Ubuntu
ruby2.5 package

~bryce/ubuntu/+source/ruby2.5:sru.1835968-bionic

  1. Git
  2. lp:~bryce/ubuntu/+source/ruby2.5
  3. sru.1835968-bionic
Last commit made on 2019-07-25
Get this branch:
git clone -b sru.1835968-bionic https://git.launchpad.net/~bryce/ubuntu/+source/ruby2.5
Only Bryce Harrington can upload to this branch. If you are Bryce Harrington please log in for upload directions.

Branch merges

Branch information

Name:
sru.1835968-bionic
Repository:
lp:~bryce/ubuntu/+source/ruby2.5

Recent commits

9f3ad7b... by Bryce Harrington

changelog

0166485... by Bryce Harrington

  * Add d/p/restore_buffer_newline_check.patch to fix failure sending files with mixed newline encoding styles. (LP: #1835968)

b92de70... by Dimitri John Ledkov

Import patches-unapplied version 2.5.1-1ubuntu1.4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: dd286f3688914d8fb7d125f9a3c0f2ab9924a092

New changelog entries:
  * Cherrypick ruby-openssl upstream commits to fix compat with OpenSSL
    1.1.1 LP: #1797386

dd286f3... by Leonidas S. Barbosa

Import patches-unapplied version 2.5.1-1ubuntu1.2 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: ac8c9214ac6c8a939f508887443b62f926d11929

New changelog entries:
  * SECURITY UPDATE: Delete directory using symlink when decompressing tar,
    Escape sequence injection vulnerability in gem owner, Escape sequence
    injection vulnerability in API response handling, Arbitrary code exec,
    Escape sequence injection vulnerability in errors
    - debian/patches/CVE-2019-8320-25.patch: fix in
      lib/rubygems/command_manager.rb,
      lib/rubygems/commands/owner_command.rb,
      lib/rubygems/gemcutter_utilities.rb,
      lib/rubygems/installer.rb,
      lib/rubygems/package.rb,
      test/rubygems/test_gem_installer.rb,
      test/rubygems/test_gem_package.rb,
      test/rubygems/test_gem_text.rb.
    - CVE-2019-8320
    - CVE-2019-8321
    - CVE-2019-8322
    - CVE-2019-8323
    - CVE-2019-8324
    - CVE-2019-8325
  * Fixing expired SSL certs
    - debian/patches/fixing_expired_SSL_certs.patch: fix in
      test/net/fixtures/cacert.pem, test/net/fixtures/server.crt,
      test/net/fixtures/server.key.

ac8c921... by Leonidas S. Barbosa

Import patches-unapplied version 2.5.1-1ubuntu1.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 5c93f987805d32bcd9b9d27bd757007f83f24a5b

New changelog entries:
  * SECURITY UPDATE: Name equality check
    - debian/patches/CVE-2018-16395.patch: fix in
      ext/openssl/ossl_x509name.c.
    - CVE-2018-16395
  * SECURITY UPDATE: Tainted flags not propagted
    - debian/patches/CVE-2018-16396.patch: fix in
      pack.c, test/ruby/test_pack.rb.
    - CVE-2018-16396
  * Fixing tz tests for asia_tokyo test
    - debian/patches/fixing_tz_asia_tokyo_test.patch

5c93f98... by Matthias Klose

Import patches-unapplied version 2.5.1-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 6d6fe5fe26ae1d7b6dcf35932240dd6f59d8c203

New changelog entries:
  * Merge with Debian; remaining changes:
    - Mark some tests as failing on Launchpad.
    - Update symbols file.

6d6fe5f... by Antonio Terceiro

Import patches-unapplied version 2.5.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f4c6be78f826ab03c392686be22398572ed238e4

New changelog entries:
  * New upstream version 2.5.1.
    According to the release announcement, includes fixes for the following
    security issues:
    - CVE-2017-17742: HTTP response splitting in WEBrick
    - CVE-2018-6914: Unintentional file and directory creation with directory
      traversal in tempfile and tmpdir
    - CVE-2018-8777: DoS by large request in WEBrick
    - CVE-2018-8778: Buffer under-read in String#unpack
    - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
      UNIXServer and UNIXSocket
    - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in
      Dir
    - Multiple vulnerabilities in RubyGems
  * Refresh patches.
    Patches dropped for being already applied upstream:
    - 0005-Fix-tests-to-cope-with-updates-in-tzdata.patch
    - 0006-Rubygems-apply-upstream-patch-to-fix-multiple-vulner.patch
  * Add patch to fix FTBFS on ia64 (Closes: #889848)
  * Add simple autopkgtest to check for builtin extensions that are build
    against external dependencies (ssl, yaml, *dbm etc)
  * Add build-dependency on libgdbm-compat-dev (Closes: #892099)
  * debian/tests/excludes/any/TestTimeTZ.rb: ignore tests failing due to
    assumptions that don't hold on newer tzdata update. Upstream bug:
    https://bugs.ruby-lang.org/issues/14655
  * debian/libruby2.5.symbols: update with new symbol added in this release

f4c6be7... by Antonio Terceiro

Import patches-unapplied version 2.5.0-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 249eec5ff3d4512981f2a192639f1a444b9be40c

New changelog entries:
  * debian/rules: explicitly pass --runstatedir, --localstatedir, and
    --sysconfdir to ./configure

249eec5... by Antonio Terceiro

Import patches-unapplied version 2.5.0-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 18732c76324b46602d1c2f94e6fcc89de84bb2dc

New changelog entries:
  * Change Maintainer: to Debian Ruby Team
  * debian/patches/0005-Fix-tests-to-cope-with-updates-in-tzdata.patch: fix
    test failures after updates in the Japan timezone data (Closes: #889046)
  * debian/patches/0006-Rubygems-apply-upstream-patch-to-fix-multiple-vulner.patch:
    upgrade to Rubygems 2.7.6 to fix multiple vulnerabilities

18732c7... by Antonio Terceiro

Import patches-unapplied version 2.5.0-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f2a325b82238adbf467875639d2259791bcc0fff

New changelog entries:
  * debian/rules: pass --excludes-dir options to `make check` via $TESTS