cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
46,060 Commits 1 Branch 0 Tags 554 MiB
aff161c8cb
Commit Graph

26 Commits

Author SHA1 Message Date
bernd
87244aa155 Security update to ruby-1.8.6.287. 
This fixes a DNS spoofing vulnerability in Ruby's resolver lib. (CVE-2008-1447)

A DoS vulnerability in WEBrick(CVE-2008-3656), problems with Ruby's
safelevel implementation (CVE-2008-3655) and a taint check problem
in Ruby's dynamic loader (CVE-2008-3657) got fixed as well.

This also contains a fix for the REXML DoS issue. (CVE-2008-3790)

More information:
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/

Tested by Jeremy Evans and jcs@. Thanks!
 2008-09-28 15:43:05 +00:00
bernd
0d61615f79 Security fixes for CVE-2008-1891, CVE-2008-2662, CVE-2008-2663, 
CVE-2008-2664, CVE-2008-2725 and CVE-2008-2726.

More info: http://secunia.com/advisories/29794/

with help from jcs@
tested by msf@, jcs@
 2008-07-21 09:40:42 +00:00
bernd
340327fd48 Update to ruby-1.8.6 patchlevel 111. 
This is a long overdue update which contains lots of bug fixes and some
security fixes.

Take over maintainership from msf@.

Tested by many. Thank you very much!

ok jcs@, msf@
 2007-12-27 18:32:32 +00:00
msf
da421b73db add a missing include to rdoc. from ruby subversion, pointed out by ray@ 
bump PKGNAME
 2006-12-31 01:04:09 +00:00
bernd
07b32cb93a Fix some more security problems in cgi.rb. 
ok msf@
 2006-12-04 13:26:51 +00:00
bernd
182ef239b3 Security fix for CVE-2006-5467 from ruby CVS. 
More info:
http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html
http://www.securityfocus.com/bid/20777/info

ok msf@
 2006-11-02 12:46:13 +00:00
bernd
b2be6681a6 Update to ruby-1.8.5. 
See http://eigenclass.org/hiki.rb?ruby+1.8.5+changelog for a summary of
changes.

tested by krw@
ok msf@, sturm@
 2006-10-02 07:48:08 +00:00
bernd
0583244625 - add ruby to REGRESS_DEPENDS 
- fix a typo in webrick/httpservlet/filehandler.rb. (from ruby CVS)

ok sturm@
 2006-07-06 08:22:20 +00:00
sturm
1dec9af13b readd correctly 2006-06-10 16:51:05 +00:00
alek
97ef7796e6 - SHARED_LIBS 
- Regen PLIST
- Bump PKGNAME

ok msf@, steven@
 2006-01-08 10:39:31 +00:00
msf
408205454d - update ruby to 1.8.4 
- add no_x11 PSEUDO_FLAVOR and remove old tk FLAVOR
- add tk, iconv, and gdbm SUBPACKAGES
- take MAINTAINER

"commit now" naddy@
 2005-12-29 17:27:31 +00:00
robert
c1791de453 SECURITY: 
fix an arbitrary command execution vulnerability; bump PKGNAME

http://www.vuxml.org/openbsd/e80d814e-e9b6-11d9-a5c1-00065bd5b0b6.html
 2005-06-30 22:37:12 +00:00
couderc
01c25a220a fix use of RTLD_NEXT from Kurt Miller, ok naddy@ 2004-08-19 16:39:12 +00:00
robert
19bf64c2d4 SECURITY: 
Andres Salomon noticed a problem in the CGI session management of Ruby.
CGI::Session's FileStore implementations store session information insecurely.
They simply create files, ignoring permission issues. The added patch fixes
this issue.

ok pvalchev@
 2004-08-17 16:03:10 +00:00
sturm
fda2b7431e - not every /etc is a ${SYSCONFDIR} 
- when creating directories recursively, don't try creating existing dirs

from couderc@
 2004-05-10 19:46:46 +00:00
couderc
ec77eb38c3 update to 1.8.1 2004-02-20 22:52:57 +00:00
brad
9f86be6010 export all symbols in the symbol table when on an ELF system. 
--
Ok'd by: MAINTAINER
 2002-07-15 21:38:07 +00:00
couderc
80017ea49d Fix for ELF machines from drahn@, ok krw@ 
Taking maintainer, ok krw@ & espie@
 2002-06-29 13:39:26 +00:00
krw
443f9e4716 libruby.so.1.6.6 -> libruby.so.1.66. From Couderc Damien. 2002-02-23 14:10:48 +00:00
espie
6c65483de7 fix shared library name. 
Remove COMMENT while I'm at it.
 2001-03-23 14:12:32 +00:00
espie
be62b269a0 The readline in tree is now okay. 2001-03-23 01:57:09 +00:00
espie
cf100d4524 Update to ruby 1.6.2 2001-02-21 17:17:17 +00:00
espie
8d134248eb Disable readline recognition for now, as our readline is much too old 
for it to make sense.
 2001-02-21 16:51:45 +00:00
espie
57a1b75287 Update to release 1.4.6. 
mkstemp patch no longer needed, as the new mktemp usage is safe.
 2000-09-05 13:56:24 +00:00
espie
aea0f8c2a4 Version 1.4.4 
Set patches according to update-patches.
Redo PLIST according to newer bsd.port.mk.
Remove patch that's now part of ruby proper.
 2000-05-18 18:37:59 +00:00
espie
e96bbc1bf1 ruby 1.4.3: a nice language, very similar to perl, but with with interesting 
differences.
 2000-03-28 13:16:02 +00:00