From b1f489610b4971da56d93ebf1357dc9c220d7c81 Mon Sep 17 00:00:00 2001 From: TASAKA Mamoru Date: Jul 01 2013 02:45:15 +0000 Subject: Update to 1.9.3 p448 - Fix hostname check bypassing vulnerability in SSL client (CVE-2013-4073) --- diff --git a/.gitignore b/.gitignore index 606f3bf..2fe56c0 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz /ruby-1.9.3-p385.tar.gz /ruby-1.9.3-p392.tar.gz /ruby-1.9.3-p429.tar.gz +/ruby-1.9.3-p448.tar.gz diff --git a/ruby-1.9.3-fix-s390x-build.patch b/ruby-1.9.3-fix-s390x-build.patch deleted file mode 100644 index d0ade91..0000000 --- a/ruby-1.9.3-fix-s390x-build.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ruby-1.9.3-p0/ext/tk/extconf.rb.orig ruby-1.9.3-p0/ext/tk/extconf.rb ---- ruby-1.9.3-p0/ext/tk/extconf.rb.orig 2011-06-29 16:11:19.000000000 +0200 -+++ ruby-1.9.3-p0/ext/tk/extconf.rb 2011-10-18 16:15:59.406299659 +0200 -@@ -114,7 +114,7 @@ def is_macosx? - end - - def maybe_64bit? -- /64|universal/ =~ RUBY_PLATFORM -+ /64|universal|s390x/ =~ RUBY_PLATFORM - end - - def check_tcltk_version(version) diff --git a/ruby.spec b/ruby.spec index 89e29a6..2d97373 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,7 +1,7 @@ %global major_version 1 %global minor_version 9 %global teeny_version 3 -%global patch_level 429 +%global patch_level 448 %global major_minor_version %{major_version}.%{minor_version} @@ -56,7 +56,7 @@ Version: %{ruby_version_patch_level} # we cannot reset the release number to 1 even when the main (ruby) version # is updated - because it may be that the versions of sub-components don't # change. -Release: 30%{?dist} +Release: 31%{?dist} Group: Development/Languages # Public Domain for example for: include/ruby/st.h, strftime.c, ... License: (Ruby or BSD) and Public Domain @@ -74,7 +74,8 @@ Patch2: ruby-1.9.3-added-site-and-vendor-arch-flags.patch # some differencies in build between Fedora and RHEL. Patch3: ruby-1.9.3-always-use-i386.patch # http://redmine.ruby-lang.org/issues/5465 -Patch4: ruby-1.9.3-fix-s390x-build.patch +# Fixed in 1.9.3 p448 +#Patch4: ruby-1.9.3-fix-s390x-build.patch # Fix the uninstaller, so that it doesn't say that gem doesn't exist # when it exists outside of the GEM_HOME (already fixed in the upstream) Patch5: ruby-1.9.3-rubygems-1.8.11-uninstaller.patch @@ -343,7 +344,7 @@ Tcl/Tk interface for the object-oriented scripting language Ruby. %patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 +#%%patch4 -p1 %patch5 -p1 %patch8 -p1 %patch9 -p1 @@ -775,6 +776,11 @@ make check TESTS="-v $DISABLE_TESTS" %{ruby_libdir}/tkextlib %changelog +* Mon Jul 1 2013 Mamoru TASAKA - 1.9.3.448-31 +- Update to 1.9.3 p448 +- Fix hostname check bypassing vulnerability in SSL client + (CVE-2013-4073) + * Thu May 16 2013 Mamoru TASAKA - 1.9.3.429-30 - Update to 1.9.3 p429 - Fix object taint bypassing in DL and Fiddle (CVE-2013-2065) diff --git a/sources b/sources index 2f5abc8..8e4d44c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -993c72f7f805a9eb453f90b0b7fe0d2b ruby-1.9.3-p429.tar.gz +a893cff26bcf351b8975ebf2a63b1023 ruby-1.9.3-p448.tar.gz