lp:~javier-lopez/ubuntu/vivid/ruby1.9.1/fix-1426828

Branch merges

Propose for merging

No branches dependent on this one.

Rejected for merging into lp:ubuntu/vivid/ruby1.9.1

Martin Pitt: Disapprove on 2015-05-29

Diff: 26 lines (+7/-1)

2 files modified

debian/changelog (+6/-0)
debian/control (+1/-1)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #1426828: libruby1.9.1 shouldn't install ruby - remove ruby1.9.1

Undecided

Fix Released

Link a bug report

Related blueprints

35. By Javier López on 2015-03-01

Rollback libruby1.9.1 dependency on ruby1.9.1 (LP: #1426828)

34. By Matthias Klose on 2014-04-29

Stop building the libtcltk-ruby1.9.1 package.

33. By Adam Conrad on 2014-02-14

* Merge from Debian unstable. Remaining changes:
  - debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
  - debian/rules: Don't install SSL certificates from upstream sources
  - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
    /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
  - debian/patches/20131218-stack-size.patch: Increase thread stack
    size on 64-bit platforms to prevent testsuite failure on ppc64el.
  - Build-depend on Tcl/Tk 8.5, ruby is not yet ready for Tcl/Tk 8.6.

32. By Matthias Klose on 2014-01-04

Build-depend on tcl8.5-dev and tk8.5-dev, ruby is not yet ready
for Tcl/Tk 8.6.

31. By Adam Conrad on 2013-12-18

* Merge from Debian unstable. Remaining changes:
  - debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
  - debian/rules: Don't install SSL certificates from upstream sources
  - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
    /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
* Drop debian/patches/CVE-2013-4164.patch; applied upstream.
* debian/patches/20131218-stack-size.patch: Increase thread stack
  size on 64-bit platforms to prevent testsuite failure on ppc64el.

30. By Marc Deslauriers on 2013-11-25

* SECURITY UPDATE: denial of service and possible code execution via
  heap overflow in floating point parsing.
  - debian/patches/CVE-2013-4164.patch: check lengths in util.c, added
    test to test/ruby/test_float.rb.
  - CVE-2013-4164

29. By Marc Deslauriers on 2013-11-25

* Merge from Debian. Remaining changes:
  - debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
  - debian/rules: Don't install SSL certificates from upstream sources
  - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
    /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.

28. By Marc Deslauriers on 2013-07-08

* SECURITY UPDATE: incorrect ssl hostname verification
  - debian/patches/CVE-2013-4073.patch: fix hostname check and regression
    in ext/openssl/lib/openssl/ssl-internal.rb, added test to
    test/openssl/test_ssl.rb.
  - CVE-2013-4073

27. By Marc Deslauriers on 2013-03-25

* Merge from Debian testing. Remaining changes:
  - debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
  - debian/rules: Don't install SSL certificates from upstream sources
  - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
    /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
  - debian/patches/CVE-2012-4522.patch: Adjust patch to fix build test
    error. Use the version of the fix from upstream's 1.9.3 tree to fix
    the NoMethodError for assert_file_not, which doesn't exist in 1.9.3.
    Adjust the Origin patch tag accordingly.

26. By Tyler Hicks on 2013-02-21

* Merge from Debian testing (LP: #1131493). Remaining changes:
  - debian/control: Add ca-certificates to libruby1.9.1 depends so that
    rubygems can perform certificate verification
  - debian/rules: Don't install SSL certificates from upstream sources
  - debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
    /etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
* Changes dropped:
  - debian/patches/20121016-cve_2012_4522.patch: Debian is carrying a patch
    for this issue.
  - debian/patches/20121011-cve_2012_4464-cve_2012_4466.patch: Debian is
    carrying a patch for this issue, but the patch is incorrectly named
    20120927-cve_2011_1005.patch. I'll work with Debian to change the patch
    name, but there's no need in carrying a delta because of this. To be
    clear, the Ubuntu ruby1.9.1 package is patched for CVE-2012-4464 and
    CVE-2012-4466, despite the incorrect patch name.
* debian/patches/CVE-2012-4522.patch: Adjust patch to fix build test error.
  Use the version of the fix from upstream's 1.9.3 tree to fix the
  NoMethodError for assert_file_not, which doesn't exist in 1.9.3. Adjust
  the Origin patch tag accordingly.