Package: ruby1.8 / 1.8.7.358-7.1+deb7u3

Metadata

Package Version Patches format
ruby1.8 1.8.7.358-7.1+deb7u3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
102_configure.in crosscompile.patch | (download)

configure.in | 20 19 + 1 - 0 !
1 file changed, 19 insertions(+), 1 deletion(-)

 patch for debian bug #341256
replace AC_FUNC_SETPGRP with something that works when cross-compiling

803_soap_massmem.patch | (download)

lib/soap/baseData.rb | 39 16 + 23 - 0 !
lib/soap/mapping/mapping.rb | 37 24 + 13 - 0 !
lib/soap/mapping/registry.rb | 25 13 + 12 - 0 !
lib/soap/mapping/wsdlliteralregistry.rb | 32 11 + 21 - 0 !
lib/soap/rpc/driver.rb | 16 3 + 13 - 0 !
lib/xsd/charset.rb | 2 1 + 1 - 0 !
6 files changed, 68 insertions(+), 83 deletions(-)

 fix for debian bug #393685 - soap4r consumes too much memory
This was not backported into ruby 1.8 upstream (and soap is no
longer shipped with ruby 1.9)
refreshed for 1.8.7.72 so it can unapply - only whitespace changes.

808_rexml_document_transitive.patch | (download)

lib/rexml/document.rb | 1 1 + 0 - 0 !
lib/rexml/element.rb | 1 1 + 0 - 0 !
lib/rexml/formatters/transitive.rb | 4 3 + 1 - 0 !
3 files changed, 5 insertions(+), 1 deletion(-)

 rexml::document#write(io, 1, true, true) raises nameerror/argumenterror

809_update_lib_README.patch | (download)

lib/README | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

 no description.

901_ri_pager.patch | (download)

lib/rdoc/ri/ri_display.rb | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 debian specific patch

902_extra_search_path.patch | (download)

configure.in | 13 13 + 0 - 0 !
ruby.c | 6 6 + 0 - 0 !
2 files changed, 19 insertions(+)

 debian specific patch

903_rdoc_documents.patch | (download)

ext/.document | 2 2 + 0 - 0 !
lib/cgi/.document | 2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 1 deletion(-)

 some files in the ruby source provide rdoc comments, but are not
included in a default rdoc run. This patch allows to generate the doc
for those files as well.
Debian specific patch

090613_exclude_rdoc.patch | (download)

common.mk | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 exclude files from the rdoc generation.
- mkconfig.rb, which causes an error.
- test_*.rb, which are test cases. 

090812_openssl_x509_warning.patch | (download)

ext/openssl/ossl_x509ext.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 suppress warning.
this is backport of a part of r21772.

100730_disable_getsetcontext_on_nptl.patch | (download)

configure.in | 20 17 + 3 - 0 !
1 file changed, 17 insertions(+), 3 deletions(-)

 backport upstream commits 28404 and 28595 from ruby_1_8 branch
Upstream-bug: http://redmine.ruby-lang.org/issues/show/2553
Ubuntu-bug: https://bugs.launchpad.net/ubuntu/+source/ruby1.8/+bug/307462


100730_verbose tests.patch | (download)

common.mk | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 run tests in verbose mode

100901_threading_fixes.patch | (download)

process.c | 6 2 + 4 - 0 !
signal.c | 12 6 + 6 - 0 !
2 files changed, 8 insertions(+), 10 deletions(-)

---
110703_CVE 2011 0188.patch | (download)

ext/bigdecimal/bigdecimal.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 backport of http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993 (ruby_1.9 branch) to fix CVE-2011-0188

Bug: #628452

tcltk no rpath.patch | (download)

ext/tk/extconf.rb | 12 6 + 6 - 0 !
1 file changed, 6 insertions(+), 6 deletions(-)

 disable rpath in the tcltk extension

use ldflags.patch | (download)

Makefile.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 use ldflags from environment (dpkg-buildflags).
 Necessary for hardening flags.
CVE 2012 4481.patch | (download)

error.c | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 avoid breaking safefity in strings passed to exception#to_s
 Fixes CVE-2012-4481
Bug-Debian: http://bugs.debian.org/689945
CVE 2013 1821.patch | (download)

lib/rexml/document.rb | 12 12 + 0 - 0 !
lib/rexml/text.rb | 52 25 + 27 - 0 !
test/rexml/test_document.rb | 19 19 + 0 - 0 !
3 files changed, 56 insertions(+), 27 deletions(-)

 fix entity expansion dos vulnerability in rexml
 CVE-2013-1821
CVE 2013 4073.patch | (download)

ext/openssl/lib/openssl/ssl-internal.rb | 18 13 + 5 - 0 !
test/openssl/test_ssl.rb | 30 30 + 0 - 0 !
2 files changed, 43 insertions(+), 5 deletions(-)

 fix hostname check bypassing vulnerability in ssl client
 CVE-2013-4073: Hostname identity check did not properly handle
 hostnames in the certificate that contain null bytes.
CVE 2013 4164.patch | (download)

test/ruby/test_float.rb | 5 5 + 0 - 0 !
util.c | 14 12 + 2 - 0 !
2 files changed, 17 insertions(+), 2 deletions(-)

 fix heap overflow in floating point parsing
 This vulnerability is tracked with CVE-2013-4164.
 .
 https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released/
CVE 2014 8080.patch | (download)

lib/rexml/entity.rb | 6 6 + 0 - 0 !
test/rexml/test_document.rb | 27 27 + 0 - 0 !
2 files changed, 33 insertions(+)

 fix cve-2014-8080
CVE 2014 8090.patch | (download)

lib/rexml/document.rb | 4 4 + 0 - 0 !
lib/rexml/entity.rb | 1 1 + 0 - 0 !
test/rexml/test_document.rb | 51 51 + 0 - 0 !
3 files changed, 56 insertions(+)

 fix cve-2014-8090
CVE 2015 1855.patch | (download)

ext/openssl/lib/openssl/ssl-internal.rb | 62 58 + 4 - 0 !
test/openssl/test_ssl.rb | 150 150 + 0 - 0 !
2 files changed, 208 insertions(+), 4 deletions(-)

 fix openssl hostname verification
 Backported from the Ruby 2.0 branch. See
 https://bugs.ruby-lang.org/issues/9644 for details.