[rubygem-activesupport/el5] Update to 2.3.18 in el5
Michael Stahnke
stahnma at fedoraproject.org
Wed Oct 22 05:23:21 UTC 2014
commit 98f03e9a31d228ee03b293827c59606973e0da83
Author: Michael Stahnke <stahnma at puppetlabs.com>
Date: Wed Oct 22 05:21:04 2014 +0000
Update to 2.3.18 in el5
This is a long-overdue rollup of security fixes for what's needed in
epel5.
- Obsolete patch for CVE-2009-3009 fixed in 2.3.4
- Bug 905373 - CVE-2013-0333 fixed in 2.3.16
- Bug 731435 - CVE-2011-2932
- Bug 731435, 731450 - CVE-2011-2932 fixed in 2.3.8
.gitignore | 1 +
rubygem-activesupport.spec | 21 ++++++++++-----------
sources | 2 +-
3 files changed, 12 insertions(+), 12 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index da24ebe..bb75c88 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
activesupport-2.1.1.gem
+/activesupport-2.3.18.gem
diff --git a/rubygem-activesupport.spec b/rubygem-activesupport.spec
index 12bb668..1d2387a 100644
--- a/rubygem-activesupport.spec
+++ b/rubygem-activesupport.spec
@@ -7,14 +7,12 @@
Summary: Support and utility classes used by the Rails framework
Name: rubygem-%{gemname}
-Version: 2.1.1
-Release: 2%{?dist}
+Version: 2.3.18
+Release: 1%{?dist}
Group: Development/Languages
License: MIT
URL: http://www.rubyonrails.org
Source0: http://gems.rubyforge.org/gems/%{gemname}-%{version}.gem
-# http://weblog.rubyonrails.org/2009/9/4/xss-vulnerability-in-ruby-on-rails
-Patch0: rubygem-activesupport-2.1.x-CVE-2009-3009.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: rubygems
BuildRequires: rubygems
@@ -35,13 +33,8 @@ mkdir -p %{buildroot}%{gemdir}
gem install --local --install-dir %{buildroot}%{gemdir} \
--force --rdoc %{SOURCE0}
-pushd %{buildroot}%{geminstdir}
-patch -s -p2 --fuzz=0 < %{PATCH0}
-popd
-
# Remove bad shebangs
-for f in %{buildroot}%{geminstdir}/lib/active_support/multibyte/generators/generate_tables.rb \
- %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder.rb \
+for f in %{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder.rb \
%{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/blankslate.rb \
%{buildroot}%{geminstdir}/lib/active_support/vendor/builder-2.1.2/builder/* ; do
sed -i -e '1s/^\#!.*$//' $f
@@ -55,7 +48,6 @@ rm -rf %{buildroot}
%dir %{geminstdir}
%doc %{geminstdir}/CHANGELOG
%{geminstdir}/lib
-%{geminstdir}/test/
%doc %{geminstdir}/README
%doc %{gemdir}/doc/%{gemname}-%{version}
%{gemdir}/cache/%{gemname}-%{version}.gem
@@ -63,6 +55,13 @@ rm -rf %{buildroot}
%changelog
+* Tue Oct 21 2014 Michael Stahnke <stahnma at fedoraproject.org> - -2.3.18-1
+- Update to 2.3.18
+- Obsolete patch for CVE-2009-3009 fixed in 2.3.4
+- Bug 905373 - CVE-2013-0333 fixed in 2.3.16
+- Bug 731435 - CVE-2011-2932
+- Bug 731435, 731450 - CVE-2011-2932 fixed in 2.3.8
+
* Mon Sep 21 2009 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2.1.1-2
- Patch for CVE-2009-3009 (bug 520843)
diff --git a/sources b/sources
index 1470393..1db8d16 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-b2890eaec0ff89ef7aac5ac7ccf3099f activesupport-2.1.1.gem
+d8624adf97f780bda15bb239da86d67d activesupport-2.3.18.gem
More information about the scm-commits
mailing list