[notify] ruby: update to 1.8.5-p2

Security update to finally fix CVE-2006-5467. See http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/
2006-12-06 08:06:33 +01:00 · 2006-12-06 08:06:33 +01:00 · 9d0faa53ad
commit 9d0faa53ad
parent 91b7721a0d
3 changed files with 5 additions and 18 deletions
--- a/ruby/.md5sum
+++ b/ruby/.md5sum
@ -1,3 +1,2 @@
-9d25f59d1c33a0b215f6c25260dcb536  ruby-1.8.5-cgi-dos-1.patch
+a3517a224716f79b14196adda3e88057  ruby-1.8.5-p2.tar.gz
 c29d1494e946c08c4731c3e4cdabb2cb  ruby-1.8.5.patch
-3fbb02294a8ca33d4684055adba5ed6f  ruby-1.8.5.tar.gz
--- a/ruby/Pkgfile
+++ b/ruby/Pkgfile
@ -4,15 +4,14 @@
 # Depends on:  db, gdbm, ncurses, openssl, readline, zlib

 name=ruby
-version=1.8.5
-release=2
+version=1.8.5-p2
+release=1
 source=(ftp://ftp.ruby-lang.org/pub/$name/1.8/$name-$version.tar.gz \
-        $name-$version.patch $name-$version-cgi-dos-1.patch)
+        $name-1.8.5.patch)

 build () {
    cd $name-$version
-    patch -p1 < $SRC/$name-$version.patch
-    patch -p0 < $SRC/$name-$version-cgi-dos-1.patch
+    patch -p1 < $SRC/$name-1.8.5.patch
    ./configure --prefix=/usr \
                --mandir=/usr/man \
                --enable-shared \
--- a/ruby/ruby-1.8.5-cgi-dos-1.patch
+++ b/ruby/ruby-1.8.5-cgi-dos-1.patch
@ -1,11 +0,0 @@
--- lib/cgi.rb.orig	2006-08-22 18:38:19.000000000 +0900
-+++ lib/cgi.rb	2006-11-03 00:18:53.000000000 +0900
-@@ -1018,7 +1018,7 @@ class CGI
-               else
-                 stdinput.read(content_length)
-               end
-          if c.nil?
-+          if c.nil? || c.empty?
-             raise EOFError, "bad content body"
-           end
-           buf.concat(c)