[CVS] OpenPKG: OPENPKG_2_STABLE: openpkg-src/ruby/ ruby.patch ruby.spe...

Sat, 04 Nov 2006 05:18:20 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   04-Nov-2006 14:18:33
  Branch: OPENPKG_2_STABLE                 Handle: 2006110413183300

  Modified files:           (Branch: OPENPKG_2_STABLE)
    openpkg-src/ruby        ruby.patch ruby.spec

  Log:
    MFC: Security Fix (CVE-2006-5467)

  Summary:
    Revision    Changes     Path
    1.6.4.4     +17 -0      openpkg-src/ruby/ruby.patch
    1.40.2.5    +1  -1      openpkg-src/ruby/ruby.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/ruby/ruby.patch
  ============================================================================
  $ cvs diff -u -r1.6.4.3 -r1.6.4.4 ruby.patch
  --- openpkg-src/ruby/ruby.patch       20 Oct 2006 14:40:32 -0000      1.6.4.3
  +++ openpkg-src/ruby/ruby.patch       4 Nov 2006 13:18:33 -0000       1.6.4.4
  @@ -22,3 +22,20 @@
        db_check(dblib) and break
      end
    end
  +
  +-----------------------------------------------------------------------------
  +
  +Security Fix (CVE-2006-5467)
  +
  +Index: lib/cgi.rb
  +--- lib/cgi.rb.orig  2006-08-22 11:38:19 +0200
  ++++ lib/cgi.rb       2006-11-04 14:11:46 +0100
  +@@ -1018,7 +1018,7 @@
  +               else
  +                 stdinput.read(content_length)
  +               end
  +-          if c.nil?
  ++          if c.nil? || c.empty?
  +             raise EOFError, "bad content body"
  +           end
  +           buf.concat(c)
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/ruby/ruby.spec
  ============================================================================
  $ cvs diff -u -r1.40.2.4 -r1.40.2.5 ruby.spec
  --- openpkg-src/ruby/ruby.spec        20 Oct 2006 14:40:32 -0000      1.40.2.4
  +++ openpkg-src/ruby/ruby.spec        4 Nov 2006 13:18:33 -0000       1.40.2.5
  @@ -33,7 +33,7 @@
   Group:        Language
   License:      GPL
   Version:      1.8.5
  -Release:      2.20061020
  +Release:      2.20061104
   
   #   list of sources
   Source0:      ftp://ftp.ruby-lang.org/pub/ruby/ruby-%{version}.tar.gz
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [email protected]

Reply via email to