patch7: ruby-1.8.7.p72_vendor_specific.patch Patch8: ruby-1.8.7.p72_topdir.patch Patch9: ruby-1.8.x_digest_non_void_return.patch # can be removed on next version update. pulled from svn Patch10: ruby-1.8.x_openssl_branch_update.patch Patch11: ruby-1.8.x_yaml2byte.patch Patch13: ruby-1.8.7.p334_remove_zlib_test_params_test.patch Patch14: ruby-1.8.x_rubylibdir.patch Patch15: ruby-1.8.7_safe_level_bypass.patch Patch16: CVE-2013-1821.patch # vendor ruby files taken from: # http://svn.macports.org/repository/macports/trunk/dports/lang/ruby/ Source3: site-specific.rb Source4: vendor-specific.rb # Source5: ruby-rpmlintrc Source6: ruby.macros %if 0%{?with_bleak_house} #Source6: bleak_house-%{bleak_house_version}.tar.bz2 %endif # Summary: An Interpreted Object-Oriented Scripting Language %description Ruby is an interpreted scripting language for quick and easy object-oriented programming. It has many features for processing text files and performing system management tasks (as in Perl). It is simple, straight-forward, and extensible. * Ruby features: - Simple Syntax - *Normal* Object-Oriented features (class, method calls, for example) - *Advanced* Object-Oriented features(Mix-in, Singleton-method, for example) - Operator Overloading - Exception Handling - Iterators and Closures - Garbage Collection - Dynamic Loading of Object Files (on some architectures) - Highly Portable (works on many UNIX machines; DOS, Windows, Mac, BeOS, and more) Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package devel License: GPLv2+ Group: Development/Languages/Ruby Summary: Development files to link against Ruby Requires: %{name} = %{version} %if 0%{?with_bleak_house} Requires: ruby_with_bleak_house = %{bleak_house_version} Provides: ruby-devel_with_bleak_house = %{bleak_house_version}-%{release} %endif %description devel Development files to link against Ruby. Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package tk License: GPLv2+ Group: Development/Languages/Ruby Summary: TCL/TK bindings for Ruby Requires: %{name} = %{version} %description tk TCL/TK bindings for Ruby Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package doc-ri License: GPLv2+ Group: Development/Languages/Ruby Summary: Ruby Interactive Documentation Requires: %{name} = %{version} %if 0%{?suse_version} >= 1120 BuildArch: noarch %endif %description doc-ri This package contains the RI docs for ruby Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package doc-html License: GPLv2+ Group: Development/Languages/Ruby Summary: This package contains the HTML docs for ruby Requires: %{name} = %{version} %if 0%{?suse_version} >= 1120 BuildArch: noarch %endif %description doc-html This package contains the HTML docs for ruby Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package examples License: GPLv2+ Group: Development/Languages/Ruby Requires: %{name} = %{version} Summary: Example scripts for ruby %description examples Example scripts for ruby Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %package test-suite License: GPLv2+ Group: Development/Languages/Ruby Requires: %{name} = %{version} Summary: An Interpreted Object-Oriented Scripting Language %description test-suite Ruby is an interpreted scripting language for quick and easy object-oriented programming. It has many features for processing text files and performing system management tasks (as in Perl). It is simple, straight-forward, and extensible. * Ruby features: - Simple Syntax - *Normal* Object-Oriented features (class, method calls, for example) - *Advanced* Object-Oriented features(Mix-in, Singleton-method, for example) - Operator Overloading - Exception Handling - Iterators and Closures - Garbage Collection - Dynamic Loading of Object Files (on some architectures) - Highly Portable (works on many UNIX machines; DOS, Windows, Mac, BeOS, and more) Authors: -------- Yukihiro Matsumoto <m...@netlab.co.jp> %prep %setup -q -n ruby-%{pkg_version}-%{patch_level} -a2 %{?with_bleak_house:-a6} %patch1 %patch5 %patch6 %patch7 %patch8 %patch9 %patch10 %patch11 %patch13 %patch14 %patch15 %patch16 -p1 %if 0%{?with_bleak_house} for patch in valgrind configure gc ; do patch -p0 < bleak_house-%{bleak_house_version}/ruby/${patch}.patch done %endif find . -type f | xargs -n 1 sed -i "s@#!\s*/usr/local/bin/ruby@#!/usr/bin/ruby@" # make sure it _really_ rebuilds parse.c for us old parse.c %build autoreconf -fi export CFLAGS="%{optflags} -g -fno-strict-aliasing" %configure \ --target=%{_target_platform} \ --with-default-kcode=none \ --with-mantype=man \ --enable-shared \ --disable-static %{__make} all %{__make} -C ext/tk/ all # # TODO: patch the .document files to include all needed modules. # export LD_LIBRARY_PATH="$PWD/" export RUBYLIB="$PWD:$PWD/lib:$(find $PWD/.ext $PWD/ext/ -type d |tr '\n' ':')." ./ruby bin/rdoc \ --all --line-numbers --ri-system \ --op=ri/%{rb_ver}/system . ./ruby bin/rdoc \ --all --line-numbers --charset=UTF-8 \ --fmt=html -p --inline-source \ --op=rdoc/html . %check # # move the tests out of the way that require an installed ruby # we dont have that in our build environment. # %{__mkdir} unused.test %{__mv} test/{drb,soap,webrick} unused.test/ %ifarch ppc64 s390x %{__mv} test/openssl/ unused.test/ %endif # # -> LD_LIBRARY_PATH => we need to find libruby.so.%{rb_ver} # the test suite uses LD_PRELOAD=./libruby.so.%{rb_ver} # -> RUBYLIB => find needed modules during documentation generation # export LD_LIBRARY_PATH="$PWD/" export RUBYLIB="$PWD:$PWD/lib:$(find $PWD/.ext $PWD/ext/ -type d |tr '\n' ':')." # # run the test suites # %{__make} check ||: # # TODO: # the big test suite fails with some weird openssl errors on ppc # to be reinvestigated # # %{__make} check # # restore the tests # %{__mv} unused.test/{drb,soap,webrick} test/ %ifarch ppc64 s390x %{__mv} unused.test/openssl/ test/ %endif %install %makeinstall %makeinstall -C ext/tk/ %{__install} -d -m 0755 \ %{buildroot}%{_docdir}/%{name}{,-test-suite} \ %{buildroot}%{_datadir}/emacs/site-lisp \ %{buildroot}%{_datadir}/ri/%{rb_ver}/system/ \ %{buildroot}%{_libdir}/%{name}/vendor_%{name}/%{rb_ver} # %{__install} -m 0644 misc/*.el %{buildroot}%{_datadir}/emacs/site-lisp/ %{__install} -m 0644 %{S:1} %{buildroot}%{_mandir}/man1/irb.1 # %{__install} -m 0644 %{S:3} %{buildroot}%{_libdir}/%{name}/site_%{name}/%{rb_ver} %{__install} -m 0644 %{S:4} %{buildroot}%{_libdir}/%{name}/vendor_%{name}/%{rb_ver} # %{__cp} -rv \ ri/ %{buildroot}%{_datadir}/ #mv %{buildroot}%{_datadir}{,/ri/%{rb_ver}}/created.rid %{__cp} -rv \ COPYING COPYING.ja ChangeLog GPL LEGAL \ LGPL README README.EXT README.EXT.ja \ README.ja ToDo NEWS \ %{buildroot}%{_docdir}/%{name} %if 0%{?with_bleak_house} %{__cp} -v bleak_house-%{bleak_house_version}/LICENSE %{buildroot}%{_docdir}/%{name}/LICENSE_AFL_for_bleak_house %{__cp} -v bleak_house-%{bleak_house_version}/LICENSE_BSD %{buildroot}%{_docdir}/%{name}/LICENSE_BSD_for_bleak_house %endif %{__cp} -rv \ ruby-doc-bundle %{buildroot}%{_docdir}/%{name} %{__cp} -rv \ rdoc/html %{buildroot}%{_docdir}/%{name}/ruby-library-docs %{__cp} -rv \ sample %{buildroot}%{_docdir}/%{name}/examples sed -i "s@#!\s*\./miniruby@#!/usr/bin/ruby@" runruby.rb %{__cp} -r test/ runruby.rb %{buildroot}%{_docdir}/%{name}-test-suite/ %{__ln_s} -f %{_bindir}/%{name} %{buildroot}%{_docdir}/%{name}-test-suite/%{name} %if 0%{?use_fdupes} %fdupes %{buildroot} %endif chmod -v a-x %{buildroot}%{_libdir}/ruby/%{rb_ver}/%{rb_arch}/*.h %{__install} -D -m 0644 %{S:6} %{buildroot}/etc/rpm/macros.ruby %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %defattr(-,root,root) %config(noreplace) /etc/rpm/macros.ruby %{_bindir}/* %dir %{_libdir}/%{name} %dir %{_libdir}/%{name}/%{rb_ver} %{_libdir}/lib%{name}.so.%{rb_ver}* %dir %{_datadir}/emacs %dir %{_datadir}/emacs/site-lisp %{_datadir}/emacs/site-lisp/* %{_mandir}/man1/* %dir %{_libdir}/%{name}/site_%{name} %dir %{_libdir}/%{name}/site_%{name}/%{rb_ver} %dir %{_libdir}/%{name}/site_%{name}/%{rb_ver}/%{rb_arch} %dir %{_libdir}/%{name}/vendor_%{name} %dir %{_libdir}/%{name}/vendor_%{name}/%{rb_ver} %dir %{_libdir}/%{name}/vendor_%{name}/%{rb_ver}/%{rb_arch} %{_libdir}/%{name}/site_%{name}/%{rb_ver}/site-specific.rb %{_libdir}/%{name}/vendor_%{name}/%{rb_ver}/vendor-specific.rb %{_libdir}/%{name}/%{rb_ver}/English.rb %{_libdir}/%{name}/%{rb_ver}/Env.rb %{_libdir}/%{name}/%{rb_ver}/abbrev.rb %{_libdir}/%{name}/%{rb_ver}/base64.rb %{_libdir}/%{name}/%{rb_ver}/benchmark.rb %{_libdir}/%{name}/%{rb_ver}/cgi* %{_libdir}/%{name}/%{rb_ver}/complex.rb %{_libdir}/%{name}/%{rb_ver}/csv.rb %{_libdir}/%{name}/%{rb_ver}/date.rb %dir %{_libdir}/%{name}/%{rb_ver}/date %{_libdir}/%{name}/%{rb_ver}/date/format.rb %{_libdir}/%{name}/%{rb_ver}/date2.rb %{_libdir}/%{name}/%{rb_ver}/debug.rb %{_libdir}/%{name}/%{rb_ver}/delegate.rb %{_libdir}/%{name}/%{rb_ver}/bigdecimal/ %{_libdir}/%{name}/%{rb_ver}/digest.rb %dir %{_libdir}/%{name}/%{rb_ver}/digest/ %{_libdir}/%{name}/%{rb_ver}/digest/sha2.rb %{_libdir}/%{name}/%{rb_ver}/dl/ %{_libdir}/%{name}/%{rb_ver}/drb* %{_libdir}/%{name}/%{rb_ver}/e2mmap.rb %{_libdir}/%{name}/%{rb_ver}/erb.rb %{_libdir}/%{name}/%{rb_ver}/eregex.rb %{_libdir}/%{name}/%{rb_ver}/expect.rb %{_libdir}/%{name}/%{rb_ver}/fileutils.rb %{_libdir}/%{name}/%{rb_ver}/finalize.rb %{_libdir}/%{name}/%{rb_ver}/find.rb %{_libdir}/%{name}/%{rb_ver}/forwardable.rb %{_libdir}/%{name}/%{rb_ver}/ftools.rb %{_libdir}/%{name}/%{rb_ver}/generator.rb %{_libdir}/%{name}/%{rb_ver}/getoptlong.rb %{_libdir}/%{name}/%{rb_ver}/getopts.rb %{_libdir}/%{name}/%{rb_ver}/gserver.rb %{_libdir}/%{name}/%{rb_ver}/importenv.rb %{_libdir}/%{name}/%{rb_ver}/io/ %{_libdir}/%{name}/%{rb_ver}/ipaddr.rb %{_libdir}/%{name}/%{rb_ver}/irb* %{_libdir}/%{name}/%{rb_ver}/jcode.rb %{_libdir}/%{name}/%{rb_ver}/kconv.rb %{_libdir}/%{name}/%{rb_ver}/logger.rb %{_libdir}/%{name}/%{rb_ver}/mailread.rb %{_libdir}/%{name}/%{rb_ver}/mathn.rb %{_libdir}/%{name}/%{rb_ver}/matrix.rb %{_libdir}/%{name}/%{rb_ver}/md5.rb %{_libdir}/%{name}/%{rb_ver}/mkmf.rb %{_libdir}/%{name}/%{rb_ver}/monitor.rb %{_libdir}/%{name}/%{rb_ver}/mutex_m.rb %{_libdir}/%{name}/%{rb_ver}/net/ %{_libdir}/%{name}/%{rb_ver}/observer.rb %{_libdir}/%{name}/%{rb_ver}/open-uri.rb %{_libdir}/%{name}/%{rb_ver}/open3.rb %{_libdir}/%{name}/%{rb_ver}/openssl* %{_libdir}/%{name}/%{rb_ver}/optparse* %{_libdir}/%{name}/%{rb_ver}/ostruct.rb %{_libdir}/%{name}/%{rb_ver}/parsearg.rb %{_libdir}/%{name}/%{rb_ver}/parsedate.rb %{_libdir}/%{name}/%{rb_ver}/pathname.rb %{_libdir}/%{name}/%{rb_ver}/ping.rb %{_libdir}/%{name}/%{rb_ver}/pp.rb %{_libdir}/%{name}/%{rb_ver}/prettyprint.rb %{_libdir}/%{name}/%{rb_ver}/profile.rb %{_libdir}/%{name}/%{rb_ver}/profiler.rb %{_libdir}/%{name}/%{rb_ver}/pstore.rb %dir %{_libdir}/%{name}/%{rb_ver}/racc %{_libdir}/%{name}/%{rb_ver}/racc/parser.rb %{_libdir}/%{name}/%{rb_ver}/rational.rb %{_libdir}/%{name}/%{rb_ver}/rdoc/ %{_libdir}/%{name}/%{rb_ver}/readbytes.rb %{_libdir}/%{name}/%{rb_ver}/resolv-replace.rb %{_libdir}/%{name}/%{rb_ver}/resolv.rb %{_libdir}/%{name}/%{rb_ver}/rexml/ %{_libdir}/%{name}/%{rb_ver}/rinda/ %{_libdir}/%{name}/%{rb_ver}/rss* %{_libdir}/%{name}/%{rb_ver}/rubyunit.rb %{_libdir}/%{name}/%{rb_ver}/runit/ %{_libdir}/%{name}/%{rb_ver}/scanf.rb %{_libdir}/%{name}/%{rb_ver}/set.rb %{_libdir}/%{name}/%{rb_ver}/securerandom.rb %{_libdir}/%{name}/%{rb_ver}/sha1.rb %{_libdir}/%{name}/%{rb_ver}/shell* %{_libdir}/%{name}/%{rb_ver}/singleton.rb %{_libdir}/%{name}/%{rb_ver}/soap/ %{_libdir}/%{name}/%{rb_ver}/sync.rb %{_libdir}/%{name}/%{rb_ver}/tempfile.rb %{_libdir}/%{name}/%{rb_ver}/test/ %{_libdir}/%{name}/%{rb_ver}/thread.rb %{_libdir}/%{name}/%{rb_ver}/thwait.rb %{_libdir}/%{name}/%{rb_ver}/time.rb %{_libdir}/%{name}/%{rb_ver}/timeout.rb %{_libdir}/%{name}/%{rb_ver}/tmpdir.rb %{_libdir}/%{name}/%{rb_ver}/tracer.rb %{_libdir}/%{name}/%{rb_ver}/tsort.rb %{_libdir}/%{name}/%{rb_ver}/un.rb %{_libdir}/%{name}/%{rb_ver}/uri* %{_libdir}/%{name}/%{rb_ver}/weakref.rb %{_libdir}/%{name}/%{rb_ver}/webrick* %{_libdir}/%{name}/%{rb_ver}/wsdl/ %{_libdir}/%{name}/%{rb_ver}/xmlrpc/ %{_libdir}/%{name}/%{rb_ver}/xsd/ %{_libdir}/%{name}/%{rb_ver}/yaml* %dir %{_libdir}/%{name}/%{rb_ver}/%{rb_arch} %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/rbconfig.rb %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/[a-sA-s]*.so %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/[u-zU-Z]*.so %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/thread.so %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/digest/ %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/io/ %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/racc/ %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/COPYING* %doc %{_docdir}/%{name}/ChangeLog %doc %{_docdir}/%{name}/LEGAL %doc %{_docdir}/%{name}/*GPL %doc %{_docdir}/%{name}/NEWS %doc %{_docdir}/%{name}/README* %doc %{_docdir}/%{name}/ToDo %if 0%{?with_bleak_house} %doc %{_docdir}/%{name}/LICENSE_*_for_bleak_house %endif %files devel %defattr(-,root,root) %{_libdir}/lib%{name}.so %{_libdir}/lib%{name}-static.a %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/*.h %files test-suite %defattr(-,root,root) %{_docdir}/%{name}-test-suite %files tk %defattr(-,root,root) %{_libdir}/%{name}/%{rb_ver}/tcltk.rb %{_libdir}/%{name}/%{rb_ver}/tk* %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/tcltklib.so %{_libdir}/%{name}/%{rb_ver}/%{rb_arch}/tkutil.so %{_libdir}/%{name}/%{rb_ver}/remote-tk.rb %{_libdir}/%{name}/%{rb_ver}/multi-tk.rb %files doc-html %defattr(-,root,root) %doc %{_docdir}/%{name}/ruby-library-docs %doc %{_docdir}/%{name}/ruby-doc-bundle %files doc-ri %defattr(-,root,root) %doc %{_datadir}/ri %files examples %defattr(-,root,root) %doc %{_docdir}/%{name}/examples %changelog ++++++ CVE-2013-1821.patch ++++++ Description: Fix entity expansion DoS vulnerability in REXML CVE-2013-1821 Origin: upstream, http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=39384&view=patch Bug-Debian: http://bugs.debian.org/702526 Forwarded: not-needed Author: Salvatore Bonaccorso <car...@debian.org> Last-Update: 2013-03-09 --- a/lib/rexml/document.rb +++ b/lib/rexml/document.rb @@ -214,6 +214,18 @@ return @@entity_expansion_limit end + @@entity_expansion_text_limit = 10_240 + + # Set the entity expansion limit. By default the limit is set to 10240. + def Document::entity_expansion_text_limit=( val ) + @@entity_expansion_text_limit = val + end + + # Get the entity expansion limit. By default the limit is set to 10000. + def Document::entity_expansion_text_limit + return @@entity_expansion_text_limit + end + attr_reader :entity_expansion_count def record_entity_expansion --- a/test/rexml/test_document.rb +++ b/test/rexml/test_document.rb @@ -63,4 +63,23 @@ ensure REXML::Document.entity_expansion_limit = 10000 end + + def test_entity_string_limit + template = '<!DOCTYPE bomb [ <!ENTITY a "^" > ]> <bomb>$</bomb>' + len = 5120 # 5k per entity + template.sub!(/\^/, "B" * len) + + # 10k is OK + entities = '&a;' * 2 # 5k entity * 2 = 10k + xmldoc = REXML::Document.new(template.sub(/\$/, entities)) + assert_equal(len * 2, xmldoc.root.text.bytesize) + + # above 10k explodes + entities = '&a;' * 3 # 5k entity * 2 = 15k + xmldoc = REXML::Document.new(template.sub(/\$/, entities)) + assert_raises(RuntimeError) do + xmldoc.root.text + end + end + end --- a/lib/rexml/text.rb +++ b/lib/rexml/text.rb @@ -308,37 +308,35 @@ # Unescapes all possible entities def Text::unnormalize( string, doctype=nil, filter=nil, illegal=nil ) - rv = string.clone - rv.gsub!( /\r\n?/, "\n" ) - matches = rv.scan( REFERENCE ) - return rv if matches.size == 0 - rv.gsub!( NUMERICENTITY ) {|m| - m=$1 - m = "0#{m}" if m[0] == ?x - [Integer(m)].pack('U*') + sum = 0 + string.gsub( /\r\n?/, "\n" ).gsub( REFERENCE ) { + s = Text.expand($&, doctype, filter) + if sum + s.bytesize > Document.entity_expansion_text_limit + raise "entity expansion has grown too large" + else + sum += s.bytesize + end + s } - matches.collect!{|x|x[0]}.compact! - if matches.size > 0 - if doctype - matches.each do |entity_reference| - unless filter and filter.include?(entity_reference) - entity_value = doctype.entity( entity_reference ) - re = /&#{entity_reference};/ - rv.gsub!( re, entity_value ) if entity_value - end - end + end + + def Text.expand(ref, doctype, filter) + if ref[1] == ?# + if ref[2] == ?x + [ref[3...-1].to_i(16)].pack('U*') else - matches.each do |entity_reference| - unless filter and filter.include?(entity_reference) - entity_value = DocType::DEFAULT_ENTITIES[ entity_reference ] - re = /&#{entity_reference};/ - rv.gsub!( re, entity_value.value ) if entity_value - end - end + [ref[2...-1].to_i].pack('U*') end - rv.gsub!( /&/, '&' ) + elsif ref == '&' + '&' + elsif filter and filter.include?( ref[1...-1] ) + ref + elsif doctype + doctype.entity( ref[1...-1] ) or ref + else + entity_value = DocType::DEFAULT_ENTITIES[ ref[1...-1] ] + entity_value ? entity_value.value : ref end - rv end end end ++++++ irb.1 ++++++ .\" DO NOT MODIFY THIS FILE! it was generated by rd2 .TH irb-beta 1 "May 2001" .SH What is irb? .PP irb stands for `interactive ruby'. irb is a tool to execute interactively ruby expressions read from stdin. .SH Invoking .PP .nf \& % ruby \-r irb \-e0 \& % irb .fi Either of the aboves. In the former style, options can be specified as follows: .nf \& % ruby \-r irb \-e0 \-\- \-v .fi .SH Usage .PP Use of irb is easy if you know ruby. Executing irb, prompts are displayed as follows. Then, enter expression of ruby. A input is executed when it is syntacticaly completed. .nf \& dim% irb \& irb(main):001:0> 1+2 \& 3 \& irb(main):002:0> class Foo \& irb(main):003:1> def foo \& irb(main):004:2> print 1 \& irb(main):005:2> end \& irb(main):006:1> end \& nil \& irb(main):007:0> .fi And, Readline extesion module can be used with irb. Using Readline is the standard default action if Readline is installed. .SH Command line option .PP .nf \& irb.rb [options] file_name opts \& options: \& \-f suppress read ~/.irbrc \& \-m bc mode (fraction or matrix are available) \& \-d set $DEBUG to true (same as `ruby \-d') \& \-r load\-module same as `ruby \-r' \& \-\-inspect uses `inspect' for output (the default except bc mode) \& \-\-noinspect doesn't uses inspect for output \& \-\-readline uses Readline extension module \& \-\-noreadline doesn't use Readline extension module \& \-\-prompt prompt\-mode \& \-\-prompt\-mode prompt\-mode .fi .nf \& switches prompt mode. Pre\-defined prompt modes are \& `defalut', `simple', `xmp' and `inf\-ruby' .fi .nf \& \-\-inf\-ruby\-mode uses prompt appreciate for inf\-ruby\-mode on emacs. .fi .nf \& Suppresses \-\-readline. .fi .nf \& \-\-simple\-prompt simple prompt mode \& \-\-noprompt no prompt \& \-\-tracer display trace for each execution of commands. \& \-\-back\-trace\-limit n .fi .nf \& displayes backtrace top n and tail n. The default \& value is 16. .fi .nf \& \-\-irb_debug n sets internal debug level to n (It shouldn't be used) \& \-v, \-\-version prints the version of irb .fi .SH Configurations .PP irb reads `~/.irbrc' when it is invoked. If `~/.irbrb' doesn't exist irb try to read in the order `.irbrc', `irb.rc', `_irbrc' then `$irbrc'. The following is altanative to the command line option. To use them type as follows in an irb session. .nf \& IRB.conf[:IRB_NAME]="irb" \& IRB.conf[:MATH_MODE]=false \& IRB.conf[:USE_TRACER]=false \& IRB.conf[:USE_LOADER]=false \& IRB.conf[:IGNORE_SIGINT]=true \& IRB.conf[:IGNORE_EOF]=false \& IRB.conf[:INSPECT_MODE]=nil \& IRB.conf[:IRB_RC] = nil \& IRB.conf[:BACK_TRACE_LIMIT]=16 \& IRB.conf[:USE_LOADER] = false \& IRB.conf[:USE_READLINE] = nil \& IRB.conf[:USE_TRACER] = false \& IRB.conf[:IGNORE_SIGINT] = true \& IRB.conf[:IGNORE_EOF] = false \& IRB.conf[:PROMPT_MODE] = :DEFALUT \& IRB.conf[:PROMPT] = {...} \& IRB.conf[:DEBUG_LEVEL]=0 \& IRB.conf[:VERBOSE]=true .fi .SH Customizing prompt .PP To costomize the prompt you set a variable .nf \& IRB.conf[:PROMPT] .fi For example, describe as follows in `.irbrc'. .nf \& IRB.conf[:PROMPT][:MY_PROMPT] = { # name of prompt mode \& :PROMPT_I => nil, # normal prompt \& :PROMPT_S => nil, # prompt for continuated strings \& :PROMPT_C => nil, # prompt for continuated statement \& :RETURN => " ==>%s\\n" # format to return value \& } .fi Then, invoke irb with the above prompt mode by .nf \& % irb \-\-prompt my\-prompt .fi Or add the following in `.irbrc'. .nf \& IRB.conf[:PROMPT_MODE] = :MY_PROMPT .fi Constants PROMPT_I, PROMPT_S and PROMPT_C specifies the format. In the prompt specification, some special strings are available. .nf \& %N command name which is running \& %m to_s of main object (self) \& %M inspect of main object (self) \& %l type of string(", ', /, ]), `]' is inner %w[...] \& %NNi indent level. NN is degits and means as same as printf("%NNd"). \& It can be ommited \& %NNn line number. \& %% % .fi For instance, the default prompt mode is defined as follows: IRB.conf[:PROMPT_MODE][:DEFAULT] = { .TP .fi .B PROMPT_I => "%N(%m):%03n:%i> ", .TP .fi .B PROMPT_S => "%N(%m):%03n:%i%l ", .TP .fi .B PROMPT_C => "%N(%m):%03n:%i* ", .TP .fi .B RETURN => "%s\\n" } RETURN is used to printf. .SH Configurating subirb .PP The command line option or IRB.conf specify the default behavior of (sub)irb. On the other hand, each conf of in the next sction `6. Command' is used to individually configurate (sub)irb. If proc is set to IRB.conf[:IRB_RC], its subirb will be invoked after execution of that proc under giving the context of irb as its aregument. By this mechanism each subirb can be configurated. .SH Command .PP For irb commands, both simple name and `irb_'\-prefixed name are prepared. .TP .fi .B exit, quit, irb_exit Quits (sub)irb. if you've done cb (see below), exit from the binding mode. .TP .fi .B conf, irb_context Displays current configuration. Modifing the configuration is achieved by sending message to `conf'. .TP .fi .B conf.back_trace_limit Sets display lines of backtrace as top n and tail n. The default value is 16. .TP .fi .B conf.debug_level = N Sets debug level of irb. .TP .fi .B conf.ignore_eof = true/false Whether ^D (control\-d) will be ignored or not. If false is set, ^D means quit. .TP .fi .B conf.ignore_sigint= true/false Whether ^C (control\-c) will be ignored or not. If false is set, ^D means quit. If true, .nf \& during input: cancel inputing then return to top level. \& during execute: abondon current execution. .fi .TP .fi .B conf.inf_ruby_mode = true/false Whether inf\-ruby\-mode or not. The default value is false. .TP .fi .B conf.inspect_mode = true/false/nil Specifies inspect mode. true: display inspect false: display to_s nil: inspect mode in non math mode, .nf \& non inspect mode in math mode. .fi .TP .fi .B conf.irb_level The level of cb. .TP .fi .B conf.math_mode Whether bc mode or not. .TP .fi .B conf.use_loader = true/false Whether irb's own file reader method is used when load/require or not. This mode is globaly affected (irb wide). .TP .fi .B conf.prompt_c prompt for a continuating statement (e.g, immediately after of `if') .TP .fi .B conf.prompt_i standard prompt .TP .fi .B conf.prompt_s prompt for a continuating string .TP .fi .B conf.rc Whether ~/.irbrc is read or not. .TP .fi .B conf.use_prompt = true/false Prompting or not. .TP .fi .B conf.use_readline = true/false/nil Whether readline is used or not. true: uses false: doen't use nil: intends to use readline except for inf\-reuby\-mode (default) .TP .fi .B conf.verbose=T/F Whether verbose messages are display or not. .TP .fi .B cb, irb_change_binding [obj] Enter new binding which has a distinct scope of local variables. If obj is given, obj will be self. .TP .fi .B irb [obj] Invoke subirb. If obj is given, obj will be self. .TP .fi .B jobs, irb_jobs List of subirb .TP .fi .B fg n, irb_fg n Switch into specified subirb. The following is candidates of n: .nf \& irb number \& thhread \& irb object \& self(obj which is specified of irb obj) .fi .TP .fi .B kill n, irb_kill n Kill subirb. The means of n is as same as the case of irb_fg. .SH System variable .PP .nf \& _ The latest value of evaluation (it is local) .fi .SH Session Example .PP .nf \& dim% ruby irb.rb \& irb(main):001:0> irb # invoke subirb \& irb#1(main):001:0> jobs # list of subirbs \& #0\->irb on main (#<Thread:0x400fb7e4> : stop) \& #1\->irb#1 on main (#<Thread:0x40125d64> : running) \& nil \& irb#1(main):002:0> fg 0 # switch job \& nil \& irb(main):002:0> class Foo;end \& nil \& irb(main):003:0> irb Foo # invoke subirb which has the .fi .nf \& # context of Foo .fi .nf \& irb#2(Foo):001:0> def foo # define Foo#foo \& irb#2(Foo):002:1> print 1 \& irb#2(Foo):003:1> end \& nil \& irb#2(Foo):004:0> fg 0 # switch job \& nil \& irb(main):004:0> jobs # list of job \& #0\->irb on main (#<Thread:0x400fb7e4> : running) \& #1\->irb#1 on main (#<Thread:0x40125d64> : stop) \& #2\->irb#2 on Foo (#<Thread:0x4011d54c> : stop) \& nil \& irb(main):005:0> Foo.instance_methods # Foo#foo is defined asurely \& ["foo"] \& irb(main):006:0> fg 2 # switch job \& nil \& irb#2(Foo):005:0> def bar # define Foo#bar \& irb#2(Foo):006:1> print "bar" \& irb#2(Foo):007:1> end \& nil \& irb#2(Foo):010:0> Foo.instance_methods \& ["bar", "foo"] \& irb#2(Foo):011:0> fg 0 \& nil \& irb(main):007:0> f = Foo.new \& #<Foo:0x4010af3c> \& irb(main):008:0> irb f # invoke subirb which has the .fi .nf \& # context of f (instance of Foo) .fi .nf \& irb#3(#<Foo:0x4010af3c>):001:0> jobs \& #0\->irb on main (#<Thread:0x400fb7e4> : stop) \& #1\->irb#1 on main (#<Thread:0x40125d64> : stop) \& #2\->irb#2 on Foo (#<Thread:0x4011d54c> : stop) \& #3\->irb#3 on #<Foo:0x4010af3c> (#<Thread:0x4010a1e0> : running) \& nil \& irb#3(#<Foo:0x4010af3c>):002:0> foo # evaluate f.foo \& 1nil \& irb#3(#<Foo:0x4010af3c>):003:0> bar # evaluate f.bar \& barnil \& irb#3(#<Foo:0x4010af3c>):004:0> kill 1, 2, 3# kill job \& nil \& irb(main):009:0> jobs \& #0\->irb on main (#<Thread:0x400fb7e4> : running) \& nil \& irb(main):010:0> exit # exit \& dim% .fi .SH Restrictions .PP Because irb evaluates the inputs immediately after the imput is syntactically completed, irb gives slight different result than directly use ruby. Known difference is pointed out here. .SH Declaration of the local variable .PP The following causes an error in ruby: .nf \& eval "foo = 0" \& foo \& \-\- \& \-:2: undefined local variable or method `foo' for #<Object:0x40283118> (NameError) \& \-\-\- \& NameError .fi Though, the above will successfully done by irb. .nf \& >> eval "foo = 0" .fi .nf \& => 0 \& >> foo \& => 0 .fi Ruby evaluates a code after reading entire of code and determination of the scope of local variables. On the other hand, irb do immediately. More precisely, irb evaluate at first .nf \& evel "foo = 0" .fi then foo is defined on this timing. It is because of this incompatibility. If you'd like to detect those differences, begin...end can be used: .nf \& >> begin \& ?> eval "foo = 0" \& >> foo \& >> end \& NameError: undefined local variable or method `foo' for #<Object:0x4013d0f0> \& (irb):3 \& (irb_local_binding):1:in `eval' .fi .SH Here\-document .PP Implementation of Here\-document is incomplete. .SH Symbol .PP Irb can not always recognize a symbol as to be Symbol. Concretely, an expression have completed, however Irb regard it as continuation line. ++++++ ruby-1.8.7.p299_date_remove_privat.patch ++++++ === lib/date.rb ================================================================== Index: lib/date.rb =================================================================== --- lib/date.rb.orig 2010-06-08 06:45:42.000000000 +0200 +++ lib/date.rb 2010-07-01 14:07:25.065690840 +0200 @@ -1648,8 +1648,6 @@ class Time DateTime.new!(DateTime.jd_to_ajd(jd, fr, of), of, DateTime::ITALY) end - private :to_date, :to_datetime - end class Date ++++++ ruby-1.8.7.p299_lib64.patch ++++++ Index: configure.in =================================================================== --- configure.in.orig 2010-06-08 11:26:34.000000000 +0200 +++ configure.in 2010-07-01 14:07:03.849193105 +0200 @@ -1433,7 +1433,7 @@ rb_cv_missing_fconvert=yes, rb_cv_missin if test "$rb_cv_missing_fconvert" = yes; then AC_DEFINE(MISSING_FCONVERT) fi - AC_LIBOBJ([x68.o]) + AC_LIBOBJ([x68]) CFLAGS="$CFLAGS -fansi-only" XCFLAGS="$XCFLAGS -cc1-stack=262144 -cpp-stack=2694144" EXEEXT=.x ++++++ ruby-1.8.7.p299_pedantic-headers.patch ++++++ Index: node.h =================================================================== --- node.h.orig 2009-02-25 07:15:55.000000000 +0100 +++ node.h 2010-07-01 14:07:38.645191446 +0200 @@ -395,7 +395,7 @@ enum rb_thread_status { THREAD_TO_KILL, THREAD_RUNNABLE, THREAD_STOPPED, - THREAD_KILLED, + THREAD_KILLED }; typedef struct rb_thread *rb_thread_t; ++++++ ruby-1.8.7.p334_remove_zlib_test_params_test.patch ++++++ Index: test/zlib/test_zlib.rb =================================================================== --- test/zlib/test_zlib.rb.orig +++ test/zlib/test_zlib.rb @@ -113,36 +113,36 @@ if defined? Zlib assert_equal(true, z.closed?) end - def test_params - z = Zlib::Deflate.new - z << "foo" - z.params(Zlib::DEFAULT_COMPRESSION, Zlib::DEFAULT_STRATEGY) - z << "bar" - s = z.finish - assert_equal("foobar", Zlib::Inflate.inflate(s)) - - data = ('a'..'z').to_a.join - z = Zlib::Deflate.new(Zlib::NO_COMPRESSION, Zlib::MAX_WBITS, - Zlib::DEF_MEM_LEVEL, Zlib::DEFAULT_STRATEGY) - z << data[0, 10] - z.params(Zlib::BEST_COMPRESSION, Zlib::DEFAULT_STRATEGY) - z << data[10 .. -1] - assert_equal(data, Zlib::Inflate.inflate(z.finish)) - - z = Zlib::Deflate.new - s = z.deflate("foo", Zlib::FULL_FLUSH) - z.avail_out = 0 - z.params(Zlib::NO_COMPRESSION, Zlib::FILTERED) - s << z.deflate("bar", Zlib::FULL_FLUSH) - z.avail_out = 0 - z.params(Zlib::BEST_COMPRESSION, Zlib::HUFFMAN_ONLY) - s << z.deflate("baz", Zlib::FINISH) - assert_equal("foobarbaz", Zlib::Inflate.inflate(s)) - - z = Zlib::Deflate.new - assert_raise(Zlib::StreamError) { z.params(10000, 10000) } - z.close # without this, outputs `zlib(finalizer): the stream was freed prematurely.' - end +# def test_params +# z = Zlib::Deflate.new +# z << "foo" +# z.params(Zlib::DEFAULT_COMPRESSION, Zlib::DEFAULT_STRATEGY) +# z << "bar" +# s = z.finish +# assert_equal("foobar", Zlib::Inflate.inflate(s)) +# +# data = ('a'..'z').to_a.join +# z = Zlib::Deflate.new(Zlib::NO_COMPRESSION, Zlib::MAX_WBITS, +# Zlib::DEF_MEM_LEVEL, Zlib::DEFAULT_STRATEGY) +# z << data[0, 10] +# z.params(Zlib::BEST_COMPRESSION, Zlib::DEFAULT_STRATEGY) +# z << data[10 .. -1] +# assert_equal(data, Zlib::Inflate.inflate(z.finish)) +# +# z = Zlib::Deflate.new +# s = z.deflate("foo", Zlib::FULL_FLUSH) +# z.avail_out = 0 +# z.params(Zlib::NO_COMPRESSION, Zlib::FILTERED) +# s << z.deflate("bar", Zlib::FULL_FLUSH) +# z.avail_out = 0 +# z.params(Zlib::BEST_COMPRESSION, Zlib::HUFFMAN_ONLY) +# s << z.deflate("baz", Zlib::FINISH) +# assert_equal("foobarbaz", Zlib::Inflate.inflate(s)) +# +# z = Zlib::Deflate.new +# assert_raise(Zlib::StreamError) { z.params(10000, 10000) } +# z.close # without this, outputs `zlib(finalizer): the stream was freed prematurely.' +# end def test_set_dictionary z = Zlib::Deflate.new ++++++ ruby-1.8.7.p72_topdir.patch ++++++ Index: mkconfig.rb =================================================================== --- mkconfig.rb.orig 2008-11-21 19:55:28.000000000 +0100 +++ mkconfig.rb 2008-11-21 20:34:41.653180779 +0100 @@ -22,6 +22,7 @@ def (config = "").write(arg) end $stdout = config +configured_prefix = "" fast = {'prefix'=>TRUE, 'ruby_install_name'=>TRUE, 'INSTALL'=>TRUE, 'EXEEXT'=>TRUE} print %[ # This file was created by #{mkconfig} when ruby was built. Any @@ -86,6 +87,7 @@ File.foreach "config.status" do |line| val.gsub!(/ +(?!-)/, "=") if name == "configure_args" && /mswin32/ =~ RUBY_PLATFORM val = val.gsub(/\$(?:\$|\{?(\w+)\}?)/) {$1 ? "$(#{$1})" : $&}.dump if /^prefix$/ =~ name + configured_prefix = val val = "(TOPDIR || DESTDIR + #{val})" end v = " CONFIG[\"#{name}\"] #{vars[name] ? '<< "\n"' : '='} #{val}\n" @@ -103,7 +105,7 @@ end drive = File::PATH_SEPARATOR == ';' prefix = '/lib/ruby/' + RUBY_VERSION.sub(/\.\d+$/, '') + '/' + RUBY_PLATFORM -print " TOPDIR = File.dirname(__FILE__).chomp!(#{prefix.dump})\n" +print " TOPDIR = #{configured_prefix}\n" print " DESTDIR = ", (drive ? "TOPDIR && TOPDIR[/\\A[a-z]:/i] || " : ""), "'' unless defined? DESTDIR\n" print " CONFIG = {}\n" print " CONFIG[\"DESTDIR\"] = DESTDIR\n" ++++++ ruby-1.8.7.p72_vendor_specific.patch ++++++ Index: mkconfig.rb =================================================================== --- mkconfig.rb.orig 2008-06-06 12:39:57.000000000 +0200 +++ mkconfig.rb 2008-09-05 19:16:10.832214101 +0200 @@ -147,6 +147,11 @@ print <<EOS CONFIG["sitearchdir"] = "$(sitelibdir)/$(sitearch)" CONFIG["vendorlibdir"] = "$(vendordir)/$(ruby_version)" CONFIG["vendorarchdir"] = "$(vendorlibdir)/$(sitearch)" + if defined?(VENDOR_SPECIFIC) && VENDOR_SPECIFIC + CONFIG["sitedir"] = CONFIG["vendordir"] + CONFIG["sitelibdir"] = CONFIG["vendorlibdir"] + CONFIG["sitearchdir"] = CONFIG["vendorarchdir"] + end CONFIG["topdir"] = File.dirname(__FILE__) MAKEFILE_CONFIG = {} CONFIG.each{|k,v| MAKEFILE_CONFIG[k] = v.dup} ++++++ ruby-1.8.7_safe_level_bypass.patch ++++++ Index: error.c =================================================================== --- error.c.orig 2011-02-18 13:32:35.000000000 +0100 +++ error.c 2012-10-25 18:33:25.395358772 +0200 @@ -665,9 +665,6 @@ name_err_to_s(exc) if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); StringValue(str); - if (str != mesg) { - OBJ_INFECT(str, mesg); - } return str; } Index: test/ruby/test_exception.rb =================================================================== --- test/ruby/test_exception.rb.orig 2011-02-18 13:32:35.000000000 +0100 +++ test/ruby/test_exception.rb 2012-10-25 18:33:25.396358773 +0200 @@ -206,4 +206,54 @@ class TestException < Test::Unit::TestCa s = e.to_s assert_equal(true, s.tainted?) end + + def test_to_s_taintness_propagation + for exc in [Exception, NameError] + m = "abcdefg" + e = exc.new(m) + e.taint + s = e.to_s + assert_equal(false, m.tainted?, + "#{exc}#to_s should not propagate taintness") + assert_equal(false, s.tainted?, + "#{exc}#to_s should not propagate taintness") + end + + o = Object.new + def o.to_str + "foo" + end + o.taint + e = NameError.new(o) + s = e.to_s + assert_equal(false, s.tainted?) + end + + def test_exception_to_s_should_not_propagate_untrustedness + favorite_lang = "Ruby" + + for exc in [Exception, NameError] + assert_raise(SecurityError) do + lambda { + $SAFE = 4 + exc.new(favorite_lang).to_s + favorite_lang.replace("Python") + }.call + end + end + + assert_raise(SecurityError) do + lambda { + $SAFE = 4 + o = Object.new + (class << o; self; end).send(:define_method, :to_str) { + favorite_lang + } + NameError.new(o).to_s + favorite_lang.replace("Python") + }.call + end + + assert_equal("Ruby", favorite_lang) + end end ++++++ ruby-1.8.x_digest_non_void_return.patch ++++++ Index: ext/digest/digest.c =================================================================== --- ext/digest/digest.c.orig 2009-12-14 04:19:26.000000000 +0100 +++ ext/digest/digest.c 2010-02-23 12:27:54.812092205 +0100 @@ -2,14 +2,14 @@ digest.c - - $Author: shyouhei $ + $Author: knu $ created at: Fri May 25 08:57:27 JST 2001 Copyright (C) 1995-2001 Yukihiro Matsumoto Copyright (C) 2001-2006 Akinori MUSHA $RoughId: digest.c,v 1.16 2001/07/13 15:38:27 knu Exp $ - $Id: digest.c 26089 2009-12-14 03:19:26Z shyouhei $ + $Id: digest.c 26341 2010-01-17 19:23:17Z knu $ ************************************************/ @@ -76,6 +76,8 @@ rb_digest_s_hexencode(VALUE klass, VALUE return hexencode_str_new(str); } +NORETURN(static void rb_digest_instance_method_unimpl(VALUE self, const char *method)); + /* * Document-module: Digest::Instance * @@ -86,8 +88,6 @@ rb_digest_s_hexencode(VALUE klass, VALUE static void rb_digest_instance_method_unimpl(VALUE self, const char *method) { - VALUE klass = rb_obj_class(self); - rb_raise(rb_eRuntimeError, "%s does not implement %s()", rb_obj_classname(self), method); } @@ -179,10 +179,7 @@ rb_digest_instance_digest(int argc, VALU value = rb_funcall(self, id_finish, 0); rb_funcall(self, id_reset, 0); } else { - VALUE clone = rb_obj_clone(self); - - value = rb_funcall(clone, id_finish, 0); - rb_funcall(clone, id_reset, 0); + value = rb_funcall(rb_obj_clone(self), id_finish, 0); } return value; @@ -227,10 +224,7 @@ rb_digest_instance_hexdigest(int argc, V value = rb_funcall(self, id_finish, 0); rb_funcall(self, id_reset, 0); } else { - VALUE clone = rb_obj_clone(self); - - value = rb_funcall(clone, id_finish, 0); - rb_funcall(clone, id_reset, 0); + value = rb_funcall(rb_obj_clone(self), id_finish, 0); } return hexencode_str_new(value); @@ -240,8 +234,8 @@ rb_digest_instance_hexdigest(int argc, V * call-seq: * digest_obj.hexdigest! -> string * - * Returns the resulting hash value and resets the digest to the - * initial state. + * Returns the resulting hash value in a hex-encoded form and resets + * the digest to the initial state. */ static VALUE rb_digest_instance_hexdigest_bang(VALUE self) @@ -275,7 +269,7 @@ rb_digest_instance_inspect(VALUE self) { VALUE str; size_t digest_len = 32; /* about this size at least */ - char *cname; + const char *cname; cname = rb_obj_classname(self); ++++++ ruby-1.8.x_openssl_branch_update.patch ++++++ ++++ 1675 lines (skipped) ++++++ ruby-1.8.x_rubylibdir.patch ++++++ Index: configure.in =================================================================== --- configure.in.orig +++ configure.in @@ -1757,7 +1757,12 @@ case "$target_os" in rubyw_install_name="$RUBYW_INSTALL_NAME" ;; esac -RUBY_LIB_PREFIX=`eval echo \\"${libdir}/ruby\\"` + +AC_ARG_WITH(rubylibdir, + [ --with-rubylibdir=DIR stdlib libraries in DIR [[LIBDIR/ruby]]], + [rubylibdir=$withval], + [rubylibdir='${libdir}/ruby']) +RUBY_LIB_PREFIX=`eval echo \\"${rubylibdir}\\"` AC_ARG_WITH(sitedir, [ --with-sitedir=DIR site libraries in DIR [[LIBDIR/ruby/site_ruby]]], ++++++ ruby-1.8.x_yaml2byte.patch ++++++ I: Program causes undefined operation (likely same variable used twiceand post/pre incremented in the same expression). e.g. x = x++; Split it in two operations. W: ruby sequence-point yaml2byte.c:67, 104 yaml2byte.c: In function 'bytestring_append': yaml2byte.c:67:21: warning: operation on 'str->buffer' may be undefined yaml2byte.c: In function 'bytestring_extend': yaml2byte.c:104:25: warning: operation on 'str->buffer' may be undefined #define S_REALLOC_N(var,type,n) (var)=(type*)realloc((char*)(var),sizeof(type)*(n)) so the old code expanded to: str->buffer = str->buffer = (char*)realloc((char*)str->buffer, sizeof(char)*str->length + 1) Index: ext/syck/yaml2byte.c =================================================================== --- ext/syck/yaml2byte.c (revision 27446) +++ ext/syck/yaml2byte.c (working copy) @@ -64,7 +64,7 @@ grow = (length - str->remaining) + CHUNKSIZE; str->remaining += grow; str->length += grow; - str->buffer = S_REALLOC_N( str->buffer, char, str->length + 1 ); + S_REALLOC_N( str->buffer, char, str->length + 1 ); assert(str->buffer); } curr = str->buffer + (str->length - str->remaining); @@ -101,7 +101,7 @@ grow = (length - str->remaining) + CHUNKSIZE; str->remaining += grow; str->length += grow; - str->buffer = S_REALLOC_N( str->buffer, char, str->length + 1 ); + S_REALLOC_N( str->buffer, char, str->length + 1 ); } curr = str->buffer + (str->length - str->remaining); from = ext->buffer; ++++++ ruby-rpmlintrc ++++++ addFilter("spurious-executable-perm.*/usr/share/doc/packages/ruby-test-suite/runruby.rb") addFilter("non-executable-script /usr/lib.*/ruby/.*") addFilter("wrong-file-end-of-line-encoding /usr/share/doc/packages/ruby/.*") addFilter("zero-length /usr/share/doc/packages/ruby-test-suite/.*") addFilter("unexpanded-macro.*/usr/share/ri/.*") ++++++ ruby.macros ++++++ %rb_arch %(/usr/bin/ruby -e 'print RUBY_PLATFORM') %rb_ver %(/usr/bin/ruby -e 'puts VERSION.sub(/\\\.\\\d$/, "")') # %rb_dir %{_libdir}/ruby/ %rb_libdir %{_libdir}/ruby/%{rb_ver}/ %rb_archdir %{_libdir}/ruby/%{rb_ver}/%{rb_arch} # %rb_sitedir %{_libdir}/ruby/site_ruby %rb_sitelib %{rb_sitedir}/%{rb_ver} %rb_sitearch %{rb_sitedir}/%{rb_ver}/%{rb_arch} # %rb_vendordir %{_libdir}/ruby/vendor_ruby %rb_vendorlib %{rb_vendordir}/%{rb_ver} %rb_vendorarch %{rb_vendordir}/%{rb_ver}/%{rb_arch} ++++++ site-specific.rb ++++++ # $Id: site-specific.rb,v 1.1 2004/04/02 04:47:43 rshaw Exp $ # Default site_ruby install library setting for normal module # installation. You can force site installation with the following: # # ruby -rsite-specific extconf.rb # or # ruby -rsite-specific install.rb # # This is not required for normal user module installation as they will # default to site_ruby, it is only provided for consistency. Developers # creating packages/ports should use the vendor-specific option. # VENDOR_SPECIFIC=false ++++++ vendor-specific.rb ++++++ # $Id: vendor-specific.rb,v 1.1 2004/04/02 04:47:43 rshaw Exp $ # Custom vendor_ruby install library setting for DarwinPorts module # installation. You can force vendor installation with the following: # # ruby -rvendor-specific extconf.rb # or # ruby -rvendor-specific install.rb # # This causes vendor-specific installation mode. The default without # this is to do a site-specific installation, which is recommended for # general user installation of modules. # VENDOR_SPECIFIC=true -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
