Commit Graph

109 Commits

Author SHA1 Message Date
naddy
2b84b064ff bump PKGNAME for PLIST changes 4.5 -> 4.6 2009-06-22 17:00:23 +00:00
bernd
ede46f770e Security update to ruby-1.8.6-p369.
Fixes a denial of service vulnerability in the BigDecimal
standard library of Ruby.

http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
2009-06-16 09:12:44 +00:00
bernd
03af0b16cd Update to ruby-1.8.6.368.
Including security fixes for CVE-2008-1447 and CVE-2007-1558.

Tested by Jeremy Evans, jcs@, sturm@ and msf@. Thank you!
2009-04-27 10:54:09 +00:00
jakemsr
c1d4cf76d9 use /dev/arandom instead of /dev/urandom. reading from /dev/urandom is
too slow.

ok bernd@
2009-03-23 00:35:44 +00:00
espie
ec94f4e745 zap obsolete spec, replace tk-8.5* with tk->=8.5,<8.6
bump corresponding pkgname
2009-03-09 17:54:21 +00:00
bernd
04529b0584 Bring back the fix for short-named constants.
This previous problems should be gone now.
(ruby svn r18485 and r22679)

Thanks to Jeremy Evans!
2009-03-07 12:30:17 +00:00
naddy
9ea99647ac bump PKGNAME for PLIST changes 4.4 -> 4.5 2009-02-09 20:48:23 +00:00
bernd
a588fcd431 Revert last "fix". I causes problems with some Ruby code which worked before. 2009-02-03 21:15:28 +00:00
bernd
bf613b4177 Fix usage of short-named constants. (ruby svn r18485)
From msf@.
2009-01-31 09:54:31 +00:00
naddy
c0473d8daf don't try to declare conflicting prototypes for functions already declared
by OpenSSL 0.9.8j
2009-01-10 17:03:34 +00:00
bernd
c4f3158173 Require ruby-gems-1.3.0 and add --default-source-index to GEM_FLAGS. 2008-09-28 15:47:27 +00:00
bernd
87244aa155 Security update to ruby-1.8.6.287.
This fixes a DNS spoofing vulnerability in Ruby's resolver lib. (CVE-2008-1447)

A DoS vulnerability in WEBrick(CVE-2008-3656), problems with Ruby's
safelevel implementation (CVE-2008-3655) and a taint check problem
in Ruby's dynamic loader (CVE-2008-3657) got fixed as well.

This also contains a fix for the REXML DoS issue. (CVE-2008-3790)

More information:
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/

Tested by Jeremy Evans and jcs@. Thanks!
2008-09-28 15:43:05 +00:00
steven
007f70e812 add MODRUBY_LIB_DEPENDS.
ok bernd@
2008-09-02 21:08:29 +00:00
sthen
323cf44154 shared library and PKGNAME bumps due to use of isinf/isnan/nan
following libc/libm changes
2008-07-25 20:25:59 +00:00
bernd
0d61615f79 Security fixes for CVE-2008-1891, CVE-2008-2662, CVE-2008-2663,
CVE-2008-2664, CVE-2008-2725 and CVE-2008-2726.

More info: http://secunia.com/advisories/29794/

with help from jcs@
tested by msf@, jcs@
2008-07-21 09:40:42 +00:00
naddy
b3e53655d3 bump PKGNAME for PLIST changes 4.3 -> 4.4 2008-07-04 19:57:06 +00:00
landry
cc14671c30 Add lang/ruby to CATEGORIES. All ports using this module will be bumped.
tested in a bulk build and ok bernd@
2008-06-14 23:40:35 +00:00
jcs
d6bc2054d2 pass --verbose to gem to show full configure/build information to
behave like everything else does

ok bernd@
2008-06-10 15:40:44 +00:00
bernd
55e6d393df Security update to ruby-1.8.6.114. (CVE-2008-1145)
More information:
http://secunia.com/advisories/29232/
2008-03-29 12:05:27 +00:00
naddy
96a5171118 bump PKGNAME for PLIST changes 4.2 -> 4.3 2008-02-22 19:16:49 +00:00
bernd
b2b2bc351a Require a recent ruby-gems version to build gem ports.
Noticed by Paul Irofti. Thanks!
2008-02-08 17:13:15 +00:00
bernd
079fabd16e Fix indentation and remove useless regress stuff comments.
ok sturm@, msf@
2008-01-14 18:39:07 +00:00
bernd
340327fd48 Update to ruby-1.8.6 patchlevel 111.
This is a long overdue update which contains lots of bug fixes and some
security fixes.

Take over maintainership from msf@.

Tested by many. Thank you very much!

ok jcs@, msf@
2007-12-27 18:32:32 +00:00
bernd
14b016b8e1 Be more specific about the gem version in gem BUILD_DEPENDS to make sure
GEM_SKIPDEPENDS works correctly. (ruby-gems->=0.9.4p2)
2007-11-13 17:45:28 +00:00
bernd
63a5135786 Backout the ugly rev 1.12 hack. It's not needed anymore since we now have
GEM_SKIPDEPENDS.
2007-11-13 17:32:59 +00:00
bernd
e630dc9a9c Use the --skip-dependencies option with 'gem install' if GEM_SKIPDEPENDS
is defined in the port Makefile.

i.e. 'GEM_SKIPDEPENDS= hoe cgi_multipart_eof_fix'

This will install the gem port into the fake area even if the hoe and
cgi_multipart_eof_fix gems aren't installed.

ok jcs@, "sounds reasonable but I haven't really looked at it" msf@
2007-11-13 16:10:37 +00:00
bernd
17064650ea Unpack the gem metadata so we're able to patch it. This will
allow us to remove bogus dependencies from gems.

I need this for an upcoming ruby-mongrel update.

discussed with & ok sturm@
2007-11-05 20:55:03 +00:00
merdely
f525d52359 Remove surrounding quotes in COMMENT*/PERMIT_*/BROKEN 2007-09-16 00:27:05 +00:00
naddy
7682bff9fd bump package name to accommodate OpenBSD 4.1 -> 4.2 change in MODRUBY_ARCH 2007-07-27 19:17:11 +00:00
espie
9eafbbfb35 base64 checksums. 2007-04-05 16:19:55 +00:00
espie
f543241ba2 bump pkgnames after the 4.1 bump. 2007-02-13 23:47:13 +00:00
bernd
d952985c16 Fix an 'undefined symbol' error with openssl when using LD_BIND_NOW.
from markus@, ok msf@
2007-01-11 09:34:40 +00:00
msf
da421b73db add a missing include to rdoc. from ruby subversion, pointed out by ray@
bump PKGNAME
2006-12-31 01:04:09 +00:00
bernd
07b32cb93a Fix some more security problems in cgi.rb.
ok msf@
2006-12-04 13:26:51 +00:00
steven
bee72c9882 add MODRUBY_RUN_DEPENDS to help MULTI_PACKAGES
ok msf@
2006-12-01 14:04:06 +00:00
bernd
e9153a7d5f Add VMEM_WARNING=Yes. Building the ruby documentation consumes lots of
memory.

discussed with msf@
2006-11-27 09:52:52 +00:00
msf
1c166bbf7e remove the default CONFIGURE_STYLE and CONFIGURE_SCRIPT into the new
'ruby extconf' CONFIGURE_STYLE

this allows us to pull ruby.port.mk into fun things like subversion

ok bernd@
2006-11-27 09:36:14 +00:00
msf
8dc6071094 Change to SUBST_VARS+=
discussed and ok bernd@
2006-11-25 10:03:32 +00:00
bernd
872f8d2ac0 Switch to new MULTI_PACKAGES. ok espie@, msf@ 2006-11-24 09:45:08 +00:00
msf
0f7703305c unbreak no_x11 flavor. spotted by Jason LaRiviere. 2006-11-19 11:54:44 +00:00
bernd
182ef239b3 Security fix for CVE-2006-5467 from ruby CVS.
More info:
http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html
http://www.securityfocus.com/bid/20777/info

ok msf@
2006-11-02 12:46:13 +00:00
bernd
5df9d3851a Remove REV and SUB. All ruby ports are using the new variables now. 2006-10-28 21:52:02 +00:00
bernd
7e48f49f80 Args, LIB_DEPENDS should be correct now... Sorry. 2006-10-26 18:15:24 +00:00
bernd
cc19ce0907 Fix LIB_DEPENDS for subpackages and bump PKGNAMEs. 2006-10-26 17:57:16 +00:00
steven
27094c6fda bump PKGNAME after some packaging changes earlier
okay bernd
2006-10-22 08:45:39 +00:00
bernd
d38987df61 - Clean up Makfile to make it more readable.
- Better dependencies for the subpackages. Bump PKGNAMEs.

ok msf@
2006-10-19 01:03:17 +00:00
bernd
c1e377c812 Add code that allows us to patch gem files.
discussed with & ok sturm@
ok for an earlier version msf@
2006-10-18 13:41:36 +00:00
bernd
b2be6681a6 Update to ruby-1.8.5.
See http://eigenclass.org/hiki.rb?ruby+1.8.5+changelog for a summary of
changes.

tested by krw@
ok msf@, sturm@
2006-10-02 07:48:08 +00:00
sturm
f40b6dea93 add RUN_DEPENDS on ruby-gems for gems-based ports
bump PKGNAME where necessary

noticed by Ward Wouts <ward at wizeazz.nl> via markus, ok msf
2006-08-23 21:12:24 +00:00
bernd
62e5e54451 Explicitly depend on tk-8.4.*. This fixes package updates for ruby-tk if
more than one tk version is installed.

ok sturm@, msf@
2006-08-09 22:14:11 +00:00