[ruby/f15] Update to 1.8.7p357 Randomize hash on process startup (CVE-2011-4815, bug 750564)
Mamoru Tasaka
mtasaka at fedoraproject.org
Thu Dec 29 15:38:03 UTC 2011
commit 6b2b12b8b2718d865d52f6ec0602c6de34f459b0
Author: Mamoru Tasaka <tasaka1 at localhost.localdomain>
Date: Fri Dec 30 00:37:59 2011 +0900
Update to 1.8.7p357
Randomize hash on process startup (CVE-2011-4815, bug 750564)
.gitignore | 1 +
ruby.spec | 21 +++++++++++++++++++--
sources | 4 +---
3 files changed, 21 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a4c19e9..c1f83dd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz
/ruby-1.8.7-p334.tar.bz2
/ruby-1.8.7-p352.tar.bz2
/ruby-revc2dfaa7d40531aef3706bcc16f38178b0c6633ee-ext_tk.tar.gz
+/ruby-1.8.7-p357.tar.bz2
diff --git a/ruby.spec b/ruby.spec
index efc0ebf..78519d7 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -1,6 +1,6 @@
%global rubyxver 1.8
%global rubyver 1.8.7
-%global _patchlevel 352
+%global _patchlevel 357
%global dotpatchlevel %{?_patchlevel:.%{_patchlevel}}
%global patchlevel %{?_patchlevel:-p%{_patchlevel}}
@@ -17,14 +17,16 @@
Name: ruby
Version: %{rubyver}%{?dotpatchlevel}
-Release: 2%{?dist}
+Release: 1%{?dist}
# Please check if ruby upstream changes this to "Ruby or GPLv2+"
License: Ruby or GPLv2
URL: http://www.ruby-lang.org/
BuildRequires: compat-readline5-devel
BuildRequires: db4-devel
+%if 0%{?fedora} < 17
BuildRequires: gdbm-devel
+%endif
BuildRequires: libX11-devel
BuildRequires: ncurses-devel
BuildRequires: openssl-devel
@@ -200,6 +202,11 @@ popd
# when it is no longer needed.
sed -i.redirect -e '\@RUBY at s@\.rb >@\.rb | cat >@' %{name}-%{arcver}/ext/dl/depend
+# Disable gdbm support on F-17 for now
+%if 0%{?fedora} >= 17
+sed -i '\@dblib =@s|gdbm[^ ]*||g' %{name}-%{arcver}/ext/dbm/extconf.rb
+%endif
+
%build
pushd %{name}-%{arcver}
@@ -537,10 +544,20 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/ri
%changelog
+* Thu Dec 29 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.357-1
+- Update to 1.8.7p357
+- Randomize hash on process startup (CVE-2011-4815, bug 750564)
+
* Fri Dec 23 2011 Dennis Gilmore <dennis at ausil.us> - 1.8.7.352-2
- dont normalise arm cpus to arm
- there is something weird about how ruby choses where to put bits
+* Thu Nov 16 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.352-3
+- F-17: kill gdbm support for now due to licensing compatibility issue
+
+* Sat Oct 1 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.352-2
+- F-17: rebuild against new gdbm
+
* Sat Jul 16 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.352-1
- Update to 1.8.7 p352
- CVE-2011-2686 is fixed in this version (bug 722415)
diff --git a/sources b/sources
index e7e916e..1d94212 100644
--- a/sources
+++ b/sources
@@ -1,4 +1,2 @@
-fcc35655da3047f64650a526c179ade8 ruby-revf30eca26639ce538339bc488c7ed1fd397b0c13f-ext_tk.tar.gz
-2f14f604bf981bb938ab5fc8b09eb1a6 ruby-1.8.7-p334.tar.bz2
-0c61ea41d1b1183b219b9afe97f18f52 ruby-1.8.7-p352.tar.bz2
+3abd9e2a29f756a0d30c7bfca578cdeb ruby-1.8.7-p357.tar.bz2
01b1053cf357459349bf74363756ad41 ruby-revc2dfaa7d40531aef3706bcc16f38178b0c6633ee-ext_tk.tar.gz
More information about the scm-commits
mailing list