Mon Jun 22 13:58:44 2015 UTC ()
Update ruby-rack15 to 1.5.5, security fixes.

* Fix CVE-2014-9490.
* Fix CVE-2015-3225.
* Only count files (not all form elements) against the Multipart File Limit.


(taca)
diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/Makefile
diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/PLIST
diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/distinfo
cvs diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/ruby-rack15/Attic/Makefile 2015/02/02 14:09:22 1.1
+++ pkgsrc/www/ruby-rack15/Attic/Makefile 2015/06/22 13:58:44 1.2
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.1 2015/02/02 14:09:22 taca Exp $ 1# $NetBSD: Makefile,v 1.2 2015/06/22 13:58:44 taca Exp $
2 2
3DISTNAME= rack-1.5.2 3DISTNAME= rack-1.5.5
4PKGNAME= ${RUBY_PKGPREFIX}-${DISTNAME:S/rack/rack15/} 4PKGNAME= ${RUBY_PKGPREFIX}-${DISTNAME:S/rack/rack15/}
5CATEGORIES= www 5CATEGORIES= www
6 6
7MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
8HOMEPAGE= http://rack.github.com/ 8HOMEPAGE= http://rack.github.com/
9COMMENT= Modular Ruby webserver interface 9COMMENT= Modular Ruby webserver interface
10LICENSE= mit 10LICENSE= mit
11 11
12OVERRIDE_GEMSPEC= :executables rackup=rackup15 \ 12OVERRIDE_GEMSPEC= :executables rackup=rackup15 \
13 :files bin/rackup=bin/rackup15 13 :files bin/rackup=bin/rackup15
14RUBYGEM_OPTIONS+= --format-executable 14RUBYGEM_OPTIONS+= --format-executable
15 15
16pre-configure: 16pre-configure:
cvs diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/www/ruby-rack15/Attic/PLIST 2015/02/02 14:09:22 1.1
+++ pkgsrc/www/ruby-rack15/Attic/PLIST 2015/06/22 13:58:44 1.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.1 2015/02/02 14:09:22 taca Exp $ 1@comment $NetBSD: PLIST,v 1.2 2015/06/22 13:58:44 taca Exp $
2bin/rackup15${RUBY_SUFFIX} 2bin/rackup15${RUBY_SUFFIX}
3${GEM_HOME}/cache/${GEM_NAME}.gem 3${GEM_HOME}/cache/${GEM_NAME}.gem
4${GEM_LIBDIR}/COPYING 4${GEM_LIBDIR}/COPYING
5${GEM_LIBDIR}/KNOWN-ISSUES 5${GEM_LIBDIR}/KNOWN-ISSUES
6${GEM_LIBDIR}/README.rdoc 6${GEM_LIBDIR}/README.rdoc
7${GEM_LIBDIR}/Rakefile 7${GEM_LIBDIR}/Rakefile
8${GEM_LIBDIR}/SPEC 8${GEM_LIBDIR}/SPEC
9${GEM_LIBDIR}/bin/rackup15 9${GEM_LIBDIR}/bin/rackup15
10${GEM_LIBDIR}/contrib/rack.png 10${GEM_LIBDIR}/contrib/rack.png
11${GEM_LIBDIR}/contrib/rack.svg 11${GEM_LIBDIR}/contrib/rack.svg
12${GEM_LIBDIR}/contrib/rack_logo.svg 12${GEM_LIBDIR}/contrib/rack_logo.svg
13${GEM_LIBDIR}/contrib/rdoc.css 13${GEM_LIBDIR}/contrib/rdoc.css
14${GEM_LIBDIR}/example/lobster.ru 14${GEM_LIBDIR}/example/lobster.ru
@@ -82,26 +82,27 @@ ${GEM_LIBDIR}/lib/rack/utils/okjson.rb @@ -82,26 +82,27 @@ ${GEM_LIBDIR}/lib/rack/utils/okjson.rb
82${GEM_LIBDIR}/rack.gemspec 82${GEM_LIBDIR}/rack.gemspec
83${GEM_LIBDIR}/test/builder/anything.rb 83${GEM_LIBDIR}/test/builder/anything.rb
84${GEM_LIBDIR}/test/builder/comment.ru 84${GEM_LIBDIR}/test/builder/comment.ru
85${GEM_LIBDIR}/test/builder/end.ru 85${GEM_LIBDIR}/test/builder/end.ru
86${GEM_LIBDIR}/test/builder/line.ru 86${GEM_LIBDIR}/test/builder/line.ru
87${GEM_LIBDIR}/test/builder/options.ru 87${GEM_LIBDIR}/test/builder/options.ru
88${GEM_LIBDIR}/test/cgi/assets/folder/test.js 88${GEM_LIBDIR}/test/cgi/assets/folder/test.js
89${GEM_LIBDIR}/test/cgi/assets/fonts/font.eot 89${GEM_LIBDIR}/test/cgi/assets/fonts/font.eot
90${GEM_LIBDIR}/test/cgi/assets/images/image.png 90${GEM_LIBDIR}/test/cgi/assets/images/image.png
91${GEM_LIBDIR}/test/cgi/assets/index.html 91${GEM_LIBDIR}/test/cgi/assets/index.html
92${GEM_LIBDIR}/test/cgi/assets/javascripts/app.js 92${GEM_LIBDIR}/test/cgi/assets/javascripts/app.js
93${GEM_LIBDIR}/test/cgi/assets/stylesheets/app.css 93${GEM_LIBDIR}/test/cgi/assets/stylesheets/app.css
94${GEM_LIBDIR}/test/cgi/lighttpd.conf 94${GEM_LIBDIR}/test/cgi/lighttpd.conf
 95${GEM_LIBDIR}/test/cgi/lighttpd.errors
95${GEM_LIBDIR}/test/cgi/rackup_stub.rb 96${GEM_LIBDIR}/test/cgi/rackup_stub.rb
96${GEM_LIBDIR}/test/cgi/sample_rackup.ru 97${GEM_LIBDIR}/test/cgi/sample_rackup.ru
97${GEM_LIBDIR}/test/cgi/test 98${GEM_LIBDIR}/test/cgi/test
98${GEM_LIBDIR}/test/cgi/test+directory/test+file 99${GEM_LIBDIR}/test/cgi/test+directory/test+file
99${GEM_LIBDIR}/test/cgi/test.fcgi 100${GEM_LIBDIR}/test/cgi/test.fcgi
100${GEM_LIBDIR}/test/cgi/test.ru 101${GEM_LIBDIR}/test/cgi/test.ru
101${GEM_LIBDIR}/test/gemloader.rb 102${GEM_LIBDIR}/test/gemloader.rb
102${GEM_LIBDIR}/test/multipart/bad_robots 103${GEM_LIBDIR}/test/multipart/bad_robots
103${GEM_LIBDIR}/test/multipart/binary 104${GEM_LIBDIR}/test/multipart/binary
104${GEM_LIBDIR}/test/multipart/content_type_and_no_filename 105${GEM_LIBDIR}/test/multipart/content_type_and_no_filename
105${GEM_LIBDIR}/test/multipart/empty 106${GEM_LIBDIR}/test/multipart/empty
106${GEM_LIBDIR}/test/multipart/fail_16384_nofile 107${GEM_LIBDIR}/test/multipart/fail_16384_nofile
107${GEM_LIBDIR}/test/multipart/file1.txt 108${GEM_LIBDIR}/test/multipart/file1.txt
@@ -109,26 +110,27 @@ ${GEM_LIBDIR}/test/multipart/filename_an @@ -109,26 +110,27 @@ ${GEM_LIBDIR}/test/multipart/filename_an
109${GEM_LIBDIR}/test/multipart/filename_with_escaped_quotes 110${GEM_LIBDIR}/test/multipart/filename_with_escaped_quotes
110${GEM_LIBDIR}/test/multipart/filename_with_escaped_quotes_and_modification_param 111${GEM_LIBDIR}/test/multipart/filename_with_escaped_quotes_and_modification_param
111${GEM_LIBDIR}/test/multipart/filename_with_percent_escaped_quotes 112${GEM_LIBDIR}/test/multipart/filename_with_percent_escaped_quotes
112${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages 113${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages
113${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages2 114${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages2
114${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages3 115${GEM_LIBDIR}/test/multipart/filename_with_unescaped_percentages3
115${GEM_LIBDIR}/test/multipart/filename_with_unescaped_quotes 116${GEM_LIBDIR}/test/multipart/filename_with_unescaped_quotes
116${GEM_LIBDIR}/test/multipart/ie 117${GEM_LIBDIR}/test/multipart/ie
117${GEM_LIBDIR}/test/multipart/mixed_files 118${GEM_LIBDIR}/test/multipart/mixed_files
118${GEM_LIBDIR}/test/multipart/nested 119${GEM_LIBDIR}/test/multipart/nested
119${GEM_LIBDIR}/test/multipart/none 120${GEM_LIBDIR}/test/multipart/none
120${GEM_LIBDIR}/test/multipart/semicolon 121${GEM_LIBDIR}/test/multipart/semicolon
121${GEM_LIBDIR}/test/multipart/text 122${GEM_LIBDIR}/test/multipart/text
 123${GEM_LIBDIR}/test/multipart/three_files_three_fields
122${GEM_LIBDIR}/test/multipart/webkit 124${GEM_LIBDIR}/test/multipart/webkit
123${GEM_LIBDIR}/test/rackup/config.ru 125${GEM_LIBDIR}/test/rackup/config.ru
124${GEM_LIBDIR}/test/registering_handler/rack/handler/registering_myself.rb 126${GEM_LIBDIR}/test/registering_handler/rack/handler/registering_myself.rb
125${GEM_LIBDIR}/test/spec_auth_basic.rb 127${GEM_LIBDIR}/test/spec_auth_basic.rb
126${GEM_LIBDIR}/test/spec_auth_digest.rb 128${GEM_LIBDIR}/test/spec_auth_digest.rb
127${GEM_LIBDIR}/test/spec_body_proxy.rb 129${GEM_LIBDIR}/test/spec_body_proxy.rb
128${GEM_LIBDIR}/test/spec_builder.rb 130${GEM_LIBDIR}/test/spec_builder.rb
129${GEM_LIBDIR}/test/spec_cascade.rb 131${GEM_LIBDIR}/test/spec_cascade.rb
130${GEM_LIBDIR}/test/spec_cgi.rb 132${GEM_LIBDIR}/test/spec_cgi.rb
131${GEM_LIBDIR}/test/spec_chunked.rb 133${GEM_LIBDIR}/test/spec_chunked.rb
132${GEM_LIBDIR}/test/spec_commonlogger.rb 134${GEM_LIBDIR}/test/spec_commonlogger.rb
133${GEM_LIBDIR}/test/spec_conditionalget.rb 135${GEM_LIBDIR}/test/spec_conditionalget.rb
134${GEM_LIBDIR}/test/spec_config.rb 136${GEM_LIBDIR}/test/spec_config.rb
cvs diff -r1.1 -r1.2 pkgsrc/www/ruby-rack15/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/ruby-rack15/Attic/distinfo 2015/02/02 14:09:22 1.1
+++ pkgsrc/www/ruby-rack15/Attic/distinfo 2015/06/22 13:58:44 1.2
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.1 2015/02/02 14:09:22 taca Exp $ 1$NetBSD: distinfo,v 1.2 2015/06/22 13:58:44 taca Exp $
2 2
3SHA1 (rack-1.5.2.gem) = a17f40c9beb03b458f537f42cf36dd90d8230625 3SHA1 (rack-1.5.5.gem) = ba068a3f5dbbed9ed38fdb54307698b5afa39a18
4RMD160 (rack-1.5.2.gem) = a0c23b40d8f6644c58b4954485c121989a9d628c 4RMD160 (rack-1.5.5.gem) = ebf42b84a05f531ab603b4ace0469e32340b4205
5Size (rack-1.5.2.gem) = 216576 bytes 5Size (rack-1.5.5.gem) = 216576 bytes