lp:ubuntu/intrepid-updates/ruby1.8

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

25. By Marc Deslauriers on 2009-07-15

* SECURITY UPDATE: certificate spoofing via invalid return value check
  in OCSP_basic_verify
  - debian/patches/906_security_CVE-2009-0642.dpatch: also check for -1
    return code in ext/openssl/ossl_ocsp.c.
  - CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
  argument that represents a large number (LP: #385436)
  - debian/patches/907_security_CVE-2009-1904.dpatch: handle large
    numbers properly in ext/bigdecimal/bigdecimal.c.
  - CVE-2009-1904

24. By Jamie Strandboge on 2008-11-20

debian/patches/905_short_named_constants.dpatch: Fix for short-named
constants regression (LP: #282302)

23. By Marc Deslauriers on 2009-07-15

* SECURITY UPDATE: certificate spoofing via invalid return value check
  in OCSP_basic_verify
  - debian/patches/906_security_CVE-2009-0642.dpatch: also check for -1
    return code in ext/openssl/ossl_ocsp.c.
  - CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
  argument that represents a large number (LP: #385436)
  - debian/patches/907_security_CVE-2009-1904.dpatch: handle large
    numbers properly in ext/bigdecimal/bigdecimal.c.
  - CVE-2009-1904

22. By Lucas Nussbaum on 2008-09-10

* New upstream release.
  - many patches in 1.8.7.22-4 were simply backported from upstream SVN, and
    are integrated into that release. We drop those:
    + 103_array_c_r17472_to_r17756.dpatch
    + 810_ruby187p22_fixes.dpatch
    + 811_multiple_vuln_200808.dpatch
  - Fixes the following security issues: (Closes: #494401)
    * Several vulnerabilities in safe level
    * DoS vulnerability in WEBrick
    * Lack of taintness check in dl
    * DNS spoofing vulnerability in resolv.rb (CVE-2008-1447)
* Applied debian/patches/168_rexml_dos.dpatch:
  Fix CVE-2008-3790 (REXML expansion DOS). Closes: #496808.

21. By daigo on 2008-06-20

* New upstream release.
* Fixed vulnerability: arbitrary code execution vulnerability and so on
  (Closes: #487238)

20. By daigo on 2008-06-11

* New upstream release.
* removed patches that the upstream has included:
  - debian/patches/201_erb_187_release.dpatch
  - debian/patches/202_delegate_187_release.dpatch
  - debian/patches/203_openssl_ctx_r187_release.dpatch
* debian/watch: it will report 1.8.\d-p\d* versions.

19. By daigo on 2008-06-04

[ Daigo Moriwaki ]
* applied debian/patches/201_erb_187_release.dpatch:
  - fixed a bug where tokens are not yilelded one by one.
  - fixed a bug caused by strscan incompatibility.
* applied debian/patches/202_delegate_187_release.dpatch:
  - fixed a bug caused by marshal.c incompatibility.

[ Lucas Nussbaum ]
* applied debian/patches/203_openssl_ctx_r187_release.dpatch:
  - might help with Debian bug #483974

18. By Michael Vogt on 2007-11-23

* Merge from debian unstable, remaining changes:
  - Adjust configure options for lpia.
  - add -g when build with noopt

17. By LaMont Jones on 2007-10-04

Trigger rebuild for hppa

16. By Matthias Klose on 2007-09-04

* Fix build failure on sparc N1 (Debian #393817).
* Add -g to CFLAGS.