Sat Mar 28 04:32:15 2015 UTC ()
Update ruby-http to 0.7.3, security fix.

## 0.7.3 (2015-03-24)

* SECURITY FIX: http.rb failed to call the #post_connection_check method
  on SSL connections. This method implements hostname verification, and
  without it http.rb was vulnerable to MitM attacks. The problem was
  corrected by calling #post_connection_check (CVE-2015-1828)


(taca)
diff -r1.4 -r1.5 pkgsrc/www/ruby-http/Makefile
diff -r1.4 -r1.5 pkgsrc/www/ruby-http/PLIST
diff -r1.4 -r1.5 pkgsrc/www/ruby-http/distinfo
cvs diff -r1.4 -r1.5 pkgsrc/www/ruby-http/Makefile (expand / switch to unified diff)

--- pkgsrc/www/ruby-http/Makefile 2015/03/03 13:20:18 1.4
+++ pkgsrc/www/ruby-http/Makefile 2015/03/28 04:32:15 1.5
@@ -1,17 +1,17 @@ @@ -1,17 +1,17 @@
1# $NetBSD: Makefile,v 1.4 2015/03/03 13:20:18 taca Exp $ 1# $NetBSD: Makefile,v 1.5 2015/03/28 04:32:15 taca Exp $
2# 2#
3 3
4DISTNAME= http-0.7.2 4DISTNAME= http-0.7.3
5CATEGORIES= www 5CATEGORIES= www
6 6
7MAINTAINER= tsutsui@NetBSD.org 7MAINTAINER= tsutsui@NetBSD.org
8HOMEPAGE= https://github.com/tarcieri/http 8HOMEPAGE= https://github.com/tarcieri/http
9COMMENT= Simple Ruby DSL for making HTTP requests 9COMMENT= Simple Ruby DSL for making HTTP requests
10LICENSE= mit 10LICENSE= mit
11 11
12DEPENDS+= ${RUBY_PKGPREFIX}-http_parser.rb>=0.6.0<0.7:../../www/ruby-http_parser.rb 12DEPENDS+= ${RUBY_PKGPREFIX}-http_parser.rb>=0.6.0<0.7:../../www/ruby-http_parser.rb
13DEPENDS+= ${RUBY_PKGPREFIX}-http-form_data>=1.0.0<1.1:../../www/ruby-http-form_data 13DEPENDS+= ${RUBY_PKGPREFIX}-http-form_data>=1.0.0<1.1:../../www/ruby-http-form_data
14 14
15RUBY_VERSION_SUPPORTED= 200 193 21 15RUBY_VERSION_SUPPORTED= 200 193 21
16USE_LANGUAGES= # none 16USE_LANGUAGES= # none
17 17
cvs diff -r1.4 -r1.5 pkgsrc/www/ruby-http/PLIST (expand / switch to unified diff)

--- pkgsrc/www/ruby-http/PLIST 2015/02/05 15:36:01 1.4
+++ pkgsrc/www/ruby-http/PLIST 2015/03/28 04:32:15 1.5
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.4 2015/02/05 15:36:01 taca Exp $ 1@comment $NetBSD: PLIST,v 1.5 2015/03/28 04:32:15 taca Exp $
2${GEM_HOME}/cache/${GEM_NAME}.gem 2${GEM_HOME}/cache/${GEM_NAME}.gem
3${GEM_LIBDIR}/.coveralls.yml 3${GEM_LIBDIR}/.coveralls.yml
4${GEM_LIBDIR}/.gitignore 4${GEM_LIBDIR}/.gitignore
5${GEM_LIBDIR}/.rspec 5${GEM_LIBDIR}/.rspec
6${GEM_LIBDIR}/.rubocop.yml 6${GEM_LIBDIR}/.rubocop.yml
7${GEM_LIBDIR}/.travis.yml 7${GEM_LIBDIR}/.travis.yml
8${GEM_LIBDIR}/.yardopts 8${GEM_LIBDIR}/.yardopts
9${GEM_LIBDIR}/CHANGES.md 9${GEM_LIBDIR}/CHANGES.md
10${GEM_LIBDIR}/Gemfile 10${GEM_LIBDIR}/Gemfile
11${GEM_LIBDIR}/Guardfile 11${GEM_LIBDIR}/Guardfile
12${GEM_LIBDIR}/LICENSE.txt 12${GEM_LIBDIR}/LICENSE.txt
13${GEM_LIBDIR}/README.md 13${GEM_LIBDIR}/README.md
14${GEM_LIBDIR}/Rakefile 14${GEM_LIBDIR}/Rakefile
@@ -45,18 +45,24 @@ ${GEM_LIBDIR}/spec/lib/http/options/head @@ -45,18 +45,24 @@ ${GEM_LIBDIR}/spec/lib/http/options/head
45${GEM_LIBDIR}/spec/lib/http/options/json_spec.rb 45${GEM_LIBDIR}/spec/lib/http/options/json_spec.rb
46${GEM_LIBDIR}/spec/lib/http/options/merge_spec.rb 46${GEM_LIBDIR}/spec/lib/http/options/merge_spec.rb
47${GEM_LIBDIR}/spec/lib/http/options/new_spec.rb 47${GEM_LIBDIR}/spec/lib/http/options/new_spec.rb
48${GEM_LIBDIR}/spec/lib/http/options/proxy_spec.rb 48${GEM_LIBDIR}/spec/lib/http/options/proxy_spec.rb
49${GEM_LIBDIR}/spec/lib/http/options_spec.rb 49${GEM_LIBDIR}/spec/lib/http/options_spec.rb
50${GEM_LIBDIR}/spec/lib/http/redirector_spec.rb 50${GEM_LIBDIR}/spec/lib/http/redirector_spec.rb
51${GEM_LIBDIR}/spec/lib/http/request/writer_spec.rb 51${GEM_LIBDIR}/spec/lib/http/request/writer_spec.rb
52${GEM_LIBDIR}/spec/lib/http/request_spec.rb 52${GEM_LIBDIR}/spec/lib/http/request_spec.rb
53${GEM_LIBDIR}/spec/lib/http/response/body_spec.rb 53${GEM_LIBDIR}/spec/lib/http/response/body_spec.rb
54${GEM_LIBDIR}/spec/lib/http/response/status_spec.rb 54${GEM_LIBDIR}/spec/lib/http/response/status_spec.rb
55${GEM_LIBDIR}/spec/lib/http/response_spec.rb 55${GEM_LIBDIR}/spec/lib/http/response_spec.rb
56${GEM_LIBDIR}/spec/lib/http_spec.rb 56${GEM_LIBDIR}/spec/lib/http_spec.rb
57${GEM_LIBDIR}/spec/spec_helper.rb 57${GEM_LIBDIR}/spec/spec_helper.rb
 58${GEM_LIBDIR}/spec/support/black_hole.rb
58${GEM_LIBDIR}/spec/support/capture_warning.rb 59${GEM_LIBDIR}/spec/support/capture_warning.rb
 60${GEM_LIBDIR}/spec/support/create_certs.rb
 61${GEM_LIBDIR}/spec/support/dummy_server.rb
 62${GEM_LIBDIR}/spec/support/dummy_server/servlet.rb
59${GEM_LIBDIR}/spec/support/example_server.rb 63${GEM_LIBDIR}/spec/support/example_server.rb
60${GEM_LIBDIR}/spec/support/example_server/servlet.rb 64${GEM_LIBDIR}/spec/support/example_server/servlet.rb
61${GEM_LIBDIR}/spec/support/proxy_server.rb 65${GEM_LIBDIR}/spec/support/proxy_server.rb
 66${GEM_LIBDIR}/spec/support/servers/config.rb
 67${GEM_LIBDIR}/spec/support/servers/runner.rb
62${GEM_HOME}/specifications/${GEM_NAME}.gemspec 68${GEM_HOME}/specifications/${GEM_NAME}.gemspec
cvs diff -r1.4 -r1.5 pkgsrc/www/ruby-http/distinfo (expand / switch to unified diff)

--- pkgsrc/www/ruby-http/distinfo 2015/03/03 13:20:18 1.4
+++ pkgsrc/www/ruby-http/distinfo 2015/03/28 04:32:15 1.5
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.4 2015/03/03 13:20:18 taca Exp $ 1$NetBSD: distinfo,v 1.5 2015/03/28 04:32:15 taca Exp $
2 2
3SHA1 (http-0.7.2.gem) = f91b6614a24a7eb450e62dea47de8f0608c370b6 3SHA1 (http-0.7.3.gem) = ba3d8e819bc8ff0b111ea62cd4d23a8e3983e9ee
4RMD160 (http-0.7.2.gem) = e15343d62b2ce6ad92d03a6c953c8d4350c22403 4RMD160 (http-0.7.3.gem) = 1c0a3f4e5006976f900350cf532e590de22d4254
5Size (http-0.7.2.gem) = 52736 bytes 5Size (http-0.7.3.gem) = 54784 bytes