lp://staging/ubuntu/raring-updates/ruby1.9.1
- Get this branch:
- bzr branch lp://staging/ubuntu/raring-updates/ruby1.9.1
Branch merges
Branch information
Recent revisions
- 29. By Marc Deslauriers
-
* SECURITY UPDATE: safe level restriction bypass via DL and Fiddle
- debian/patches/ CVE-2013- 2065.patch: perform taint checking in
ext/dl/lib/ dl/func. rb, ext/fiddle/ function. c.
- CVE-2013-2065
* SECURITY UPDATE: denial of service and possible code execution via
heap overflow in floating point parsing.
- debian/patches/ CVE-2013- 4164.patch: check lengths in util.c, added
test to test/ruby/test_float. rb.
- CVE-2013-4164 - 28. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect ssl hostname verification
- debian/patches/ CVE-2013- 4073.patch: fix hostname check and regression
in ext/openssl/lib/openssl/ ssl-internal. rb, added test to
test/openssl/ test_ssl. rb.
- CVE-2013-4073 - 27. By Marc Deslauriers
-
* Merge from Debian testing. Remaining changes:
- debian/control: Add ca-certificates to libruby1.9.1 depends so that
rubygems can perform certificate verification
- debian/rules: Don't install SSL certificates from upstream sources
- debian/patches/ 20120927- rubygems_ disable_ upstream_ certs.patch: Use
/etc/ssl/certs/ ca-certificates .crt for the trusted CA certificates.
- debian/patches/ CVE-2012- 4522.patch: Adjust patch to fix build test
error. Use the version of the fix from upstream's 1.9.3 tree to fix
the NoMethodError for assert_file_not, which doesn't exist in 1.9.3.
Adjust the Origin patch tag accordingly. - 26. By Tyler Hicks
-
* Merge from Debian testing (LP: #1131493). Remaining changes:
- debian/control: Add ca-certificates to libruby1.9.1 depends so that
rubygems can perform certificate verification
- debian/rules: Don't install SSL certificates from upstream sources
- debian/patches/ 20120927- rubygems_ disable_ upstream_ certs.patch: Use
/etc/ssl/certs/ ca-certificates .crt for the trusted CA certificates.
* Changes dropped:
- debian/patches/ 20121016- cve_2012_ 4522.patch: Debian is carrying a patch
for this issue.
- debian/patches/ 20121011- cve_2012_ 4464-cve_ 2012_4466. patch: Debian is
carrying a patch for this issue, but the patch is incorrectly named
20120927-cve_2011_ 1005.patch. I'll work with Debian to change the patch
name, but there's no need in carrying a delta because of this. To be
clear, the Ubuntu ruby1.9.1 package is patched for CVE-2012-4464 and
CVE-2012-4466, despite the incorrect patch name.
* debian/patches/ CVE-2012- 4522.patch: Adjust patch to fix build test error.
Use the version of the fix from upstream's 1.9.3 tree to fix the
NoMethodError for assert_file_not, which doesn't exist in 1.9.3. Adjust
the Origin patch tag accordingly. - 25. By Tyler Hicks
-
* SECURITY UPDATE: Safe level bypass
- debian/patches/ 20121011- cve_2012_ 4464-cve_ 2012_4466. patch: Remove
incorrect string taint in exception handling methods. Based on upstream
patch.
- CVE-2012-4464
- CVE-2012-4466
* SECURITY UPDATE: Missing input sanitization of file paths
- debian/patches/ 20121016- cve_2012_ 4522.patch: NUL characters are not
valid filename characters, so ensure that Ruby strings used for file
paths do not contain NUL characters. Based on upstream patch.
- CVE-2012-4522
* debian/patches/ 20120927- cve_2011_ 1005.patch: Drop since ruby1.9.x is
technically not affected by CVE-2011-1005. CVE-2012-4464 is the id
assigned to the vulnerability in the ruby1.9.x branch. - 24. By Tyler Hicks
-
* SECURITY UPDATE: Safe level bypass
- debian/patches/ 20120927- cve_2011_ 1005.patch: Remove incorrect string
taint in exception handling methods. Based on upstream patch.
- CVE-2011-1005
* Make the RubyGems fetcher use distro-provided ca-certificates
(LP: #1057926)
- debian/control: Add ca-certificates to libruby1.9.1 depends so that
rubygems can perform certificate verification
- debian/rules: Don't install SSL certificates from upstream sources
- debian/patches/ 20120927- rubygems_ disable_ upstream_ certs.patch: Use
/etc/ssl/certs/ ca-certificates .crt for the trusted CA certificates. - 23. By Antonio Terceiro
-
[ Lucas Nussbaum ]
* Add hurd-path-max.diff. Fixes FTBFS on Hurd. (Closes: #648055)[ Daigo Moriwaki ]
* Removed debian/patches/ debian/ patches/ sparc-continuat ions.diff,
which the upstream has applied.
* debian/rules:
- Bumped up tcltk_ver to 8.5.
- Used chrpath for tcltklib.so to fix a lintian error,
binary-or-shlib- defines- rpath.
* debian/control:
- Suggests ruby-switch. (Closes: #654312)
- Build-Depends: chrpath.
* debian/libruby1. 9.1.symbols: Added a new symbol for
rb_str_modify_ expand@ Base.
* debian/run-test- suites. bash:
- Corrected options for test-all.
- Enabled timeout to allow hang tests to be aborted.[ James Healy ]
* New upstream release: 1.9.3p194 (Closes: #669582)
+ This release includes a fix for CVE-2011-0188 (Closes: #628451)
+ This release also does not segfault when running the test suite under
amd64 (Closes: #674347)
* Enable hardened build flags (Closes: #667964)
* debian/control:
- depend on specific version on coreutils
- update policy version (no changes)[ Antonio Terceiro ]
* debian/ruby1.9. 1.postinst:
+ bump alternatives priority for `ruby` to 51 so that Ruby 1.9 has a
higher priority than Ruby 1.8 (50).
+ bump alternatives priority for `gem` to 181 so that the Rubygems
provided by Ruby 1.9 has priority over the one provided by the rubygems
package.
* debian/control: added myself to Uploaders:
* debian/libruby1. 9.1.symbols: update with new symbols added in 1.9.3p194
upstream release.
* debian/manpages/*: fix references to command names with s/1.9/1.9.1/
* debian/rules: skip running DRB tests, since they seem to make the build
hang. This should close #647296, but let's way and see. Also, with this do
not need to timeout the test suite anymore. - 21. By Lucas Nussbaum <email address hidden>
-
* New upstream release: 1.9.3p0.
* Disable test suites on ia64 sparc kfreebsd-i386 kfreebsd-amd64.
Those architectures are known to be broken at the moment.
Details: http://lists.debian. org/debian- release/ 2011/10/ msg00279. html - 20. By Lucas Nussbaum <email address hidden>
-
* New upstream release: 1.9.3 RC1.
+ Includes load.c fixes. Closes: #639959.
* Upload to unstable.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/saucy/ruby1.9.1