lp:ubuntu/intrepid-security/ruby1.9

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

23. By Marc Deslauriers on 2010-02-11

* SECURITY UPDATE: arbitrary code execution via string operations
  - debian/patches/922_security_CVE-2009-4124.dpatch: calculate lengths
    properly in string.c, add test in test/ruby/test_string.rb.
  - CVE-2009-4124
* SECURITY UPDATE: incorrect log file sanitation in WEBrick (LP: #509392)
  - debian/patches/923_security_CVE-2009-4492.dpatch: properly escape in
    lib/webrick/{accesslog.rb,httprequest.rb,httpstatus.rb,httputils.rb},
    add test to test/webrick/test_cgi.rb.
  - CVE-2009-4492

22. By Marc Deslauriers on 2009-07-15

* SECURITY UPDATE: certificate spoofing via invalid return value check
  in OCSP_basic_verify
  - debian/patches/920_security_CVE-2009-0642.dpatch: also check for -1
    return code in ext/openssl/ossl_ocsp.c.
  - CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
  argument that represents a large number (LP: #385436)
  - debian/patches/921_security_CVE-2009-1904.dpatch: handle large
    numbers properly in ext/bigdecimal/bigdecimal.c.
  - CVE-2009-1904

21. By Marc Deslauriers on 2008-12-05

* SECURITY UPDATE: denial of service in regular expression engine via
  multiple long requests to a Ruby socket
  - debian/patches/308_regexp_segv: avoid segmentation fault in
    Regexp#inspect
  - CVE-2008-3443
* debian/patches/307_r19033_rexml_DoS.dpatch: updated to fix a
  regression (debian bug #502535)

20. By Matthias Klose on 2008-10-25

Fix build failure on lpia. LP: #255890.

19. By daigo on 2008-09-05

debian/rules: Fixed a FTBFS on hurd-i386: failure of
cat /proc/cpuinfo no more stops the build process.
(Closes: #497737)

18. By daigo on 2008-07-31

[ Lucas Nussbaum ]
* Because of make's dependency handling on phony targets after the addition
  of the watch in 1.9.0.1-4, parse.o was rebuilt three times during the
  build process. Build it only once, which should reduce the build time
  significantly.

[ Daigo Moriwaki ]
* RubyGems did not work completely due to a gem_relude mechanism . This
  issue has been fixed. (Closes: #492206)
  - debian/patches/201_gem_prelude.dpatch
  - debian/rules

17. By Jamie Strandboge on 2008-06-25

* Merge from debian unstable, remaining changes:
  - debian/control: for ruby1.9, moved rdoc1.9 suggestion to depends.
    (LP: #228345)
  - Modify Maintainer value to match the DebianMaintainerField
    specification.

16. By Stephan Rügamer on 2008-05-16

* Merge from debian unstable, remaining changes:
  - Robustify check for target_os, fixing build failure on lpia.
* debian/control:
  - ruby1.9 pkg: moved rdoc1.9 suggestion to depends. (LP: #228345)

15. By Stephan Rügamer on 2008-01-24

* Merge from debian unstable, remaining changes:
  - Robustify check for target_os, fixing build failure on lpia.

14. By Matthias Klose on 2007-09-04

* Sync from Debian; remaining changes:
  - Add -g to CFLAGS.
* Fixes build failure on ia64.
* Fixes build failure with gcc-4.2 on lpia.
* Robustify check for target_os, fixing build failure on lpia.
* Set Ubuntu maintainer address.