Tree - rpms/ruby - src.fedoraproject.org

Blob History Raw

TASAKA Mamoru	f95865c	`Backported fix for CVE-2012-4464,4466 on trunk:rev37068 to 1.8.7 branch.`
TASAKA Mamoru	f95865c	`Note that for ruby-1.8 branch, there was a fix for CVE-2011-1005 on rev 30903,`
TASAKA Mamoru	f95865c	`however the fix proved to be incomplete.`
TASAKA Mamoru	f95865c
TASAKA Mamoru	f95865c	`Mamoru Tasaka <mtasaka@fedoraproject.org>`
TASAKA Mamoru	f95865c
TASAKA Mamoru	f95865c
TASAKA Mamoru	f95865c	`--- ruby-1.8.7-p358/error.c.sec 2011-02-18 21:32:35.000000000 +0900`
TASAKA Mamoru	f95865c	`+++ ruby-1.8.7-p358/error.c 2012-10-04 23:58:12.000000000 +0900`
TASAKA Mamoru	f95865c	`@@ -665,9 +665,11 @@`
TASAKA Mamoru	f95865c
TASAKA Mamoru	f95865c	`if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));`
TASAKA Mamoru	f95865c	`StringValue(str);`
TASAKA Mamoru	f95865c	`+#if 0`
TASAKA Mamoru	f95865c	`if (str != mesg) {`
TASAKA Mamoru	f95865c	`OBJ_INFECT(str, mesg);`
TASAKA Mamoru	f95865c	`}`
TASAKA Mamoru	f95865c	`+#endif`
TASAKA Mamoru	f95865c	`return str;`
TASAKA Mamoru	f95865c	`}`
TASAKA Mamoru	f95865c
TASAKA Mamoru	f95865c	`@@ -757,7 +759,6 @@`
TASAKA Mamoru	f95865c	`args[2] = d;`
TASAKA Mamoru	f95865c	`mesg = rb_f_sprintf(3, args);`
TASAKA Mamoru	f95865c	`}`
TASAKA Mamoru	f95865c	`- if (OBJ_TAINTED(obj)) OBJ_TAINT(mesg);`
TASAKA Mamoru	f95865c	`return mesg;`
TASAKA Mamoru	f95865c	`}`
TASAKA Mamoru	f95865c