lp:ubuntu/utopic-updates/ruby2.1
- Get this branch:
- bzr branch lp:ubuntu/utopic-updates/ruby2.1
Branch merges
Branch information
Recent revisions
- 9. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via XML expansion
- debian/patches/ CVE-2014- 8090.patch: add REXML:: Document# document
to rexml/document.rb, add warning to rexml/entity.rb, added tests to
test/rexml/test_ document. rb.
- CVE-2014-8090 - 8. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via buffer overrun in encodes
function
- debian/patches/ CVE-2014x- 4975.patch: properly calculate buffer size
in pack.c, added test to test/ruby/test_pack. rb.
- CVE-2014-4975
* SECURITY UPDATE: denial of service via XML expansion
- debian/patches/ CVE-2014- 8080.patch: limit expansions in
lib/rexml/entity. rb, added tests to test/rexml/ test_document. rb,
test/rexml/test_ entity. rb.
- CVE-2014-8080 - 7. By Matthias Klose
-
* Merge with Debian; remaining changes:
- Upstream doesn't support Tcl/Tk 8.6, stop building the extension. - 5. By Chris Hofstaedtler
-
* Use Debian copy of config.{guess,sub}
Instead of downloading it from the Internet, which could be down or
insecure. Thanks to Scott Kitterman for the report AND patch.
(Closes: 745699)
* Move jquery source file to d/missing-sources - 3. By Chris Hofstaedtler
-
[ Antonio Terceiro ]
* ruby2.1-dev: add missing dependency on libruby2.1[ Christian Hofstaedtler ]
* Again depend on ruby without alternatives management
* Tag 64bit-only symbols as such - 2. By Chris Hofstaedtler
-
* New release train, branch off and rename everything to ruby2.1
(Closes: #736664)
* Build with GMP library for faster Bignum operations.
* Target experimental as long as ruby 1:1.9.3.1 has not entered
unstable, dropping the versioned dependency for now.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/vivid/ruby2.1