[ruby/f16] Also backport fix for the left part of CVE-2011-1005 (causing the

Mamoru Tasaka mtasaka at fedoraproject.org
Fri Oct 5 09:33:29 UTC 2012 

commit f95865cef3d0a40481629ea3233aba84b3eac0ca
Author: TASAKA Mamoru <mtasaka at localhost.localdomain>
Date:   Fri Oct 5 18:26:21 2012 +0900

    Also backport fix for the left part of CVE-2011-1005 (causing the
    
      same issue as CVE-2012-4464)
      (Vít Ondruch <vondruch at redhat.com>)

 ruby-1.8.7-p358-CVE-2012-4464-4466.patch |   29 +++++++++++++++++++++++++++++
 ruby-1.8.7-p358-CVE-2012-4466.patch      |   13 -------------
 ruby.spec                                |    9 +++++++--
 3 files changed, 36 insertions(+), 15 deletions(-)
---
diff --git a/ruby-1.8.7-p358-CVE-2012-4464-4466.patch b/ruby-1.8.7-p358-CVE-2012-4464-4466.patch
new file mode 100644
index 0000000..6787d6f
--- /dev/null
+++ b/ruby-1.8.7-p358-CVE-2012-4464-4466.patch
@@ -0,0 +1,29 @@
+Backported fix for CVE-2012-4464,4466 on trunk:rev37068 to 1.8.7 branch.
+Note that for ruby-1.8 branch, there was a fix for CVE-2011-1005 on rev 30903,
+however the fix proved to be incomplete.
+
+Mamoru Tasaka <mtasaka at fedoraproject.org>
+
+
+--- ruby-1.8.7-p358/error.c.sec	2011-02-18 21:32:35.000000000 +0900
++++ ruby-1.8.7-p358/error.c	2012-10-04 23:58:12.000000000 +0900
+@@ -665,9 +665,11 @@
+ 
+     if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));
+     StringValue(str);
++#if 0
+     if (str != mesg) {
+ 	OBJ_INFECT(str, mesg);
+     }
++#endif
+     return str;
+ }
+ 
+@@ -757,7 +759,6 @@
+ 	args[2] = d;
+ 	mesg = rb_f_sprintf(3, args);
+     }
+-    if (OBJ_TAINTED(obj)) OBJ_TAINT(mesg);
+     return mesg;
+ }
+ 
diff --git a/ruby.spec b/ruby.spec
index e1c2cdd..b021b11 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -17,7 +17,7 @@
 
 Name:		ruby
 Version:	%{rubyver}%{?dotpatchlevel}
-Release:	3%{?dist}
+Release:	4%{?dist}
 # Please check if ruby upstream changes this to "Ruby or GPLv2+"
 License:	Ruby or GPLv2
 URL:		http://www.ruby-lang.org/
@@ -64,7 +64,7 @@ Patch33:	ruby-1.8.7-p249-mkmf-use-shared.patch
 # bug 718695
 Patch34:	ruby-1.8.7-p352-path-uniq.patch
 # Backported fix for CVE-2012-4466 on trunk:rev37068 to 1.8.7 branch
-Patch35:	ruby-1.8.7-p358-CVE-2012-4466.patch
+Patch35:	ruby-1.8.7-p358-CVE-2012-4464-4466.patch
 # Change ruby load path to conform to Fedora/ruby
 # library placement (various 1.8.6 patches consolidated into this)
 Patch100:	ruby-1.8.7-lib-paths.patch
@@ -547,6 +547,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/ri
 
 %changelog
+* Fri Oct 04 2012 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.358-4
+- Also backport fix for the left part of CVE-2011-1005 (causing the
+  same issue as CVE-2012-4464)
+  (Vít Ondruch <vondruch at redhat.com>)
+
 * Thu Oct 04 2012 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.8.7.358-3
 - Backport fix for CVE-2012-4466 on trunk:rev37068 to 1.8.7 branch

More information about the scm-commits mailing list