From 556d824d52e0a3a0c37d91e3cc445cbee5c18153 Mon Sep 17 00:00:00 2001 From: TASAKA Mamoru Date: Feb 25 2013 01:59:52 +0000 Subject: Update to 1.9.3 p392 - Fix entity expansion DoS vulnerability in REXML (bug 914716) --- diff --git a/.gitignore b/.gitignore index f5ae591..6a939a7 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz /ruby-1.9.3-p362.tar.gz /ruby-1.9.3-p374.tar.gz /ruby-1.9.3-p385.tar.gz +/ruby-1.9.3-p392.tar.gz diff --git a/ruby.spec b/ruby.spec index 887454d..bfa0754 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,7 +1,7 @@ %global major_version 1 %global minor_version 9 %global teeny_version 3 -%global patch_level 385 +%global patch_level 392 %global major_minor_version %{major_version}.%{minor_version} @@ -43,7 +43,7 @@ %global rdoc_version 3.9.5 %global bigdecimal_version 1.1.0 %global io_console_version 0.3 -%global json_version 1.5.4 +%global json_version 1.5.5 %global minitest_version 2.5.1 %global _normalized_cpu %(echo %{_target_cpu} | sed 's/^ppc/powerpc/;s/i.86/i386/;s/sparcv./sparc/') @@ -56,7 +56,7 @@ Version: %{ruby_version_patch_level} # we cannot reset the release number to 1 even when the main (ruby) version # is updated - because it may be that the versions of sub-components don't # change. -Release: 28%{?dist} +Release: 29%{?dist} Group: Development/Languages # Public Domain for example for: include/ruby/st.h, strftime.c, ... License: (Ruby or BSD) and Public Domain @@ -778,6 +778,10 @@ make check TESTS="-v $DISABLE_TESTS" %{ruby_libdir}/tkextlib %changelog +* Mon Feb 25 2013 Mamoru TASAKA - 1.9.3.392-29 +- Update to 1.9.3 p392 +- Fix entity expansion DoS vulnerability in REXML (bug 914716) + * Mon Feb 11 2013 Mamoru TASAKA - 1.9.3.385-28 - Update to 1.9.3 p385 diff --git a/sources b/sources index 2c2210c..6849aa1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3e0d7f8512400c1a6732327728a56f1d ruby-1.9.3-p385.tar.gz +f689a7b61379f83cbbed3c7077d83859 ruby-1.9.3-p392.tar.gz