Branches for Hoary

Author: akira yamada
Revision Date: 2004-12-23 12:51:28 UTC

* akira yamada <akira@debian.org>
- new upstream version, 1.8.2 preview4:
    - removed debian/patches/{10[01]_cvs_updates.patch,802_socket.c.patch,
      803_rexml_shiftjis.patch}. they ware included 1.8.2 preview4.
    - (urgency high) fixed segv bugs:
        - sprintf dumps core. [ruby-dev:25104]
        - DBM#select dumps core. [ruby-dev:25132]
        - Socket#listen dumps core. [ruby-dev:25149]
        - IO#reopen dumps core. [ruby-dev:25150]
        - OpenSSL::Digest::Digest.new dumps core.
          [ruby-dev:25187][ruby-dev:25198]
        - Dir.foreach dumps core. [ruby-dev:25242]
        - Zlib::Deflate.deflate dumps core. [ruby-dev:25226]
        - Struct.new dumps core. [ruby-dev:25249]
        - IO#eof? dumps core. [ruby-dev:25251]
        - OpenSSL::ASN1.traverse dumps core.
          [ruby-dev:25261][ruby-dev:25261]
        - DL::Symbol.new dumps core. [ruby-dev:25271]
    - fixed bugs:
        - removed debug print for jcode.rb. [ruby-dev:25156]
        - serializes un-serializeable remote exceptions as DRbRemoteError.
          [ruby-list:40390]
        - IO.open could not handle 'w+' mode. (closes: #283030)
        - (urgench high) temporal locking already locked string on
          simultaneous write. [ruby-dev:25050] (closes: #286195)
- added debian/patches/100_cvs_updates.patch:
    - IO#reopen restores exact mode. [ruby-core:04003]
- added debian/patches/801_syck_segv.patch:
    - YAML::Syck::Parser#load dumps core. [ruby-core:03973]
- debian/rules: configure with --disable-rpath.

Author: Ubuntu Archive Auto-Sync
Revision Date: 2005-08-22 17:41:09 UTC

Automated backport upload; no source changes.

Author: Kees Cook
Revision Date: 2006-10-27 16:09:26 UTC

* SECURITY UPDATE: remote denial of service in CGI module.
* Add 'debian/patches/913_CVE-2006-5467' patch from upstream.
* References
  http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html
  CVE-2006-5467