Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package ruby1.9.1 This version disables the test suite on sparc, which seems to fail depending on the specific buildd the build goes to (see https://lists.debian.org/debian-ruby/2012/11/msg00064.html). Attached is the debdiff between this version and the one in testing. The only difference between this and the previous unblock request (#693987) is that one-line change in debian/rules to avoid running the test suite on sparc. unblock ruby1.9.1/1.9.3.194-5 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.utf8, LC_CTYPE=pt_BR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Antonio Terceiro <terce...@debian.org>
diff -Nru ruby1.9.1-1.9.3.194/debian/changelog ruby1.9.1-1.9.3.194/debian/changelog --- ruby1.9.1-1.9.3.194/debian/changelog 2012-10-16 10:28:42.000000000 -0300 +++ ruby1.9.1-1.9.3.194/debian/changelog 2012-11-27 18:42:09.000000000 -0300 @@ -1,3 +1,20 @@ +ruby1.9.1 (1.9.3.194-5) unstable; urgency=high + + * Disable running the test suite during the build on sparc again. Keeping + urgency=high because the previous release, which contains a security bug + fix, did not reach testing yet because of a segfault when running tests in + the sparc buildd. + + -- Antonio Terceiro <terce...@debian.org> Sun, 25 Nov 2012 19:12:28 -0300 + +ruby1.9.1 (1.9.3.194-4) unstable; urgency=high + + [ James Healy ] + * debian/patches/CVE-2012-5371.patch: avoid DOS vulnerability in hash + implementation, this fixes CVE-2012-5371. (Closes: #693024). + + -- Antonio Terceiro <terce...@debian.org> Thu, 22 Nov 2012 10:30:37 -0300 + ruby1.9.1 (1.9.3.194-3) unstable; urgency=high * debian/patches/CVE-2012-4522.patch: avoid vulnerability with strings diff -Nru ruby1.9.1-1.9.3.194/debian/patches/20121120-cve-2012-5371.diff ruby1.9.1-1.9.3.194/debian/patches/20121120-cve-2012-5371.diff --- ruby1.9.1-1.9.3.194/debian/patches/20121120-cve-2012-5371.diff 1969-12-31 21:00:00.000000000 -0300 +++ ruby1.9.1-1.9.3.194/debian/patches/20121120-cve-2012-5371.diff 2012-11-22 09:43:30.000000000 -0300 @@ -0,0 +1,637 @@ +Description: replace hash implementation to avoid DOS attacks + This patch fixes CVE-2012-5371 +Bug-Debian: http://bugs.debian.org/693024 +Origin: upstream, https://github.com/ruby/ruby/commit/5e45af463cca6f062a986d5e686350e17ea653bb +Backported-By: James Healy <ja...@yob.id.au> +Reviewed-By: Antonio Terceiro <terce...@debian.org> + +diff --git a/common.mk b/common.mk +index eb89a2b..8ce77cb 100644 +--- a/common.mk ++++ b/common.mk +@@ -663,7 +663,8 @@ proc.$(OBJEXT): {$(VPATH)}proc.c {$(VPATH)}eval_intern.h \ + process.$(OBJEXT): {$(VPATH)}process.c $(RUBY_H_INCLUDES) \ + {$(VPATH)}util.h {$(VPATH)}io.h $(ENCODING_H_INCLUDES) {$(VPATH)}dln.h \ + $(VM_CORE_H_INCLUDES) {$(VPATH)}debug.h {$(VPATH)}internal.h +-random.$(OBJEXT): {$(VPATH)}random.c $(RUBY_H_INCLUDES) ++random.$(OBJEXT): {$(VPATH)}random.c $(RUBY_H_INCLUDES) \ ++ {$(VPATH)}siphash.c {$(VPATH)}siphash.h + range.$(OBJEXT): {$(VPATH)}range.c $(RUBY_H_INCLUDES) \ + $(ENCODING_H_INCLUDES) {$(VPATH)}internal.h + rational.$(OBJEXT): {$(VPATH)}rational.c $(RUBY_H_INCLUDES) {$(VPATH)}internal.h +diff --git a/random.c b/random.c +index 873f9ae..2217c81 100644 +--- a/random.c ++++ b/random.c +@@ -1258,7 +1258,15 @@ random_s_rand(int argc, VALUE *argv, VALUE obj) + return random_rand(argc, argv, rb_Random_DEFAULT); + } + ++#define SIP_HASH_STREAMING 0 ++#define sip_hash24 ruby_sip_hash24 ++#include "siphash.c" ++ + static st_index_t hashseed; ++static union { ++ uint8_t key[16]; ++ uint32_t u32[(16 * sizeof(uint8_t) - 1) / sizeof(uint32_t)]; ++} sipseed; + + static VALUE + init_randomseed(struct MT *mt, unsigned int initial[DEFAULT_SEED_CNT]) +@@ -1278,6 +1286,7 @@ Init_RandomSeed(void) + unsigned int initial[DEFAULT_SEED_CNT]; + struct MT *mt = &r->mt; + VALUE seed = init_randomseed(mt, initial); ++ int i; + + hashseed = genrand_int32(mt); + #if SIZEOF_ST_INDEX_T*CHAR_BIT > 4*8 +@@ -1293,6 +1302,9 @@ Init_RandomSeed(void) + hashseed |= genrand_int32(mt); + #endif + ++ for (i = 0; i < numberof(sipseed.u32); ++i) ++ sipseed.u32[i] = genrand_int32(mt); ++ + rb_global_variable(&r->seed); + r->seed = seed; + } +@@ -1303,6 +1315,17 @@ rb_hash_start(st_index_t h) + return st_hash_start(hashseed + h); + } + ++st_index_t ++rb_memhash(const void *ptr, long len) ++{ ++ sip_uint64_t h = sip_hash24(sipseed.key, ptr, len); ++#ifdef HAVE_UINT64_T ++ return (st_index_t)h; ++#else ++ return (st_index_t)(h.u32[0] ^ h.u32[1]); ++#endif ++} ++ + static void + Init_RandomSeed2(void) + { +diff --git a/siphash.c b/siphash.c +new file mode 100644 +index 0000000..c100b14 +--- /dev/null ++++ b/siphash.c +@@ -0,0 +1,483 @@ ++#include <string.h> ++#include <stdio.h> ++#include "siphash.h" ++#ifndef SIP_HASH_STREAMING ++ #define SIP_HASH_STREAMING 1 ++#endif ++ ++#ifdef _WIN32 ++ #define BYTE_ORDER __LITTLE_ENDIAN ++#elif !defined BYTE_ORDER ++ #include <endian.h> ++#endif ++#ifndef LITTLE_ENDIAN ++#define LITTLE_ENDIAN __LITTLE_ENDIAN ++#endif ++#ifndef BIG_ENDIAN ++#define BIG_ENDIAN __BIG_ENDIAN ++#endif ++ ++#if BYTE_ORDER == LITTLE_ENDIAN ++ #define lo u32[0] ++ #define hi u32[1] ++#elif BYTE_ORDER == BIG_ENDIAN ++ #define hi u32[0] ++ #define lo u32[1] ++#else ++ #error "Only strictly little or big endian supported" ++#endif ++ ++#ifndef UNALIGNED_WORD_ACCESS ++# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ ++ defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD86) || \ ++ defined(__mc68020__) ++# define UNALIGNED_WORD_ACCESS 1 ++# endif ++#endif ++#ifndef UNALIGNED_WORD_ACCESS ++# define UNALIGNED_WORD_ACCESS 0 ++#endif ++ ++#define U8TO32_LE(p) \ ++ (((uint32_t)((p)[0]) ) | ((uint32_t)((p)[1]) << 8) | \ ++ ((uint32_t)((p)[2]) << 16) | ((uint32_t)((p)[3]) << 24)) \ ++ ++#define U32TO8_LE(p, v) \ ++do { \ ++ (p)[0] = (uint8_t)((v) ); \ ++ (p)[1] = (uint8_t)((v) >> 8); \ ++ (p)[2] = (uint8_t)((v) >> 16); \ ++ (p)[3] = (uint8_t)((v) >> 24); \ ++} while (0) ++ ++#ifdef HAVE_UINT64_T ++#define U8TO64_LE(p) \ ++ ((uint64_t)U8TO32_LE(p) | ((uint64_t)U8TO32_LE((p) + 4)) << 32 ) ++ ++#define U64TO8_LE(p, v) \ ++do { \ ++ U32TO8_LE((p), (uint32_t)((v) )); \ ++ U32TO8_LE((p) + 4, (uint32_t)((v) >> 32)); \ ++} while (0) ++ ++#define ROTL64(v, s) \ ++ ((v) << (s)) | ((v) >> (64 - (s))) ++ ++#define ROTL64_TO(v, s) ((v) = ROTL64((v), (s))) ++ ++#define ADD64_TO(v, s) ((v) += (s)) ++#define XOR64_TO(v, s) ((v) ^= (s)) ++#define XOR64_INT(v, x) ((v) ^= (x)) ++#else ++#define U8TO64_LE(p) u8to64_le(p) ++static inline uint64_t ++u8to64_le(const uint8_t *p) ++{ ++ uint64_t ret; ++ ret.lo = U8TO32_LE(p); ++ ret.hi = U8TO32_LE(p + 4); ++ return ret; ++} ++ ++#define U64TO8_LE(p, v) u64to8_le(p, v) ++static inline void ++u64to8_le(uint8_t *p, uint64_t v) ++{ ++ U32TO8_LE(p, v.lo); ++ U32TO8_LE(p + 4, v.hi); ++} ++ ++#define ROTL64_TO(v, s) ((s) > 32 ? rotl64_swap(rotl64_to(&(v), (s) - 32)) : \ ++ (s) == 32 ? rotl64_swap(&(v)) : rotl64_to(&(v), (s))) ++static inline uint64_t * ++rotl64_to(uint64_t *v, unsigned int s) ++{ ++ uint32_t uhi = (v->hi << s) | (v->lo >> (32 - s)); ++ uint32_t ulo = (v->lo << s) | (v->hi >> (32 - s)); ++ v->hi = uhi; ++ v->lo = ulo; ++ return v; ++} ++ ++static inline uint64_t * ++rotl64_swap(uint64_t *v) ++{ ++ uint32_t t = v->lo; ++ v->lo = v->hi; ++ v->hi = t; ++ return v; ++} ++ ++#define ADD64_TO(v, s) add64_to(&(v), (s)) ++static inline uint64_t * ++add64_to(uint64_t *v, const uint64_t s) ++{ ++ v->lo += s.lo; ++ v->hi += s.hi; ++ if (v->lo < s.lo) v->hi++; ++ return v; ++} ++ ++#define XOR64_TO(v, s) xor64_to(&(v), (s)) ++static inline uint64_t * ++xor64_to(uint64_t *v, const uint64_t s) ++{ ++ v->lo ^= s.lo; ++ v->hi ^= s.hi; ++ return v; ++} ++ ++#define XOR64_INT(v, x) ((v).lo ^= (x)) ++#endif ++ ++static const union { ++ char bin[32]; ++ uint64_t u64[4]; ++} sip_init_state_bin = {"uespemos""modnarod""arenegyl""setybdet"}; ++#define sip_init_state sip_init_state_bin.u64 ++ ++#if SIP_HASH_STREAMING ++struct sip_interface_st { ++ void (*init)(sip_state *s, const uint8_t *key); ++ void (*update)(sip_state *s, const uint8_t *data, size_t len); ++ void (*final)(sip_state *s, uint64_t *digest); ++}; ++ ++static void int_sip_init(sip_state *state, const uint8_t *key); ++static void int_sip_update(sip_state *state, const uint8_t *data, size_t len); ++static void int_sip_final(sip_state *state, uint64_t *digest); ++ ++static const sip_interface sip_methods = { ++ int_sip_init, ++ int_sip_update, ++ int_sip_final ++}; ++#endif /* SIP_HASH_STREAMING */ ++ ++#define SIP_COMPRESS(v0, v1, v2, v3) \ ++do { \ ++ ADD64_TO((v0), (v1)); \ ++ ADD64_TO((v2), (v3)); \ ++ ROTL64_TO((v1), 13); \ ++ ROTL64_TO((v3), 16); \ ++ XOR64_TO((v1), (v0)); \ ++ XOR64_TO((v3), (v2)); \ ++ ROTL64_TO((v0), 32); \ ++ ADD64_TO((v2), (v1)); \ ++ ADD64_TO((v0), (v3)); \ ++ ROTL64_TO((v1), 17); \ ++ ROTL64_TO((v3), 21); \ ++ XOR64_TO((v1), (v2)); \ ++ XOR64_TO((v3), (v0)); \ ++ ROTL64_TO((v2), 32); \ ++} while(0) ++ ++#if SIP_HASH_STREAMING ++static void ++int_sip_dump(sip_state *state) ++{ ++ int v; ++ ++ for (v = 0; v < 4; v++) { ++#if HAVE_UINT64_T ++ printf("v%d: %" PRIx64 "\n", v, state->v[v]); ++#else ++ printf("v%d: %" PRIx32 "%.8" PRIx32 "\n", v, state->v[v].hi, state->v[v].lo); ++#endif ++ } ++} ++ ++static void ++int_sip_init(sip_state *state, const uint8_t key[16]) ++{ ++ uint64_t k0, k1; ++ ++ k0 = U8TO64_LE(key); ++ k1 = U8TO64_LE(key + sizeof(uint64_t)); ++ ++ state->v[0] = k0; XOR64_TO(state->v[0], sip_init_state[0]); ++ state->v[1] = k1; XOR64_TO(state->v[1], sip_init_state[1]); ++ state->v[2] = k0; XOR64_TO(state->v[2], sip_init_state[2]); ++ state->v[3] = k1; XOR64_TO(state->v[3], sip_init_state[3]); ++} ++ ++static inline void ++int_sip_round(sip_state *state, int n) ++{ ++ int i; ++ ++ for (i = 0; i < n; i++) { ++ SIP_COMPRESS(state->v[0], state->v[1], state->v[2], state->v[3]); ++ } ++} ++ ++static inline void ++int_sip_update_block(sip_state *state, uint64_t m) ++{ ++ XOR64_TO(state->v[3], m); ++ int_sip_round(state, state->c); ++ XOR64_TO(state->v[0], m); ++} ++ ++static inline void ++int_sip_pre_update(sip_state *state, const uint8_t **pdata, size_t *plen) ++{ ++ int to_read; ++ uint64_t m; ++ ++ if (!state->buflen) return; ++ ++ to_read = sizeof(uint64_t) - state->buflen; ++ memcpy(state->buf + state->buflen, *pdata, to_read); ++ m = U8TO64_LE(state->buf); ++ int_sip_update_block(state, m); ++ *pdata += to_read; ++ *plen -= to_read; ++ state->buflen = 0; ++} ++ ++static inline void ++int_sip_post_update(sip_state *state, const uint8_t *data, size_t len) ++{ ++ uint8_t r = len % sizeof(uint64_t); ++ if (r) { ++ memcpy(state->buf, data + len - r, r); ++ state->buflen = r; ++ } ++} ++ ++static void ++int_sip_update(sip_state *state, const uint8_t *data, size_t len) ++{ ++ uint64_t *end; ++ uint64_t *data64; ++ ++ state->msglen_byte = state->msglen_byte + (len % 256); ++ data64 = (uint64_t *) data; ++ ++ int_sip_pre_update(state, &data, &len); ++ ++ end = data64 + (len / sizeof(uint64_t)); ++ ++#if BYTE_ORDER == LITTLE_ENDIAN ++ while (data64 != end) { ++ int_sip_update_block(state, *data64++); ++ } ++#elif BYTE_ORDER == BIG_ENDIAN ++ { ++ uint64_t m; ++ uint8_t *data8 = data; ++ for (; data8 != (uint8_t *) end; data8 += sizeof(uint64_t)) { ++ m = U8TO64_LE(data8); ++ int_sip_update_block(state, m); ++ } ++ } ++#endif ++ ++ int_sip_post_update(state, data, len); ++} ++ ++static inline void ++int_sip_pad_final_block(sip_state *state) ++{ ++ int i; ++ /* pad with 0's and finalize with msg_len mod 256 */ ++ for (i = state->buflen; i < sizeof(uint64_t); i++) { ++ state->buf[i] = 0x00; ++ } ++ state->buf[sizeof(uint64_t) - 1] = state->msglen_byte; ++} ++ ++static void ++int_sip_final(sip_state *state, uint64_t *digest) ++{ ++ uint64_t m; ++ ++ int_sip_pad_final_block(state); ++ ++ m = U8TO64_LE(state->buf); ++ int_sip_update_block(state, m); ++ ++ XOR64_INT(state->v[2], 0xff); ++ ++ int_sip_round(state, state->d); ++ ++ *digest = state->v[0]; ++ XOR64_TO(*digest, state->v[1]); ++ XOR64_TO(*digest, state->v[2]); ++ XOR64_TO(*digest, state->v[3]); ++} ++ ++sip_hash * ++sip_hash_new(const uint8_t key[16], int c, int d) ++{ ++ sip_hash *h = NULL; ++ ++ if (!(h = (sip_hash *) malloc(sizeof(sip_hash)))) return NULL; ++ return sip_hash_init(h, key, c, d); ++} ++ ++sip_hash * ++sip_hash_init(sip_hash *h, const uint8_t key[16], int c, int d) ++{ ++ h->state->c = c; ++ h->state->d = d; ++ h->state->buflen = 0; ++ h->state->msglen_byte = 0; ++ h->methods = &sip_methods; ++ h->methods->init(h->state, key); ++ return h; ++} ++ ++int ++sip_hash_update(sip_hash *h, const uint8_t *msg, size_t len) ++{ ++ h->methods->update(h->state, msg, len); ++ return 1; ++} ++ ++int ++sip_hash_final(sip_hash *h, uint8_t **digest, size_t* len) ++{ ++ uint64_t digest64; ++ uint8_t *ret; ++ ++ h->methods->final(h->state, &digest64); ++ if (!(ret = (uint8_t *)malloc(sizeof(uint64_t)))) return 0; ++ U64TO8_LE(ret, digest64); ++ *len = sizeof(uint64_t); ++ *digest = ret; ++ ++ return 1; ++} ++ ++int ++sip_hash_final_integer(sip_hash *h, uint64_t *digest) ++{ ++ h->methods->final(h->state, digest); ++ return 1; ++} ++ ++int ++sip_hash_digest(sip_hash *h, const uint8_t *data, size_t data_len, uint8_t **digest, size_t *digest_len) ++{ ++ if (!sip_hash_update(h, data, data_len)) return 0; ++ return sip_hash_final(h, digest, digest_len); ++} ++ ++int ++sip_hash_digest_integer(sip_hash *h, const uint8_t *data, size_t data_len, uint64_t *digest) ++{ ++ if (!sip_hash_update(h, data, data_len)) return 0; ++ return sip_hash_final_integer(h, digest); ++} ++ ++void ++sip_hash_free(sip_hash *h) ++{ ++ free(h); ++} ++ ++void ++sip_hash_dump(sip_hash *h) ++{ ++ int_sip_dump(h->state); ++} ++#endif /* SIP_HASH_STREAMING */ ++ ++#define SIP_2_ROUND(m, v0, v1, v2, v3) \ ++do { \ ++ XOR64_TO((v3), (m)); \ ++ SIP_COMPRESS(v0, v1, v2, v3); \ ++ SIP_COMPRESS(v0, v1, v2, v3); \ ++ XOR64_TO((v0), (m)); \ ++} while (0) ++ ++uint64_t ++sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len) ++{ ++ uint64_t k0, k1; ++ uint64_t v0, v1, v2, v3; ++ uint64_t m, last; ++ const uint8_t *end = data + len - (len % sizeof(uint64_t)); ++ ++ k0 = U8TO64_LE(key); ++ k1 = U8TO64_LE(key + sizeof(uint64_t)); ++ ++ v0 = k0; XOR64_TO(v0, sip_init_state[0]); ++ v1 = k1; XOR64_TO(v1, sip_init_state[1]); ++ v2 = k0; XOR64_TO(v2, sip_init_state[2]); ++ v3 = k1; XOR64_TO(v3, sip_init_state[3]); ++ ++#if BYTE_ORDER == LITTLE_ENDIAN && UNALIGNED_WORD_ACCESS ++ { ++ uint64_t *data64 = (uint64_t *)data; ++ while (data64 != (uint64_t *) end) { ++ m = *data64++; ++ SIP_2_ROUND(m, v0, v1, v2, v3); ++ } ++ } ++#elif BYTE_ORDER == BIG_ENDIAN ++ for (; data != end; data += sizeof(uint64_t)) { ++ m = U8TO64_LE(data); ++ SIP_2_ROUND(m, v0, v1, v2, v3); ++ } ++#endif ++ ++#ifdef HAVE_UINT64_T ++ last = (uint64_t)len << 56; ++#define OR_BYTE(n) (last |= ((uint64_t) end[n]) << ((n) * 8)) ++#else ++ last.hi = len << 24; ++ last.lo = 0; ++#define OR_BYTE(n) do { \ ++ if (n >= 4) \ ++ last.hi |= ((uint32_t) end[n]) << ((n) >= 4 ? (n) * 8 - 32 : 0); \ ++ else \ ++ last.lo |= ((uint32_t) end[n]) << ((n) >= 4 ? 0 : (n) * 8); \ ++ } while (0) ++#endif ++ ++ switch (len % sizeof(uint64_t)) { ++ case 7: ++ OR_BYTE(6); ++ case 6: ++ OR_BYTE(5); ++ case 5: ++ OR_BYTE(4); ++ case 4: ++#if BYTE_ORDER == LITTLE_ENDIAN && UNALIGNED_WORD_ACCESS ++ #if HAVE_UINT64_T ++ last |= (uint64_t) ((uint32_t *) end)[0]; ++ #else ++ last.lo |= ((uint32_t *) end)[0]; ++ #endif ++ break; ++#elif BYTE_ORDER == BIG_ENDIAN ++ OR_BYTE(3); ++#endif ++ case 3: ++ OR_BYTE(2); ++ case 2: ++ OR_BYTE(1); ++ case 1: ++ OR_BYTE(0); ++ break; ++ case 0: ++ break; ++ } ++ ++ SIP_2_ROUND(last, v0, v1, v2, v3); ++ ++ XOR64_INT(v2, 0xff); ++ ++ SIP_COMPRESS(v0, v1, v2, v3); ++ SIP_COMPRESS(v0, v1, v2, v3); ++ SIP_COMPRESS(v0, v1, v2, v3); ++ SIP_COMPRESS(v0, v1, v2, v3); ++ ++ XOR64_TO(v0, v1); ++ XOR64_TO(v0, v2); ++ XOR64_TO(v0, v3); ++ return v0; ++} +diff --git a/siphash.h b/siphash.h +new file mode 100644 +index 0000000..3f39884 +--- /dev/null ++++ b/siphash.h +@@ -0,0 +1,48 @@ ++#ifndef SIPHASH_H ++#define SIPHASH_H 1 ++#include <stdlib.h> ++#ifdef HAVE_STDINT_H ++#include <stdint.h> ++#endif ++#ifdef HAVE_INTTYPES_H ++#include <inttypes.h> ++#endif ++ ++#ifndef HAVE_UINT64_T ++typedef struct { ++ uint32_t u32[2]; ++} sip_uint64_t; ++#define uint64_t sip_uint64_t ++#else ++typedef uint64_t sip_uint64_t; ++#endif ++ ++typedef struct { ++ int c; ++ int d; ++ uint64_t v[4]; ++ uint8_t buf[sizeof(uint64_t)]; ++ uint8_t buflen; ++ uint8_t msglen_byte; ++} sip_state; ++ ++typedef struct sip_interface_st sip_interface; ++ ++typedef struct { ++ sip_state state[1]; ++ const sip_interface *methods; ++} sip_hash; ++ ++sip_hash *sip_hash_new(const uint8_t key[16], int c, int d); ++sip_hash *sip_hash_init(sip_hash *h, const uint8_t key[16], int c, int d); ++int sip_hash_update(sip_hash *h, const uint8_t *data, size_t len); ++int sip_hash_final(sip_hash *h, uint8_t **digest, size_t *len); ++int sip_hash_final_integer(sip_hash *h, uint64_t *digest); ++int sip_hash_digest(sip_hash *h, const uint8_t *data, size_t data_len, uint8_t **digest, size_t *digest_len); ++int sip_hash_digest_integer(sip_hash *h, const uint8_t *data, size_t data_len, uint64_t *digest); ++void sip_hash_free(sip_hash *h); ++void sip_hash_dump(sip_hash *h); ++ ++uint64_t sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len); ++ ++#endif +diff --git a/string.c b/string.c +index c770215..0138dce 100644 +--- a/string.c ++++ b/string.c +@@ -2161,12 +2161,6 @@ rb_str_prepend(VALUE str, VALUE str2) + } + + st_index_t +-rb_memhash(const void *ptr, long len) +-{ +- return st_hash(ptr, len, rb_hash_start((st_index_t)len)); +-} +- +-st_index_t + rb_str_hash(VALUE str) + { + int e = ENCODING_GET(str); diff -Nru ruby1.9.1-1.9.3.194/debian/patches/series ruby1.9.1-1.9.3.194/debian/patches/series --- ruby1.9.1-1.9.3.194/debian/patches/series 2012-10-16 10:24:26.000000000 -0300 +++ ruby1.9.1-1.9.3.194/debian/patches/series 2012-11-21 23:39:33.000000000 -0300 @@ -18,3 +18,4 @@ 20120517-r35434.patch 20120927-cve_2011_1005.patch CVE-2012-4522.patch +20121120-cve-2012-5371.diff diff -Nru ruby1.9.1-1.9.3.194/debian/rules ruby1.9.1-1.9.3.194/debian/rules --- ruby1.9.1-1.9.3.194/debian/rules 2012-09-30 17:40:36.000000000 -0300 +++ ruby1.9.1-1.9.3.194/debian/rules 2012-11-25 19:05:30.000000000 -0300 @@ -126,7 +126,7 @@ ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) # Disable test suites on some broken architectures. # See http://lists.debian.org/debian-release/2011/10/msg00279.html -ifeq (,$(filter $(DEB_BUILD_ARCH),ia64 kfreebsd-i386 kfreebsd-amd64)) +ifeq (,$(filter $(DEB_BUILD_ARCH),ia64 kfreebsd-i386 kfreebsd-amd64 sparc)) mv test/drb _test_drb debian/run-test-suites.bash mv _test_drb test/drb
signature.asc
Description: Digital signature