diff --git a/.cvsignore b/.cvsignore index 8b4ee53..ca8d1fe 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,25 +1,4 @@ -ruby-1.8.1.tar.gz -ruby-man-1.4.6.tar.bz2 +ruby-1.8.6-p287.tar.bz2 ruby-refm-rdp-1.8.1-ja-html.tar.gz -rubyfaq-990927.tar.bz2 -rubyfaq-jp-990927.tar.bz2 -*.rpm -*.gz -*.bz2 -ruby-1.8.2.tar.gz -ruby-1.8.3.tar.gz -ruby-1.8.4-preview1.tar.gz -ruby-1.8.4-preview2.tar.gz -ruby-1.8.4.tar.gz -ruby-1.8.5.tar.gz -ruby-1.8.5-p2.tar.gz -ruby-1.8.5-p12.tar.gz -ruby-1.8.6.tar.bz2 -ruby-1.8.6-p36.tar.bz2 -ruby-1.8.6-p110.tar.bz2 -ruby-1.8.6-p111.tar.bz2 rubyfaq-990927.tar.gz rubyfaq-jp-990927.tar.gz -ruby-1.8.6-p114.tar.bz2 -ruby-1.8.6-p230.tar.bz2 -ruby-1.8.6-p287.tar.bz2 diff --git a/import.log b/import.log new file mode 100644 index 0000000..b1b423b --- /dev/null +++ b/import.log @@ -0,0 +1 @@ +ruby-1_8_6_287-7_fc11:F-10:ruby-1.8.6.287-7.fc11.src.rpm:1237351889 diff --git a/ruby-1.8.6-p287-CVE-2008-5189.patch b/ruby-1.8.6-p287-CVE-2008-5189.patch new file mode 100644 index 0000000..2854826 --- /dev/null +++ b/ruby-1.8.6-p287-CVE-2008-5189.patch @@ -0,0 +1,14 @@ +--- lib/cgi.rb (revision 19665) ++++ lib/cgi.rb (working copy) +@@ -546,6 +546,11 @@ + when Hash + options = options.dup + end ++ options.each_value do |value| ++ if /\n(?![ \t])/ === value ++ raise ArgumentError, "potential HTTP header injection detected" ++ end ++ end + + unless options.has_key?("type") + options["type"] = "text/html" diff --git a/ruby-1.8.6-p287-remove-ssl-rand-range.patch b/ruby-1.8.6-p287-remove-ssl-rand-range.patch new file mode 100644 index 0000000..75bef4e --- /dev/null +++ b/ruby-1.8.6-p287-remove-ssl-rand-range.patch @@ -0,0 +1,113 @@ +diff -ur ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.c ruby-1.8.6-p287/ext/openssl/openssl_missing.c +--- ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.c 2007-02-13 00:01:19.000000000 +0100 ++++ ruby-1.8.6-p287/ext/openssl/openssl_missing.c 2009-03-15 05:32:31.000000000 +0100 +@@ -43,7 +43,7 @@ + { + return CRYPTO_set_ex_data(&str->ex_data, idx, data); + } +- ++ + void *X509_STORE_get_ex_data(X509_STORE *str, int idx) + { + return CRYPTO_get_ex_data(&str->ex_data, idx); +@@ -113,7 +113,7 @@ + #endif + + #if !defined(HAVE_EVP_CIPHER_CTX_COPY) +-/* ++/* + * this function does not exist in OpenSSL yet... or ever?. + * a future version may break this function. + * tested on 0.9.7d. +@@ -182,12 +182,12 @@ + (ASN1_STRING *)(*a)->serialNumber, + (ASN1_STRING *)(*b)->serialNumber)); + } +- ++ + int + X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) + { + X509_CRL_INFO *inf; +- ++ + inf = crl->crl; + if (!inf->revoked) + inf->revoked = sk_X509_REVOKED_new(OSSL_X509_REVOKED_cmp); +@@ -233,54 +233,6 @@ + } + #endif + +-#if !defined(HAVE_BN_RAND_RANGE) || !defined(HAVE_BN_PSEUDO_RAND_RANGE) +-static int +-bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) +-{ +- int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; +- int n; +- +- if (range->neg || BN_is_zero(range)) return 0; +- +- n = BN_num_bits(range); +- +- if (n == 1) { +- if (!BN_zero(r)) return 0; +- } else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) { +- do { +- if (!bn_rand(r, n + 1, -1, 0)) return 0; +- if (BN_cmp(r ,range) >= 0) { +- if (!BN_sub(r, r, range)) return 0; +- if (BN_cmp(r, range) >= 0) +- if (!BN_sub(r, r, range)) return 0; +- } +- } while (BN_cmp(r, range) >= 0); +- } else { +- do { +- if (!bn_rand(r, n, -1, 0)) return 0; +- } while (BN_cmp(r, range) >= 0); +- } +- +- return 1; +-} +-#endif +- +-#if !defined(HAVE_BN_RAND_RANGE) +-int +-BN_rand_range(BIGNUM *r, BIGNUM *range) +-{ +- return bn_rand_range(0, r, range); +-} +-#endif +- +-#if !defined(HAVE_BN_PSEUDO_RAND_RANGE) +-int +-BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range) +-{ +- return bn_rand_range(1, r, range); +-} +-#endif +- + #if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE) + #define OPENSSL_CONF "openssl.cnf" + char * +@@ -315,7 +267,7 @@ + { + int i,j; + const char *prompt; +- ++ + if (key) { + i = strlen(key); + i = (i > num) ? num : i; +diff -ur ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.h ruby-1.8.6-p287/ext/openssl/openssl_missing.h +--- ruby-1.8.6-p287.orig/ext/openssl/openssl_missing.h 2008-08-04 06:43:34.000000000 +0200 ++++ ruby-1.8.6-p287/ext/openssl/openssl_missing.h 2009-03-15 05:33:56.000000000 +0100 +@@ -120,8 +120,6 @@ + int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); + int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); +-int BN_rand_range(BIGNUM *r, BIGNUM *range); +-int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range); + char *CONF_get1_default_config_file(void); + int PEM_def_callback(char *buf, int num, int w, void *key); + +Only in ruby-1.8.6-p287/ext/openssl: .openssl_missing.h.swp diff --git a/ruby-1.8.6-rexml-CVE-2008-3790.patch b/ruby-1.8.6-rexml-CVE-2008-3790.patch index 2ce6e1f..2db8dd6 100644 --- a/ruby-1.8.6-rexml-CVE-2008-3790.patch +++ b/ruby-1.8.6-rexml-CVE-2008-3790.patch @@ -12,7 +12,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/ @@ -200,6 +201,27 @@ module REXML Parsers::StreamParser.new( source, listener ).parse end - + + @@entity_expansion_limit = 10_000 + + # Set the entity expansion limit. By defualt the limit is set to 10000. @@ -26,7 +26,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/ + end + + attr_reader :entity_expansion_count -+ ++ + def record_entity_expansion + @entity_expansion_count += 1 + if @entity_expansion_count > @@entity_expansion_limit @@ -44,7 +44,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/entity.rb ruby-1.8.6-p287/lib/rexml/en # all entities -- both %ent; and &ent; entities. This differs from # +value()+ in that +value+ only replaces %ent; entities. def unnormalized -+ document.record_entity_expansion ++ document.record_entity_expansion unless document.nil? v = value() return nil if v.nil? @unnormalized = Text::unnormalize(v, parent) diff --git a/ruby-always-use-i386.patch b/ruby-always-use-i386.patch new file mode 100644 index 0000000..9dc8c87 --- /dev/null +++ b/ruby-always-use-i386.patch @@ -0,0 +1,11 @@ +--- ruby-1.8.6-p287/configure.in.i386 2009-03-16 00:55:15.000000000 +0900 ++++ ruby-1.8.6-p287/configure.in 2009-03-16 01:42:41.000000000 +0900 +@@ -1662,6 +1662,8 @@ + configure_args=$ac_configure_args + AC_SUBST(configure_args)dnl + ++target_cpu=`echo $target_cpu | sed s/i.86/i386/` ++ + if test "$fat_binary" != no ; then + arch="fat-${target_os}" + diff --git a/ruby.spec b/ruby.spec index 2206c3b..bd7e080 100644 --- a/ruby.spec +++ b/ruby.spec @@ -8,11 +8,11 @@ # This is required to ensure that noarch files puts under /usr/lib/... for # multilib because ruby library is installed under /usr/{lib,lib64}/ruby anyway. %define sitedir2 %{_prefix}/lib/ruby/site_ruby -%define _normalized_cpu %(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/'`) +%define _normalized_cpu %(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`) Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 2%{?dist} +Release: 7%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -34,7 +34,10 @@ Patch21: ruby-deprecated-sitelib-search-path.patch Patch22: ruby-deprecated-search-path.patch Patch23: ruby-multilib.patch Patch25: ruby-1.8.6.111-gcc43.patch -Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch +Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch +Patch27: ruby-1.8.6-p287-CVE-2008-5189.patch +Patch28: ruby-1.8.6-p287-remove-ssl-rand-range.patch +Patch29: ruby-always-use-i386.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -154,6 +157,9 @@ pushd %{name}-%{arcver} %endif %patch25 -p1 %patch26 -p1 +%patch27 -p0 +%patch28 -p1 +%patch29 -p1 popd %build @@ -165,7 +171,7 @@ autoconf rb_cv_func_strtod=no export rb_cv_func_strtod -CFLAGS="$RPM_OPT_FLAGS -Wall" +CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export CFLAGS %configure \ --with-sitedir='%{sitedir}' \ @@ -279,11 +285,11 @@ done find -type f | xargs chmod 0644 # convert to utf-8 -for i in `find -type f`; do - iconv -f utf-8 -t utf-8 $i > /dev/null 2>&1 || (iconv -f euc-jp -t utf-8 $i > $i.new && mv $i.new $i || exit 1) - if [ $? != 0 ]; then - iconv -f iso8859-1 -t utf-8 $i > $.new && mv $i.new $i || exit 1 - fi +for i in `find -type f ! -name "*.gif"`; do + sh -c "iconv -f utf-8 -t utf-8 $i > /dev/null 2>&1 || (iconv -f euc-jp -t utf-8 $i > $i.new && mv $i.new $i || exit 1) + if [ $? != 0 ]; then + iconv -f iso8859-1 -t utf-8 $i > $.new && mv $i.new $i || exit 1 + fi" done # done @@ -326,6 +332,8 @@ for i in $RPM_BUILD_ROOT%{_prefix}/lib/ruby/1.8/{abbrev,generator,irb/{cmd/subir sed -i -e '/^#!.*/,1D' $i done +find $RPM_BUILD_ROOT/ -name "*.so" -exec chmod 755 {} \; + %clean rm -rf $RPM_BUILD_ROOT rm -rf tmp-ruby-docs @@ -341,10 +349,10 @@ rm -rf tmp-ruby-docs %doc %{name}-%{arcver}/GPL %doc %{name}-%{arcver}/LEGAL %doc %{name}-%{arcver}/LGPL -%doc %{name}-%{arcver}/NEWS +%doc %{name}-%{arcver}/NEWS %doc %{name}-%{arcver}/README %lang(ja) %doc %{name}-%{arcver}/README.ja -%doc %{name}-%{arcver}/ToDo +%doc %{name}-%{arcver}/ToDo %doc %{name}-%{arcver}/doc/ChangeLog-1.8.0 %doc %{name}-%{arcver}/doc/NEWS-1.8.0 %doc tmp-ruby-docs/ruby/* @@ -504,6 +512,19 @@ rm -rf tmp-ruby-docs %{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el %changelog +* Wed Mar 18 2009 Jeroen van Meeuwen - 1.8.6.287-7 +- Fix regression in CVE-2008-3790 (#485383) + +* Mon Mar 16 2009 Mamoru Tasaka - 1.8.6.287-6 +- Again use -O2 optimization level +- i586 should search i386-linux directory + +* Thu Mar 05 2009 Jeroen van Meeuwen - 1.8.6.287-5 +- Rebuild for gcc4.4 + +* Fri Feb 27 2009 Jeroen van Meeuwen - 1.8.6.287-3 +- CVE-2008-5189: CGI header injection. + * Wed Oct 8 2008 Akira TAGOH - 1.8.6.287-2 - CVE-2008-3790: DoS vulnerability in the REXML module. @@ -882,8 +903,8 @@ rm -rf tmp-ruby-docs * Mon Dec 16 2002 Elliot Lee 1.6.7-13 - Remove ExcludeArch: x86_64 -- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long) - == sizeof(int). The patch does not fix the source of the problem, just +- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long) + == sizeof(int). The patch does not fix the source of the problem, just makes it a non-issue.) - _smp_mflags @@ -940,7 +961,7 @@ rm -rf tmp-ruby-docs removed. - ruby-1.6.7-100.patch: applied a bug fix patch. (ruby-dev#16274: patch for 'wm state') - (PR#206ja: SEGV handle EXIT) + (PR#206ja: SEGV handle EXIT) - ruby-1.6.7-101.patch: applied a bug fix patch. (ruby-list#34313: singleton should not be Marshal.dump'ed) (ruby-dev#16411: block local var) @@ -1041,7 +1062,7 @@ rm -rf tmp-ruby-docs * Thu Dec 14 2000 akira yamada - Removed ruby_cvs.2000101901.patch, added ruby_cvs.2000121413.patch (upgraded ruby to latest cvs version). -- Removed ruby-dev.11262.patch, ruby-dev.11265.patch, +- Removed ruby-dev.11262.patch, ruby-dev.11265.patch, and ruby-dev.11268.patch (included into above patch). * Sun Nov 12 2000 MACHINO, Satoshi 1.6.1-0vl9 @@ -1055,7 +1076,7 @@ rm -rf tmp-ruby-docs (upgraded ruby to latest cvs version). - Added ruby-dev.11262.patch. - Added ruby-dev.11265.patch. - + * Wed Oct 11 2000 akira yamada - Removed ruby_cvs.2000100313.patch and added ruby_cvs.2000101117.patch (upgraded ruby to latest cvs version). diff --git a/sources b/sources index 6e9470f..6c9de9d 100644 --- a/sources +++ b/sources @@ -1,5 +1,4 @@ -8336b859400795ec51d05878c1a658b7 ruby-man-1.4.6.tar.bz2 +80b5f3db12531d36e6c81fac6d05dda9 ruby-1.8.6-p287.tar.bz2 d65e3a216d6d345a2a6f1aa8758c2f75 ruby-refm-rdp-1.8.1-ja-html.tar.gz 634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz 4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz -80b5f3db12531d36e6c81fac6d05dda9 ruby-1.8.6-p287.tar.bz2