[rubygem-activesupport/el5] Update to 2.3.18 in el5

Michael Stahnke stahnma at fedoraproject.org
Wed Oct 22 05:23:21 UTC 2014 

commit 98f03e9a31d228ee03b293827c59606973e0da83
Author: Michael Stahnke <stahnma at puppetlabs.com>
Date:   Wed Oct 22 05:21:04 2014 +0000

    Update to 2.3.18 in el5
    
    This is a long-overdue rollup of security fixes for what's needed in
    epel5.
    
    - Obsolete patch for CVE-2009-3009 fixed in 2.3.4
    - Bug 905373 - CVE-2013-0333 fixed in 2.3.16
    - Bug 731435 - CVE-2011-2932
    - Bug 731435, 731450 - CVE-2011-2932 fixed in 2.3.8

 .gitignore                 |    1 +
 rubygem-activesupport.spec |   21 ++++++++++-----------
 sources                    |    2 +-
 3 files changed, 12 insertions(+), 12 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index da24ebe..bb75c88 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 activesupport-2.1.1.gem
+/activesupport-2.3.18.gem
diff --git a/rubygem-activesupport.spec b/rubygem-activesupport.spec
index 12bb668..1d2387a 100644
--- a/rubygem-activesupport.spec
+++ b/rubygem-activesupport.spec
@@ -7,14 +7,12 @@
 Summary: Support and utility classes used by the Rails framework
 Name: rubygem-%{gemname}
 
-Version: 2.1.1
-Release: 2%{?dist}
+Version: 2.3.18
+Release: 1%{?dist}
 Group: Development/Languages
 License: MIT
 URL: http://www.rubyonrails.org
 Source0: http://gems.rubyforge.org/gems/%{gemname}-%{version}.gem
-# http://weblog.rubyonrails.org/2009/9/4/xss-vulnerability-in-ruby-on-rails
-Patch0:  rubygem-activesupport-2.1.x-CVE-2009-3009.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: rubygems
 BuildRequires: rubygems
@@ -35,13 +33,8 @@ mkdir -p %{buildroot}%{gemdir}
 gem install --local --install-dir %{buildroot}%{gemdir} \
             --force --rdoc %{SOURCE0}
 
-pushd %{buildroot}%{geminstdir}
-patch -s -p2 --fuzz=0 < %{PATCH0}
-popd
-
 # Remove bad shebangs
-for f in %{buildroot}%{geminstdir}/lib/active_support/multibyte/generators/generate_tables.rb \
-         %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder.rb \
+for f in %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder.rb \
          %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/blankslate.rb \
          %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder/* ; do
   sed -i -e '1s/^\#!.*$//' $f
@@ -55,7 +48,6 @@ rm -rf %{buildroot}
 %dir %{geminstdir}
 %doc %{geminstdir}/CHANGELOG
 %{geminstdir}/lib
-%{geminstdir}/test/
 %doc %{geminstdir}/README
 %doc %{gemdir}/doc/%{gemname}-%{version}
 %{gemdir}/cache/%{gemname}-%{version}.gem
@@ -63,6 +55,13 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Tue Oct 21 2014 Michael Stahnke <stahnma at fedoraproject.org> - -2.3.18-1
+- Update to 2.3.18
+- Obsolete patch for CVE-2009-3009 fixed in 2.3.4
+- Bug 905373 - CVE-2013-0333 fixed in 2.3.16
+- Bug 731435 - CVE-2011-2932
+- Bug 731435, 731450 - CVE-2011-2932 fixed in 2.3.8
+
 * Mon Sep 21 2009 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2.1.1-2
 - Patch for CVE-2009-3009 (bug 520843)
 
diff --git a/sources b/sources
index 1470393..1db8d16 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-b2890eaec0ff89ef7aac5ac7ccf3099f  activesupport-2.1.1.gem
+d8624adf97f780bda15bb239da86d67d  activesupport-2.3.18.gem

More information about the scm-commits mailing list