File ruby19.changes of Package ruby19.openSUSE_12.2_Update
-------------------------------------------------------------------
Tue Jul 2 14:24:40 UTC 2013 - jmassaguerpla@suse.com
- fix cve-2013-4073 (bnc#827265)
The fix_cve-2013-4073.patch contains the patch for
cve-2013-4073 (bnc#827265) adapted from
https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89
-------------------------------------------------------------------
Mon Mar 25 17:49:36 UTC 2013 - mrueckert@suse.de
- update to 1.9.3 p392 (bnc#808137 bnc#803342)
- update json intree to 1.5.5:
Denial of Service and Unsafe Object Creation Vulnerability in
JSON CVE-2013-0269
- limit entity expansion text limit to 10kB CVE-2013-1821
- get rid of a SEGV when calling rb_iter_break() from some
extention libraries.
- some warning suppressed and smaller fixes
-------------------------------------------------------------------
Fri Feb 8 13:49:33 UTC 2013 - mrueckert@suse.de
- restore the old ruby macros and the gem wrapper script
-------------------------------------------------------------------
Wed Feb 6 16:27:34 UTC 2013 - mrueckert@suse.de
- update to 1.9.3 p385 (bnc#802406)
XSS exploit of RDoc documentation generated by rdoc
(CVE-2013-0256)
for other changes see /usr/share/doc/packages/ruby19/Changelog
-------------------------------------------------------------------
Mon Feb 4 09:32:50 UTC 2013 - kkaempf@suse.com
- Replace bind_stack.patch with upstream patch (bnc#796757)
(thread_pthread.c-ruby_init_stack-ignore-STACK_END_ADDRESS.patch)
* thread_pthread.c (ruby_init_stack): ignore `STACK_END_ADDRESS'
if Ruby interpreter is running on co-routine.
-------------------------------------------------------------------
Tue Jan 8 20:35:50 UTC 2013 - coolo@suse.com
- readd the private header *atomic.h
-------------------------------------------------------------------
Fri Jan 4 13:33:09 UTC 2013 - kkaempf@suse.com
- added bind_stack.patch: (bnc#796757)
Fixes stack boundary issues when embedding Ruby into
threaded C code (Ruby bug #2294)
-------------------------------------------------------------------
Sun Dec 30 11:51:20 UTC 2012 - coolo@suse.com
- update to 1.9.3 p362
* many bug fixes.
-------------------------------------------------------------------
Tue Nov 13 14:09:45 UTC 2012 - coolo@suse.com
- update to 1.9.3 p327 (bnc#789983)
CVE-2012-5371 and plenty of other fixes
-------------------------------------------------------------------
Tue Nov 6 05:31:47 UTC 2012 - coolo@suse.com
- make sure the rdoc output is more stable for build-compare
(new patch ruby-sort-rdoc-output.patch)
-------------------------------------------------------------------
Sat Nov 3 08:12:18 UTC 2012 - coolo@suse.com
- update to 1.9.3 p286 (bnc#783511, bnc#791199)
This release includes some security fixes, and many other bug fixes.
$SAFE escaping vulnerability about Exception#to_s / NameError#to_s
(CVE-2012-4464, CVE-2012-4466)
Unintentional file creation caused by inserting an illegal NUL character
many other bug fixes. (CVE-2012-4522)
See Changelog for the complete set
- remove ruby-1.8.7_safe_level_bypass.patch as it's upstream
-------------------------------------------------------------------
Fri Oct 26 14:27:36 UTC 2012 - mrueckert@suse.de
- added ruby-1.8.7_safe_level_bypass.patch: (bnc#783511)
Fixes a SAFE_LEVEL bypass in name_err_to_s and exc_to_s.
CVE-2012-4464
-------------------------------------------------------------------
Thu Oct 18 10:10:55 UTC 2012 - coolo@suse.com
- remove build depencency on ca certificates - only causing cycles
-------------------------------------------------------------------
Thu Sep 13 05:04:39 UTC 2012 - coolo@suse.com
- one more header needed for rubygem-ruby-debug-base19
-------------------------------------------------------------------
Fri Sep 7 11:08:42 UTC 2012 - coolo@suse.com
- install vm_core.h and its dependencies as ruby-devel-extra
-------------------------------------------------------------------
Wed Aug 1 11:54:11 UTC 2012 - coolo@suse.com
- move the provides to the ruby package instead
-------------------------------------------------------------------
Fri Jul 27 07:22:48 UTC 2012 - coolo@suse.com
- add provides for the internal gems
-------------------------------------------------------------------
Thu Jul 26 09:52:41 UTC 2012 - coolo@suse.com
- fix macros
-------------------------------------------------------------------
Mon Jul 9 05:20:30 UTC 2012 - coolo@suse.com
- gem_install_wrapper no longer necessary
-------------------------------------------------------------------
Mon Jun 4 11:03:08 UTC 2012 - idonmez@suse.com
- Add patch to export ruby_init_prelude, ruby bug #5174
-------------------------------------------------------------------
Fri May 11 10:03:11 UTC 2012 - coolo@suse.com
- there is no obvious use for the vim buildrequires and it's causing
a build cycle (because vim really requires ruby) - so remove it
-------------------------------------------------------------------
Fri May 11 05:02:13 UTC 2012 - coolo@suse.com
- rubygem-rake is still named like this
-------------------------------------------------------------------
Thu May 10 18:35:48 UTC 2012 - coolo@suse.com
- update to 1.9.3 p194
- update rubygems to 1.8.23 to verify ssl certificates
- other bug fixes
-------------------------------------------------------------------
Tue May 8 11:37:06 UTC 2012 - coolo@suse.com
- readd the requires on ruby-common to fix gems suffix
-------------------------------------------------------------------
Sun Mar 11 18:21:23 UTC 2012 - coolo@suse.com
- let gems of 1.9 install bins without suffix
-------------------------------------------------------------------
Fri Mar 9 07:20:21 UTC 2012 - coolo@suse.com
- remove provides for ruby and ruby-devel, only generates conflicts
with wrapper package
-------------------------------------------------------------------
Wed Mar 7 15:45:53 UTC 2012 - mrueckert@suse.de
- update license:
Ruby is licensed under BSD 2 Clause or Ruby License now.
-------------------------------------------------------------------
Wed Mar 7 15:09:46 UTC 2012 - coolo@suse.com
- update to 1.9.3 p125
- Fix for Ruby OpenSSL module: Allow "0/n splitting" as a
prevention for the TLS BEAST attack
- Fixed: LLVM/clang support [Bug #5076]
- Fixed: GCC 4.7 support [Bug #5851]
- other bug fixes
-------------------------------------------------------------------
Mon Oct 31 16:27:48 UTC 2011 - mrueckert@suse.de
- update to 1.9.3 preview 0
-------------------------------------------------------------------
Mon Jul 18 15:36:36 UTC 2011 - mrueckert@suse.de
- override rb_arch macro from the rpm in the spec file
rb_arch in rpm is still using host_cpu instead of target_cpu. for
older distros we will need the override anyway. this allows us to
reduce the sed part in the marco to just ppc/powerpc.
- related to the first change:
pass --target={_target_platform} to configure (we used to do that
on 1.8 already)
- provide unversioned package names
- rip out bleakhouse support for now to make merging easier
- install macros file
- reorder some file list lines to make merging easier
- use a ruby variable instead of calculating rb_ver in the macros
file. (more important for 1.8)
-------------------------------------------------------------------
Mon Jul 18 13:11:48 UTC 2011 - mrueckert@suse.de
- update 1.9.2 p290
some important fixes:
- require 'date'; Date.new === nil throws an undefined method
error for coerce on p180 - this has now been fixed
- The Thread.kill segfaults when the object to be killed isn't a
thread bug has been resolved.
- Tweaks to reduce segmentation faults when using zlib on x86-64
Darwin (OS X) - always good
- Modification to prevent random number sequence repetition on
forked child processes in SecureRandom
- Fix to io system to resolve a Windows-only bug where characters
are being read incorrectly due to ASCII not being treated as 7
bit
- A tweak to Psych (the YAML parser) to plug a memory leak
- Load paths are now always expanded by rb_et_expanded_load_path
(I think this might yield a performance gain?)
- Fixes to Psych's treatment and testing of string taint
- Prevention of temporary objects being garbage collected in some
cases
- Fixes to resolve compilation problems with Visual C++ 2010
- A fix so that Tk's extconf.rb would run successfully
- Lots of Tk related fixes generally
- A fix to string parsing to resolve an obscure
symbol-containing-newlines parsing bug
for the complete changes see /usr/share/doc/packages/ruby19/ChangeLog
- refresh tcl rpath patch:
old ruby-1.9.2p180_tcl_no_stupid_rpaths.patch
new ruby-1.9.2p290_tcl_no_stupid_rpaths.patch
-------------------------------------------------------------------
Fri May 6 22:13:15 UTC 2011 - mrueckert@suse.de
- sync with d:l:r:1.9/ruby19
-------------------------------------------------------------------
Fri May 6 21:56:34 UTC 2011 - mrueckert@suse.de
- update 1.9.2 p180
- added ruby-1.9.2p180_tcl_no_stupid_rpaths.patch
- remove the other path entries that are unneeded on our system
- dropped ruby-1.9.1-rc2_gc_64bit_warning.patch
-------------------------------------------------------------------
Thu Aug 26 21:51:51 UTC 2010 - mrueckert@suse.de
- build fiddle -> new dep libffi
-------------------------------------------------------------------
Thu Aug 26 19:48:29 UTC 2010 - mrueckert@suse.de
- update to 1.9.2 p0
-------------------------------------------------------------------
Wed Apr 7 14:28:48 UTC 2010 - mrueckert@suse.de
- split out tk bindings
-------------------------------------------------------------------
Wed Apr 7 14:08:47 UTC 2010 - mrueckert@suse.de
- fixed tk support, though it still has a warning about missing
nativethread support in tcl/tk
-------------------------------------------------------------------
Wed Apr 7 10:26:00 UTC 2010 - mrueckert@suse.de
- update to snapshot of today
-------------------------------------------------------------------
Mon Feb 2 15:48:27 CET 2009 - mrueckert@suse.de
- update to p0
- drop ruby-1.9.1-rc2_rb_time_timeval_prototype.patch:
fix included
-------------------------------------------------------------------
Wed Jan 21 19:00:13 CET 2009 - mrueckert@suse.de
- add ruby-1.9.1-rc2_gc_64bit_warning.patch
do not cast a pointer to int
- add ruby-1.9.1-rc2_rb_time_timeval_prototype.patch
copy the complete prototype for the function
-------------------------------------------------------------------
Wed Jan 21 14:06:04 CET 2009 - mrueckert@suse.de
- update to rc2
- remove ruby-1.9.1-preview2_mkconfig_continued_line.patch:
included in update
-------------------------------------------------------------------
Mon Dec 8 13:52:11 CET 2008 - mrueckert@suse.de
- added ruby-1.9.1-preview2_mkconfig_continued_line.patch:
handle continued lines with empty values
-------------------------------------------------------------------
Sat Dec 6 04:13:34 CET 2008 - mrueckert@suse.de
- initial package
