Commit Graph

59 Commits

Author SHA1 Message Date
Vít Ondruch
1610d07dcd Update to Ruby 2.1.5. 2014-11-28 17:02:55 +01:00
Vít Ondruch
61fd310e63 Update to Ruby 2.1.4. 2014-10-29 15:22:34 +01:00
Josef Stribny
d09c32278d Update to Ruby 2.1.2 2014-05-20 13:24:29 +02:00
Vít Ondruch
a7c9cd0323 Import Ruby 2.1 sources. 2014-04-08 13:32:43 +02:00
Vít Ondruch
eac4c415ba Update to Ruby 2.0.0-p353.
- Allow MD5 in OpenSSL for tests.
- Fix heap overflow in floating point parsing (CVE-2013-4164).
2013-11-27 16:07:24 +01:00
Vít Ondruch
26512adf37 Update to Ruby 2.0.0-p247 (rhbz#979605).
Fix CVE-2013-4073.
Fix for wrong makefiles created by mkmf (rhbz#921650).
2013-07-01 12:03:01 +02:00
Vít Ondruch
e1890f92f2 Update to Ruby 2.0.0-p195 (rhbz#917374).
Fix object taint bypassing in DL and Fiddle (CVE-2013-2065).
2013-05-20 15:56:24 +02:00
Vít Ondruch
eba90976c0 Update to Ruby 2.0.0-p0. 2013-02-25 12:46:22 +01:00
Vít Ondruch
eedc10e71b Add missing patch. 2013-02-22 15:28:37 +01:00
Mamoru TASAKA
51a6d3593c Update to 1.9.3 p385 2013-02-11 15:55:43 +09:00
Mamoru Tasaka
957db76127 Update to 1.9.3 p374
- Fix provided variables in pkgconfig (bug 789532:
  Vít Ondruch <vondruch@redhat.com>)
2013-01-20 01:44:27 +09:00
Mamoru Tasaka
a8441ce179 Update to 1.9.3.362 2013-01-02 16:07:42 +09:00
Mamoru Tasaka
97857e815d Update to 1.9.3.327
- Fix Hash-flooding DoS vulnerability on MurmurHash function
  (CVE-2012-5371)
2012-11-10 14:14:28 +09:00
Mamoru Tasaka
352f32d3d1 Update to 1.9.3 p286
- Don't create files when NUL-containing path name is passed
  (bug 865940)
2012-10-13 14:53:07 +09:00
Vít Ondruch
1cc853bb60 Update to Ruby 1.9.3-p194. 2012-04-20 15:01:52 +02:00
Vít Ondruch
ef4f0ea417 Upgrade to Ruby 1.9.3-p125. 2012-02-21 12:15:40 +01:00
Vít Ondruch
117278abd0 Update to Ruby 1.9.3. 2012-01-18 15:54:01 +01:00
Mamoru Tasaka
139d71a9fb Update to 1.8.7p352
Randomize hash on process startup (CVE-2011-4815, bug 750564)
2011-12-30 00:36:28 +09:00
Mamoru Tasaka
ace4eca586 Update to 1.8.7 p352
CVE-2011-2686 is fixed in this version (bug 722415)
Update ext/tk to the latest git
Remove duplicate path entry (bug 718695)
2011-07-16 10:31:19 +09:00
Mamoru Tasaka
156edf52c6 Update to 1.8.7 p334 2011-02-19 19:33:28 +09:00
Mamoru Tasaka
ca286f57ff - Update to 1.8.7 p330
- ext/tk updated to the newest header
2010-12-26 03:12:28 +09:00
Mamoru Tasaka
1f8d8f93ae - Update to 1.8.7.302
- CVE-2010-0541 (bug 587731) is fixed in this version
- Update ext/tk to the latest head
2010-08-23 02:26:59 +09:00
Mamoru Tasaka
84e77dfb4d Update to ruby 1.8.7 patchlevel 299 2010-07-26 19:14:51 +00:00
Mamoru Tasaka
75c801898d - ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407)
- Recreate some patches using upstream svn when available, and add some
    comments for patches
Tue May 11 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-2
- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch and
    instead completely replace with ruby_1_8 branch head (at this time,
    using rev 27738) (seems to fix 560053, 590503)
- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/
2010-05-14 19:10:53 +00:00
Mamoru Tasaka
e68a717cca - Update to 1.8.6 p 399 (bug 579675)
- Patch to fix gc bug causing open4 crash (bug 580993)
2010-04-26 19:02:49 +00:00
Jeroen van Meeuwen
10bb15baa8 1.8.6.388-7 2010-01-27 12:41:43 +00:00
Jeroen van Meeuwen
bf4f952440 1.8.6.388-6 2010-01-21 00:15:48 +00:00
Mamoru Tasaka
35188975c5 - Update to 1.8.6 patchlevel 383 (bug 520063) 2009-10-23 17:25:54 +00:00
Jeroen van Meeuwen
6d07108771 1.8.6.369-1 2009-06-23 12:39:02 +00:00
Jeroen van Meeuwen
cd6aa0e02c 1.8.6.368-2 2009-06-20 17:50:59 +00:00
Jeroen van Meeuwen
c11147cfd2 1.8.6.368-1 2009-05-31 08:42:06 +00:00
Mamoru Tasaka
ea13dff1e7 - Merge Review fix (#226381) 2009-04-11 14:41:42 +00:00
Jeroen van Meeuwen
e9a1e47fca 1.8.6.287-4 2009-03-15 05:56:18 +00:00
Akira TAGOH
3f68db5077 - New upstream release.
- Security fixes.
- CVE-2008-3655: Ruby does not properly restrict access to critical
    variables and methods at various safe levels.
- CVE-2008-3656: DoS vulnerability in WEBrick.
- CVE-2008-3657: Lack of taintness check in dl.
- CVE-2008-1447: DNS spoofing vulnerability in resolv.rb.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine.
- Remove the unnecessary backported patches.
2008-08-23 08:58:47 +00:00
Akira TAGOH
9f5e44d23c - New upstream release.
- Security fixes. (#452295)
- CVE-2008-1891: WEBrick CGI source disclosure.
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_splice().
- CVE-2008-2726: Integer overflow in rb_ary_splice().
- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
- Build ruby-mode package for all archtectures.
2008-06-24 03:32:31 +00:00
Akira TAGOH
a4b170df84 clean up 2008-05-27 02:36:04 +00:00
Akira TAGOH
0af4ee55b7 - Security fix for CVE-2008-1145.
- Improve a spec file. (#226381)
- Correct License tag.
- Fix a timestamp issue.
- Own a arch-specific directory.
2008-03-10 04:28:30 +00:00
Akira TAGOH
3646e24c14 - Clean up again. 2007-12-28 02:42:45 +00:00
Akira TAGOH
ab1c353515 - New upstream release.
- ruby-1.8.6.111-CVE-2007-5162.patch: Update a bit with backporting the
    changes at trunk to enable the fix without any modifications on the
    users' scripts. Note that Net::HTTP#enable_post_connection_check isn't
    available anymore. If you want to disable this post-check, you should
    give OpenSSL::SSL::VERIFY_NONE to Net::HTTP#verify_mode= instead of.
2007-10-29 12:32:50 +00:00
Akira TAGOH
0ce3eec117 - New upstream release.
- ruby-r12567.patch: removed.
- ruby-1.8.6-CVE-2007-5162.patch: security fix for Net::HTTP that is
    insufficient verification of SSL certificate.
2007-10-10 01:05:17 +00:00
Akira TAGOH
a479a6b5f9 - New upstream release.
- Fix Etc::getgrgid to get the correct gid as requested. (#236647)
2007-06-20 13:14:04 +00:00
Akira TAGOH
0ccd24ad48 - New upstream release.
- clean up a spec file.
2007-03-15 13:26:32 +00:00
Akira TAGOH
5e0f0e1ccd - New upstream release. sources 5 Feb 2007 10:36:34 -0000
d7d12dd9124c9b7d55cdbbee313e3931 ruby-1.8.5-p12.tar.gz
2007-02-05 10:36:36 +00:00
Akira TAGOH
f069eea3e8 - security fix release. 2006-12-11 04:23:10 +00:00
Akira TAGOH
f3840b136a - New upstream release.
- removed the unnecessary patches:
- ruby-1.8.4-no-eaccess.patch
- ruby-1.8.4-64bit-pack.patch
- ruby-1.8.4-fix-insecure-dir-operation.patch
- ruby-1.8.4-fix-insecure-regexp-modification.patch
- ruby-1.8.4-fix-alias-safe-level.patch
2006-08-28 08:50:07 +00:00
Akira TAGOH
9136cfaca1 - New upstream release.
- fixed a missing return statement. (#140833)
- fixed an use of uninitialized variable. (#144890)
2005-12-27 03:49:08 +00:00
Akira TAGOH
b3723722dd - updates to 1.8.4-preview2.
- renamed the packages to ruby-* (#175765)
- irb -> ruby-irb
- rdoc -> ruby-rdoc
- ri -> ruby-ri
- added tcl-devel and tk-devel into BuildRequires.
2005-12-16 10:38:22 +00:00
Akira TAGOH
d4bcc3bedd - New upstream release.
- ruby-1.8.2-strscan-memset.patch: removed because it's no longer needed.
2005-10-31 02:56:40 +00:00
Akira TAGOH
714d9f4d4c - New upstream release.
- Build-Requires xorg-x11-devel instead of XFree86-devel.
- ruby-multilib.patch: applied for only 64-bit archs.
- ruby-1.8.2-xmlrpc-CAN-2005-1992.patch: removed. it has already been in
    upstream.
2005-09-21 07:29:44 +00:00
Akira TAGOH
e5e207b77a - New upstream release.
- ruby-1.8.1-ia64-stack-limit.patch: removed - it's no longer needed.
- ruby-1.8.1-cgi_session_perms.patch: likewise.
- ruby-1.8.1-cgi-dos.patch: likewise.
- generated Ruby interactive documentation - senarated package. it's now
    provided as ri package. (#141806)
2005-01-05 07:28:29 +00:00