Wed Oct 10 12:13:08 2012 UTC ()

Pullup ticket #3940 - requested by taca
lang/ruby18-base: security patch

Revisions pulled up:
- lang/ruby18-base/Makefile                                     1.74-1.75
- lang/ruby18-base/distinfo                                     1.57
- lang/ruby18-base/patches/patch-error.c                        1.1

---
   Module Name:	pkgsrc
   Committed By:	asau
   Date:		Tue Oct  2 20:11:57 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby18-base: Makefile

   Log Message:
   Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Oct  6 16:30:29 UTC 2012

   Modified Files:
   	pkgsrc/lang/ruby18-base: Makefile distinfo
   Added Files:
   	pkgsrc/lang/ruby18-base/patches: patch-error.c

   Log Message:
   Add additional fix to CVE-2011-1005 from discuttion on oss-security
   mailing list.

   Bump PKGREVISION.


(tron)

diff -r1.73 -r1.73.2.1 pkgsrc/lang/ruby18-base/Makefile
diff -r1.56 -r1.56.2.1 pkgsrc/lang/ruby18-base/distinfo
diff -r0 -r1.1.2.2 pkgsrc/lang/ruby18-base/patches/patch-error.c

--- pkgsrc/lang/ruby18-base/Attic/Makefile 2012/09/14 15:56:23 1.73
+++ pkgsrc/lang/ruby18-base/Attic/Makefile 2012/10/10 12:13:08 1.73.2.1

 @@ -1,37 +1,35 @@
-# $NetBSD: Makefile,v 1.73 2012/09/14 15:56:23 taca Exp $
+# $NetBSD: Makefile,v 1.73.2.1 2012/10/10 12:13:08 tron Exp $
+#
 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION_FULL}
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}
 MAINTAINER=	taca@NetBSD.org
 HOMEPAGE=	${RUBY_HOMEPAGE}
 COMMENT=	Ruby 1.8 based release minimum package
 LICENSE=	gnu-gpl-v2 OR ruby-license
 RUBY_VERSION_SUPPORTED=	18
 CONFLICTS=	${RUBY_PKGPREFIX}-dbm-[0-9]* \
 		${RUBY_PKGPREFIX}-digest-[0-9]* \
 		${RUBY_PKGPREFIX}-iconv-[0-9]* \
 		${RUBY_PKGPREFIX}-openssl-[0-9]* \
 		${RUBY_PKGPREFIX}-tcltk-[0-9]*
 PKG_DESTDIR_SUPPORT=	user-destdir
 USE_LANGUAGES=	c
 USE_TOOLS+=	pax yacc
 GNU_CONFIGURE=	yes
 TEST_TARGET=	test
 CONFIGURE_ARGS+= --enable-shared \
 		--with-ssl-include="${BUILDLINK_PREFIX.openssl}/include" \
 		--with-ssl-lib="${BUILDLINK_PREFIX.openssl}/lib"
 WRKSRC=		${RUBY_WRKSRC}
+#
 # Don't refrect pkgsrc's INSTALL macro since Ruby expect it could
 # execute by unprivileged user.
+#

--- pkgsrc/lang/ruby18-base/Attic/distinfo 2012/09/14 16:34:09 1.56
+++ pkgsrc/lang/ruby18-base/Attic/distinfo 2012/10/10 12:13:08 1.56.2.1

 @@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.56 2012/09/14 16:34:09 taca Exp $
+$NetBSD: distinfo,v 1.56.2.1 2012/10/10 12:13:08 tron Exp $
 SHA1 (ruby-1.8.7-p370.tar.bz2) = 92770a8159cd9049ffc5bc3ce4777b701eb19d7b
 RMD160 (ruby-1.8.7-p370.tar.bz2) = 0c35ed92e4e77c6e6859d39244489c93f4efad50
 Size (ruby-1.8.7-p370.tar.bz2) = 4211597 bytes
 SHA1 (patch-aa) = 9f0ffa6fd0bcf2f59eba2604d2b6a4aaad075231
 SHA1 (patch-ab) = 1466b6179cb6ac3a8ee3255eab98a1d3065a12ed
 SHA1 (patch-ac) = 0119134d778bb85c58ef5bfe30d337dc76ed47e0
 SHA1 (patch-ad) = 2b194a26f3a7b9bdf3afcc0819ab239479f47c5b
 SHA1 (patch-aw) = d3dc491da64426ff72a9417a65eb99bee2d21044
 SHA1 (patch-az) = 55c9cba404add5293168ae7fae7ae7aaf4df6550
 SHA1 (patch-bd) = 4bdf2230fd8a6ea21f28150ba5705ebd0db4af99
 SHA1 (patch-be) = 2286b14b5992686481d1d7a964c43cfc72118a45
 SHA1 (patch-dj) = 9d67b57daf6111361c478481f39ee8764a861106
 @@ -31,21 +31,22 @@ SHA1 (patch-ee) = 8240954e7f07d94bd3e87a
 SHA1 (patch-ef) = ffc28b86ddce44483fcb7967fdc9a4483b61e0a0
 SHA1 (patch-eg) = 12e5fdc31adfc578cdbc3efec5b3d6fae58ad767
 SHA1 (patch-eh) = a6ff0e0baaf03b5bde8c98a91220dfbf4c08fc61
 SHA1 (patch-ei) = 95c921cecd9a6d5d4557066d2a160276a37634b0
 SHA1 (patch-ej) = c8f2c5dbf2ba463d852b94fecf6014bb5ef1e3f8
 SHA1 (patch-ek) = a5de28017bc57d4e01ec986b6a5602cba2b75670
 SHA1 (patch-el) = c071250196cff37c413e724ce4fc149b920e6dde
 SHA1 (patch-em) = 13ccef1c981c9bf312a104c9eb0a9e2339f38461
 SHA1 (patch-en) = 5f92c80c321149055b962a4c2ba97105c00706e2
 SHA1 (patch-eo) = 41a1ff4e1037415eb50373eff64322f6e1423e27
 SHA1 (patch-ep) = f881aece8ec0836c75df3be567d57ffc3ad8bce1
 SHA1 (patch-eq) = d9dfa070d1f12de4f5f48f07d5a32d649035a657
 SHA1 (patch-er) = 666fc6c22544c7f74f7c17ffef30563effcb4df7
 SHA1 (patch-error.c) = b756a8f7c3368a296715d035d544657e8f832ada
 SHA1 (patch-et) = eba90415e5279c9eb8bea67635f5f8cab5d1e7ac
 SHA1 (patch-eu) = dbf65258dcdc619d220ab39864389c4ec4c5c625
 SHA1 (patch-ev) = 6178be681ca1cf2647cab9a61c8ef989ff5b23cb
 SHA1 (patch-ew) = 3f23697dddbb11a10d1f0c3e47fb602822ecd11f
 SHA1 (patch-ga) = 73f50504baf74ee77d00dcfb5a9446bbaf122726
 SHA1 (patch-gb) = 345ad3e5df6fd9febe7b398f091662fd7c300dc4
 SHA1 (patch-lib_rdoc_options.rb) = 0f14417733ad6fc6fbc93af1c8463ecd59abce7c
 SHA1 (patch-lib_rdoc_rdoc.rb) = bef895245cc06ca84fd1e5d506c3c65932921b3a

$NetBSD: patch-error.c,v 1.1.2.2 2012/10/10 12:13:08 tron Exp $

More fix to CVE-2011-1005 from discuttion on oss-security mailing list.

--- error.c.orig	2011-02-18 12:32:35.000000000 +0000
+++ error.c
@@ -665,9 +665,6 @@ name_err_to_s(exc)
 
     if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));
     StringValue(str);
-    if (str != mesg) {
-	OBJ_INFECT(str, mesg);
-    }
     return str;
 }