Commit Graph

54 Commits

Author SHA1 Message Date
Vít Ondruch
26512adf37 Update to Ruby 2.0.0-p247 (rhbz#979605).
Fix CVE-2013-4073.
Fix for wrong makefiles created by mkmf (rhbz#921650).
2013-07-01 12:03:01 +02:00
Vít Ondruch
e1890f92f2 Update to Ruby 2.0.0-p195 (rhbz#917374).
Fix object taint bypassing in DL and Fiddle (CVE-2013-2065).
2013-05-20 15:56:24 +02:00
Vít Ondruch
eba90976c0 Update to Ruby 2.0.0-p0. 2013-02-25 12:46:22 +01:00
Vít Ondruch
eedc10e71b Add missing patch. 2013-02-22 15:28:37 +01:00
Mamoru TASAKA
51a6d3593c Update to 1.9.3 p385 2013-02-11 15:55:43 +09:00
Mamoru Tasaka
957db76127 Update to 1.9.3 p374
- Fix provided variables in pkgconfig (bug 789532:
  Vít Ondruch <vondruch@redhat.com>)
2013-01-20 01:44:27 +09:00
Mamoru Tasaka
a8441ce179 Update to 1.9.3.362 2013-01-02 16:07:42 +09:00
Mamoru Tasaka
97857e815d Update to 1.9.3.327
- Fix Hash-flooding DoS vulnerability on MurmurHash function
  (CVE-2012-5371)
2012-11-10 14:14:28 +09:00
Mamoru Tasaka
352f32d3d1 Update to 1.9.3 p286
- Don't create files when NUL-containing path name is passed
  (bug 865940)
2012-10-13 14:53:07 +09:00
Vít Ondruch
1cc853bb60 Update to Ruby 1.9.3-p194. 2012-04-20 15:01:52 +02:00
Vít Ondruch
ef4f0ea417 Upgrade to Ruby 1.9.3-p125. 2012-02-21 12:15:40 +01:00
Vít Ondruch
117278abd0 Update to Ruby 1.9.3. 2012-01-18 15:54:01 +01:00
Mamoru Tasaka
139d71a9fb Update to 1.8.7p352
Randomize hash on process startup (CVE-2011-4815, bug 750564)
2011-12-30 00:36:28 +09:00
Mamoru Tasaka
ace4eca586 Update to 1.8.7 p352
CVE-2011-2686 is fixed in this version (bug 722415)
Update ext/tk to the latest git
Remove duplicate path entry (bug 718695)
2011-07-16 10:31:19 +09:00
Mamoru Tasaka
156edf52c6 Update to 1.8.7 p334 2011-02-19 19:33:28 +09:00
Mamoru Tasaka
ca286f57ff - Update to 1.8.7 p330
- ext/tk updated to the newest header
2010-12-26 03:12:28 +09:00
Mamoru Tasaka
1f8d8f93ae - Update to 1.8.7.302
- CVE-2010-0541 (bug 587731) is fixed in this version
- Update ext/tk to the latest head
2010-08-23 02:26:59 +09:00
Mamoru Tasaka
84e77dfb4d Update to ruby 1.8.7 patchlevel 299 2010-07-26 19:14:51 +00:00
Mamoru Tasaka
75c801898d - ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407)
- Recreate some patches using upstream svn when available, and add some
    comments for patches
Tue May 11 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-2
- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch and
    instead completely replace with ruby_1_8 branch head (at this time,
    using rev 27738) (seems to fix 560053, 590503)
- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/
2010-05-14 19:10:53 +00:00
Mamoru Tasaka
e68a717cca - Update to 1.8.6 p 399 (bug 579675)
- Patch to fix gc bug causing open4 crash (bug 580993)
2010-04-26 19:02:49 +00:00
Jeroen van Meeuwen
10bb15baa8 1.8.6.388-7 2010-01-27 12:41:43 +00:00
Jeroen van Meeuwen
bf4f952440 1.8.6.388-6 2010-01-21 00:15:48 +00:00
Mamoru Tasaka
35188975c5 - Update to 1.8.6 patchlevel 383 (bug 520063) 2009-10-23 17:25:54 +00:00
Jeroen van Meeuwen
6d07108771 1.8.6.369-1 2009-06-23 12:39:02 +00:00
Jeroen van Meeuwen
cd6aa0e02c 1.8.6.368-2 2009-06-20 17:50:59 +00:00
Jeroen van Meeuwen
c11147cfd2 1.8.6.368-1 2009-05-31 08:42:06 +00:00
Mamoru Tasaka
ea13dff1e7 - Merge Review fix (#226381) 2009-04-11 14:41:42 +00:00
Jeroen van Meeuwen
e9a1e47fca 1.8.6.287-4 2009-03-15 05:56:18 +00:00
Akira TAGOH
3f68db5077 - New upstream release.
- Security fixes.
- CVE-2008-3655: Ruby does not properly restrict access to critical
    variables and methods at various safe levels.
- CVE-2008-3656: DoS vulnerability in WEBrick.
- CVE-2008-3657: Lack of taintness check in dl.
- CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine.
- Remove the unnecessary backported patches.
2008-08-23 08:58:47 +00:00
Akira TAGOH
9f5e44d23c - New upstream release.
- Security fixes. (#452295)
- CVE-2008-1891: WEBrick CGI source disclosure.
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_splice().
- CVE-2008-2726: Integer overflow in rb_ary_splice().
- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
- Build ruby-mode package for all archtectures.
2008-06-24 03:32:31 +00:00
Akira TAGOH
a4b170df84 clean up 2008-05-27 02:36:04 +00:00
Akira TAGOH
0af4ee55b7 - Security fix for CVE-2008-1145.
- Improve a spec file. (#226381)
- Correct License tag.
- Fix a timestamp issue.
- Own a arch-specific directory.
2008-03-10 04:28:30 +00:00
Akira TAGOH
3646e24c14 - Clean up again. 2007-12-28 02:42:45 +00:00
Akira TAGOH
ab1c353515 - New upstream release.
- ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the
    changes at trunk to enable the fix without any modifications on the
    users' scripts. Note that Net::HTTP#enable_post_connection_check isn't
    available anymore. If you want to disable this post-check, you should
    give OpenSSL::SSL::VERIFY_NONE to Net::HTTP#verify_mode= instead of.
2007-10-29 12:32:50 +00:00
Akira TAGOH
0ce3eec117 - New upstream release.
- ruby-r12567.patch: removed.
- ruby-1.8.6-CVE-2007-5162.patch: security fix for Net::HTTP that is
    insufficient verification of SSL certificate.
2007-10-10 01:05:17 +00:00
Akira TAGOH
a479a6b5f9 - New upstream release.
- Fix Etc::getgrgid to get the correct gid as requested. (#236647)
2007-06-20 13:14:04 +00:00
Akira TAGOH
0ccd24ad48 - New upstream release.
- clean up a spec file.
2007-03-15 13:26:32 +00:00
Akira TAGOH
5e0f0e1ccd - New upstream release. sources 5 Feb 2007 10:36:34 -0000
d7d12dd9124c9b7d55cdbbee313e3931 ruby-1.8.5-p12.tar.gz
2007-02-05 10:36:36 +00:00
Akira TAGOH
f069eea3e8 - security fix release. 2006-12-11 04:23:10 +00:00
Akira TAGOH
f3840b136a - New upstream release.
- removed the unnecessary patches:
- ruby-1.8.4-no-eaccess.patch
- ruby-1.8.4-64bit-pack.patch
- ruby-1.8.4-fix-insecure-dir-operation.patch
- ruby-1.8.4-fix-insecure-regexp-modification.patch
- ruby-1.8.4-fix-alias-safe-level.patch
2006-08-28 08:50:07 +00:00
Akira TAGOH
9136cfaca1 - New upstream release.
- fixed a missing return statement. (#140833)
- fixed an use of uninitialized variable. (#144890)
2005-12-27 03:49:08 +00:00
Akira TAGOH
b3723722dd - updates to 1.8.4-preview2.
- renamed the packages to ruby-* (#175765)
- irb -> ruby-irb
- rdoc -> ruby-rdoc
- ri -> ruby-ri
- added tcl-devel and tk-devel into BuildRequires.
2005-12-16 10:38:22 +00:00
Akira TAGOH
d4bcc3bedd - New upstream release.
- ruby-1.8.2-strscan-memset.patch: removed because it's no longer needed.
2005-10-31 02:56:40 +00:00
Akira TAGOH
714d9f4d4c - New upstream release.
- Build-Requires xorg-x11-devel instead of XFree86-devel.
- ruby-multilib.patch: applied for only 64-bit archs.
- ruby-1.8.2-xmlrpc-CAN-2005-1992.patch: removed. it has already been in
    upstream.
2005-09-21 07:29:44 +00:00
Akira TAGOH
e5e207b77a - New upstream release.
- ruby-1.8.1-ia64-stack-limit.patch: removed - it's no longer needed.
- ruby-1.8.1-cgi_session_perms.patch: likewise.
- ruby-1.8.1-cgi-dos.patch: likewise.
- generated Ruby interactive documentation - senarated package. it's now
    provided as ri package. (#141806)
2005-01-05 07:28:29 +00:00
cvsdist
68281ea7f3 auto-import changelog data from ruby-1.8.1-4.src.rpm
Wed Jun 23 2004 Akira TAGOH <tagoh@redhat.com> 1.8.1-4
- updated the documentation.
2004-09-09 12:00:12 +00:00
cvsdist
461df61bac auto-import changelog data from ruby-1.8.1-2.1.src.rpm
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Wed Feb 04 2004 Akira TAGOH <tagoh@redhat.com> 1.8.1-1
- New upstream release.
- don't use any optimization for ia64 to avoid the build failure.
- ruby-1.8.1-ia64-stack-limit.patch: applied to fix SystemStackError when
    the optimization is disabled.
2004-09-09 11:59:52 +00:00
cvsdist
29f468a646 auto-import changelog data from ruby-1.8.0-1.src.rpm
Tue Aug 05 2003 Akira TAGOH <tagoh@redhat.com> 1.8.0-1
- New upstream release.
Thu Jul 24 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-9.1
- rebuilt
Thu Jul 24 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-9
- ruby-1.6.8-castnode.patch: handling the nodes with correct cast. use this
    patch now instead of ruby-1.6.8-fix-x86_64.patch.
Fri Jul 04 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-8
- rebuilt
Fri Jul 04 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-7
- fix the gcc warnings. (#82192)
- ruby-1.6.8-fix-x86_64.patch: correct a patch. NOTE: DON'T USE THIS PATCH
    FOR BIG ENDIAN ARCHITECTURE.
- ruby-1.6.7-long2int.patch: removed.
Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
2004-09-09 11:58:25 +00:00
cvsdist
91cfb3454d auto-import changelog data from ruby-1.6.8-5.src.rpm
Fri Feb 07 2003 Jens Petersen <petersen@redhat.com> - 1.6.8-5
- rebuild against ucs4 tcltk
Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt
Wed Jan 22 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-3
- ruby-1.6.8-multilib.patch: applied to fix the search path issue on x86_64
Tue Jan 21 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-2
- ruby-1.6.8-require.patch: applied to fix the search bug in require.
- don't apply long2int patch to s390 and s390x. it doesn't work.
Wed Jan 15 2003 Akira TAGOH <tagoh@redhat.com> 1.6.8-1
- New upstream release.
- removed some patches. it's no longer needed.
- ruby-1.6.7-100.patch
- ruby-1.6.7-101.patch
- ruby-1.6.7-102.patch
- ruby-1.6.7-103.patch
- 801_extmk.rb-shellwords.patch
- 801_mkmf.rb-shellwords.patch
- 804_parse.y-new-bison.patch
- 805_uri-bugfix.patch
- ruby-1.6.6-900_XXX_strtod.patch
- ruby-1.6.7-sux0rs.patch
- ruby-1.6.7-libobj.patch
Wed Jan 15 2003 Jens Petersen <petersen@redhat.com> 1.6.7-14
- rebuild to update tcltk deps
Mon Dec 16 2002 Elliot Lee <sopwith@redhat.com> 1.6.7-13
- Remove ExcludeArch: x86_64
- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long)
    == sizeof(int). The patch does not fix the source of the problem, just
    makes it a non-issue.)
- _smp_mflags
Tue Dec 10 2002 Tim Powers <timp@redhat.com> 1.6.7-12
- rebuild to fix broken tcltk deps
Tue Oct 22 2002 Akira TAGOH <tagoh@redhat.com> 1.6.7-11
- use %configure macro instead of configure script.
- use the latest config.{sub,guess}.
- get archname from rbconfig.rb for %dir
- applied some patches from Debian:
- 801_extmk.rb-shellwords.patch: use Shellwords
- 801_mkmf.rb-shellwords.patch: mkmf.rb creates bad Makefile. the Makefile
    links libruby.a to the target.
- 803_sample-fix-shbang.patch: all sample codes should be
    s|/usr/local/bin|/usr/bin|g
- 804_parse.y-new-bison.patch: fix syntax warning.
- 805_uri-bugfix.patch: uri.rb could not handle correctly broken
    mailto-uri.
- add ExcludeArch x86_64 temporarily to fix Bug#74581. Right now ruby can't
    be built on x86_64.
2004-09-09 11:57:26 +00:00
cvsdist
df80c1c52f auto-import changelog data from ruby-1.6.7-2.src.rpm
Mon Mar 18 2002 Akira TAGOH <tagoh@redhat.com> 1.6.7-2
- ruby-man-1.4.6-jp.tar.bz2: removed.
- ruby-refm-rdp-1.4.7-ja-html.tar.bz2: uses it instead of.
- ruby-1.6.7-500-marshal-proc.patch, ruby-1.6.7-501-class-var.patch:
    removed.
- ruby-1.6.7-100.patch: applied a bug fix patch. (ruby-dev#16274: patch for
    'wm state') (PR#206ja: SEGV handle EXIT)
- ruby-1.6.7-101.patch: applied a bug fix patch. (ruby-list#34313:
    singleton should not be Marshal.dump'ed) (ruby-dev#16411: block local
    var)
- ruby-1.6.7-102.patch: applied a bug fix patch. (handling multibyte chars
    is partially broken)
- ruby-1.6.7-103.patch: applied a bug fix patch. (ruby-dev#16462: preserve
    reference for GC, but link should be cut)
2004-09-09 11:56:10 +00:00