diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2012-10-15 19:42:50 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2012-10-16 06:23:50 +0000 |
| commit | 2b6fc59397fdc5712024fc296473d80914ee3ae6 (patch) | |
| tree | 922142f2f45ef9664708b4a9012218470d0a5a0c /main/ruby | |
| parent | 09fb6fdf0c07df034fe46d0c0b7634971dd28ed6 (diff) | |
| download | aports-2b6fc59397fdc5712024fc296473d80914ee3ae6.tar.bz2 aports-2b6fc59397fdc5712024fc296473d80914ee3ae6.tar.xz | |
main/ruby: upgrade to 1.9.3_p286
Diffstat (limited to 'main/ruby')
| -rw-r--r-- | main/ruby/APKBUILD | 8 | ||||
| -rw-r--r-- | main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch | 103 |
2 files changed, 3 insertions, 108 deletions
diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD index 98f82b4fde..f78f723482 100644 --- a/main/ruby/APKBUILD +++ b/main/ruby/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ruby -pkgver=1.9.3_p194 +pkgver=1.9.3_p286 _pkgver=${pkgver/_/-} pkgrel=0 @@ -22,7 +22,6 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-irb $pkgname-gems \ " patches=" ruby-1.9.3-always-use-i386.patch - ruby-1.9.3-backport-from-trunk-rev37068.patch " source="ftp://ftp.ruby-lang.org/pub/ruby/${pkgver%.*}/${pkgname}-${_pkgver}.tar.bz2 $patches" @@ -184,6 +183,5 @@ libs() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ } -md5sums="2278eff4cfed3cbc0653bc73085caa34 ruby-1.9.3-p194.tar.bz2 -8395693c99415532780605af203a102b ruby-1.9.3-always-use-i386.patch -b586536d4d196b142fd0968dac192617 ruby-1.9.3-backport-from-trunk-rev37068.patch" +md5sums="e76848a86606a4fd5dcf14fc4b4e755e ruby-1.9.3-p286.tar.bz2 +8395693c99415532780605af203a102b ruby-1.9.3-always-use-i386.patch" diff --git a/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch b/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch deleted file mode 100644 index ed94e738fa..0000000000 --- a/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch +++ /dev/null @@ -1,103 +0,0 @@ -Patch from trunk for CVE-2012-4464, CVE-2012-4466 -Part for test/ruby/test_exception.rb was adjusted for ruby 1.9.3 - -Mamoru Tasaka <mtasaka@fedoraproject.org> - ------------------------------------------------------------------------- -r37068 | shugo | 2012-10-03 02:25:10 +0900 (Wed, 03 Oct 2012) | 2 lines - -* error.c (exc_to_s, name_err_to_s, name_err_mesg_to_str): do not - taint messages. ------------------------------------------------------------------------- -Index: error.c -=================================================================== ---- ./error.c (revision 37067) -+++ ./error.c (revision 37068) -@@ -635,7 +635,6 @@ - - if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); - r = rb_String(mesg); -- OBJ_INFECT(r, exc); - return r; - } - -@@ -996,11 +995,7 @@ - - if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); - StringValue(str); -- if (str != mesg) { -- rb_iv_set(exc, "mesg", mesg = str); -- } -- OBJ_INFECT(mesg, exc); -- return mesg; -+ return str; - } - - /* -@@ -1131,7 +1126,6 @@ - args[2] = d; - mesg = rb_f_sprintf(NAME_ERR_MESG_COUNT, args); - } -- OBJ_INFECT(mesg, obj); - return mesg; - } - -Index: test/ruby/test_exception.rb -=================================================================== ---- ./test/ruby/test_exception.rb (revision 37067) -+++ ./test/ruby/test_exception.rb (modified) -@@ -333,4 +333,54 @@ - load(t.path) - end - end -+ -+ def test_to_s_taintness_propagation -+ for exc in [Exception, NameError] -+ m = "abcdefg" -+ e = exc.new(m) -+ e.taint -+ s = e.to_s -+ assert_equal(false, m.tainted?, -+ "#{exc}#to_s should not propagate taintness") -+ assert_equal(false, s.tainted?, -+ "#{exc}#to_s should not propagate taintness") -+ end -+ -+ o = Object.new -+ def o.to_str -+ "foo" -+ end -+ o.taint -+ e = NameError.new(o) -+ s = e.to_s -+ assert_equal(false, s.tainted?) -+ end -+ -+ def test_exception_to_s_should_not_propagate_untrustedness -+ favorite_lang = "Ruby" -+ -+ for exc in [Exception, NameError] -+ assert_raise(SecurityError) do -+ lambda { -+ $SAFE = 4 -+ exc.new(favorite_lang).to_s -+ favorite_lang.replace("Python") -+ }.call -+ end -+ end -+ -+ assert_raise(SecurityError) do -+ lambda { -+ $SAFE = 4 -+ o = Object.new -+ o.singleton_class.send(:define_method, :to_str) { -+ favorite_lang -+ } -+ NameError.new(o).to_s -+ favorite_lang.replace("Python") -+ }.call -+ end -+ -+ assert_equal("Ruby", favorite_lang) -+ end - end |