diff --git a/ruby-1.8.6-ossl-rand-range.patch b/ruby-1.8.6-ossl-rand-range.patch new file mode 100644 index 0000000..790a760 --- /dev/null +++ b/ruby-1.8.6-ossl-rand-range.patch @@ -0,0 +1,14 @@ +diff -up ruby-1.8.6-p287/ext/openssl/openssl_missing.h.rand-range ruby-1.8.6-p287/ext/openssl/openssl_missing.h +--- ruby-1.8.6-p287/ext/openssl/openssl_missing.h.rand-range 2008-08-04 06:43:34.000000000 +0200 ++++ ruby-1.8.6-p287/ext/openssl/openssl_missing.h 2009-01-26 15:11:23.000000000 +0100 +@@ -120,8 +120,8 @@ int X509_CRL_add0_revoked(X509_CRL *crl, + int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +-int BN_rand_range(BIGNUM *r, BIGNUM *range); +-int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range); ++int BN_rand_range(BIGNUM *r, const BIGNUM *range); ++int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range); + char *CONF_get1_default_config_file(void); + int PEM_def_callback(char *buf, int num, int w, void *key); + diff --git a/ruby.spec b/ruby.spec index c38cdc8..6380e4e 100644 --- a/ruby.spec +++ b/ruby.spec @@ -35,6 +35,7 @@ Patch22: ruby-deprecated-search-path.patch Patch23: ruby-multilib.patch Patch25: ruby-1.8.6.111-gcc43.patch Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch +Patch27: ruby-1.8.6-ossl-rand-range.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -154,6 +155,7 @@ pushd %{name}-%{arcver} %endif %patch25 -p1 %patch26 -p1 +%patch27 -p1 popd %build @@ -504,8 +506,9 @@ rm -rf tmp-ruby-docs %{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el %changelog -* Sat Jan 17 2009 Tomas Mraz - 1.8.6.287-3 +* Mon Jan 26 2009 Tomas Mraz - 1.8.6.287-3 - rebuild with new openssl +- BN_rand_range functions are now constified * Wed Oct 8 2008 Akira TAGOH - 1.8.6.287-2 - CVE-2008-3790: DoS vulnerability in the REXML module.