From 6b2b12b8b2718d865d52f6ec0602c6de34f459b0 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Fri, 30 Dec 2011 00:37:59 +0900 Subject: [PATCH] Update to 1.8.7p357 Randomize hash on process startup (CVE-2011-4815, bug 750564) --- .gitignore | 1 + ruby.spec | 21 +++++++++++++++++++-- sources | 4 +--- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index a4c19e9..c1f83dd 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz /ruby-1.8.7-p334.tar.bz2 /ruby-1.8.7-p352.tar.bz2 /ruby-revc2dfaa7d40531aef3706bcc16f38178b0c6633ee-ext_tk.tar.gz +/ruby-1.8.7-p357.tar.bz2 diff --git a/ruby.spec b/ruby.spec index efc0ebf..78519d7 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global rubyxver 1.8 %global rubyver 1.8.7 -%global _patchlevel 352 +%global _patchlevel 357 %global dotpatchlevel %{?_patchlevel:.%{_patchlevel}} %global patchlevel %{?_patchlevel:-p%{_patchlevel}} @@ -17,14 +17,16 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 2%{?dist} +Release: 1%{?dist} # Please check if ruby upstream changes this to "Ruby or GPLv2+" License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRequires: compat-readline5-devel BuildRequires: db4-devel +%if 0%{?fedora} < 17 BuildRequires: gdbm-devel +%endif BuildRequires: libX11-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel @@ -200,6 +202,11 @@ popd # when it is no longer needed. sed -i.redirect -e '\@RUBY@s@\.rb >@\.rb | cat >@' %{name}-%{arcver}/ext/dl/depend +# Disable gdbm support on F-17 for now +%if 0%{?fedora} >= 17 +sed -i '\@dblib =@s|gdbm[^ ]*||g' %{name}-%{arcver}/ext/dbm/extconf.rb +%endif + %build pushd %{name}-%{arcver} @@ -537,10 +544,20 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/ri %changelog +* Thu Dec 29 2011 Mamoru Tasaka - 1.8.7.357-1 +- Update to 1.8.7p357 +- Randomize hash on process startup (CVE-2011-4815, bug 750564) + * Fri Dec 23 2011 Dennis Gilmore - 1.8.7.352-2 - dont normalise arm cpus to arm - there is something weird about how ruby choses where to put bits +* Thu Nov 16 2011 Mamoru Tasaka - 1.8.7.352-3 +- F-17: kill gdbm support for now due to licensing compatibility issue + +* Sat Oct 1 2011 Mamoru Tasaka - 1.8.7.352-2 +- F-17: rebuild against new gdbm + * Sat Jul 16 2011 Mamoru Tasaka - 1.8.7.352-1 - Update to 1.8.7 p352 - CVE-2011-2686 is fixed in this version (bug 722415) diff --git a/sources b/sources index e7e916e..1d94212 100644 --- a/sources +++ b/sources @@ -1,4 +1,2 @@ -fcc35655da3047f64650a526c179ade8 ruby-revf30eca26639ce538339bc488c7ed1fd397b0c13f-ext_tk.tar.gz -2f14f604bf981bb938ab5fc8b09eb1a6 ruby-1.8.7-p334.tar.bz2 -0c61ea41d1b1183b219b9afe97f18f52 ruby-1.8.7-p352.tar.bz2 +3abd9e2a29f756a0d30c7bfca578cdeb ruby-1.8.7-p357.tar.bz2 01b1053cf357459349bf74363756ad41 ruby-revc2dfaa7d40531aef3706bcc16f38178b0c6633ee-ext_tk.tar.gz