SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ruby-debuginfo-1.8.1-18.el4.i386.rpm :
Fri Jan 13 23:00:00 2012 Vít Ondruch - 1.8.1-18
- Simplified fix for CVE-2011-4815.
- Properly initialize the random number generator when forking new process

* ruby-1.8.7-CVE-2011-3009.patch
- Related: rhbz#768828

Thu Dec 22 23:00:00 2011 Vít Ondruch - 1.8.1-17
- Address CVE-2011-4815 \"DoS (excessive CPU use) via hash meet-in-the-middle
attacks (oCERT-2011-003)\"

* ruby-1.8.7-CVE-2011-4815.patch
- Resolves: rhbz#768828

Tue Jun 7 00:00:00 2011 Vít Ondruch - 1.8.1-16.el4
- Comply with guidelines
- Related: rhbz#709959

Wed Jun 1 00:00:00 2011 Vít Ondruch - 1.8.1-15.el4
- Address CVE-2011-1005 \"Untrusted codes able to modify arbitrary strings\"

* ruby-1.8.7-CVE-2011-1005.patch
- Address CVE-2011-0188 \"memory corruption in BigDecimal on 64bit platforms\"

* ruby-1.8.7-CVE-2011-0188.patch
- Address CVE-CVE-2010-0541 \"Ruby WEBrick javascript injection flaw\"

* ruby-1.8.7-CVE-2010-0541.patch
- Address CVE-CVE-2009-4492 \"ruby WEBrick log escape sequence\"

* ruby-1.8.6-CVE-2009-4492.patch
- Resolves: rhbz#709959

Mon Dec 14 23:00:00 2009 Akira TAGOH - 1.8.1-7.el4_8.4
- Fix a regression that suppress zeroes after the decimal point since
the previous release. (#510278)

Thu Jun 18 00:00:00 2009 Akira TAGOH - 1.8.1-7.el4_8.3
- security fixes. (#505085)
- CVE-2007-1558: APOP password disclosure vulnerability.
- CVE-2009-0642: Incorrect checks for validity of X.509 certificates.
- CVE-2009-1904: DoS vulnerability in BigDecimal.

Wed Nov 19 23:00:00 2008 Akira TAGOH - 1.8.1-7.el4_7.2
- security fix (#472067)
- CVE-2008-4310: real fix for CVE-2008-3656. original patch named as fix for
CVE-2008-3656 actually fixed different issue (CVE-2008-1145),
hence we are providing correct patch and renaming original
patch to refer to proper CVE.

Thu Oct 9 00:00:00 2008 Akira TAGOH - 1.8.1-7.el4_7.1
- security fixes. (#461579)
- CVE-2008-3655: multiple insufficient safe mode restrictions.
- CVE-2008-1145: WEBrick DoS vulnerability (CPU consumption).
- CVE-2008-3657: missing \"taintness\" checks in dl module.
- CVE-2008-3905: use of predictable source port and transaction id in DNS
requests done by resolv.rb module.
- CVE-2008-3443: Memory allocation failure in Ruby regex engine
(remotely exploitable DoS).
- CVE-2008-3790: DoS vulnerability in the REXML module.

Thu Jul 3 00:00:00 2008 Akira TAGOH - 1.8.1-7.el4_6.1
- security fixes. (#451926)
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_update().
- CVE-2008-2726: Integer overflow in rb_ary_update().
- CVE-2008-2376: Integer overflow in rb_ary_fill().

Sun Oct 28 00:00:00 2007 Akira TAGOH - 1.8.1-7.EL4.8.1
- security fixes (#320371)
- ruby-1.8.1-cgi-CVE-2006-6303.patch: fix an infinite loop with certain HTTp
request.
- ruby-1.8.1-CVE-2007-5162.patch: fix an insufficient verification of SSL
certificate.

Wed Nov 1 23:00:00 2006 Akira TAGOH - 1.8.1-7.EL4.8
- BR tcl-devel and tk-devel instead of tcl and tk.

Sun Oct 29 23:00:00 2006 Akira TAGOH - 1.8.1-7.EL4.7
- security fix release.
- ruby-1.8.1-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that
causes the denial of service. (#212237)

Fri Jul 21 00:00:00 2006 Akira TAGOH - 1.8.1-7.EL4.6
- security fixes [CVE-2006-3694]
- fixed the insecure operations on Dir and Regexp in the certain safe-level
restrictions. (#199539)
- fixed to not bypass the certain safe-level restrictions. (#199545)

Sat May 13 00:00:00 2006 Akira TAGOH - 1.8.1-7.EL4.4
- ruby-magic-setjmp.patch: backported to fix unstable GC on ia64.
[ruby-talk:144939] (#190805)

Sat Apr 22 00:00:00 2006 Akira TAGOH - 1.8.1-7.EL4.3
- security fix [CVE-2006-1931]
- ruby-1.8.2-webrick-dos-1.patch: a patch to read data with non-blocking I/O.
- ruby-1.8.2-xmlrpc-dos-1.patch: a patch to use WEBrick\'s HTTPServer class to
avoid the above issue as well.

Thu Oct 6 00:00:00 2005 Akira TAGOH - 1.8.1-7.EL4.2
- security fix [CAN-2005-2337]
- ruby-1.8.1-safe-CAN-2005-2337.patch: a patch to preserve safe level in
the environment where a method is defined. (#169575)

Wed Jun 22 00:00:00 2005 Akira TAGOH - 1.8.1-7.EL4.1
- security fix [CAN-2005-1992]
- ruby-1.8.2-tcltk-multilib.patch: applied to get tcltklib.so built.
- ruby-1.8.2-xmlrpc-CAN-2005-1992.patch: applied to fix the arbitrary command
execution on XMLRPC server. (#161095)

Wed Nov 10 23:00:00 2004 Akira TAGOH - 1.8.1-7.EL4.0
- security fix [CAN-2004-0983]
- ruby-1.8.1-cgi-dos.patch: applied to fix a denial of service issue. (#138362)

Thu Oct 7 00:00:00 2004 Akira TAGOH - 1.8.1-7
- require emacs-common instead of emacs.

Thu Jun 24 00:00:00 2004 Akira TAGOH 1.8.1-4
- updated the documentation.

Wed Jun 16 00:00:00 2004 Elliot Lee
- rebuilt

Tue Mar 2 23:00:00 2004 Elliot Lee
- rebuilt

Fri Feb 13 23:00:00 2004 Elliot Lee
- rebuilt

Wed Feb 4 23:00:00 2004 Akira TAGOH 1.8.1-1
- New upstream release.
- don\'t use any optimization for ia64 to avoid the build failure.
- ruby-1.8.1-ia64-stack-limit.patch: applied to fix SystemStackError when the optimization is disabled.

Sat Dec 13 23:00:00 2003 Jeff Johnson 1.8.0-3
- rebuild against db-4.2.52.

Fri Sep 26 00:00:00 2003 Jeff Johnson 1.8.0-2
- rebuild against db-4.2.42.

Wed Aug 6 00:00:00 2003 Akira TAGOH 1.8.0-1
- New upstream release.

Fri Jul 25 00:00:00 2003 Akira TAGOH 1.6.8-9.1
- rebuilt

Fri Jul 25 00:00:00 2003 Akira TAGOH 1.6.8-9
- ruby-1.6.8-castnode.patch: handling the nodes with correct cast.
use this patch now instead of ruby-1.6.8-fix-x86_64.patch.

Sat Jul 5 00:00:00 2003 Akira TAGOH 1.6.8-8
- rebuilt

Sat Jul 5 00:00:00 2003 Akira TAGOH 1.6.8-7
- fix the gcc warnings. (#82192)
- ruby-1.6.8-fix-x86_64.patch: correct a patch.
NOTE: DON\'T USE THIS PATCH FOR BIG ENDIAN ARCHITECTURE.
- ruby-1.6.7-long2int.patch: removed.

Thu Jun 5 00:00:00 2003 Elliot Lee
- rebuilt

Fri Feb 7 23:00:00 2003 Jens Petersen - 1.6.8-5
- rebuild against ucs4 tcltk

Wed Jan 22 23:00:00 2003 Tim Powers
- rebuilt

Wed Jan 22 23:00:00 2003 Akira TAGOH 1.6.8-3
- ruby-1.6.8-multilib.patch: applied to fix the search path issue on x86_64

Tue Jan 21 23:00:00 2003 Akira TAGOH 1.6.8-2
- ruby-1.6.8-require.patch: applied to fix the search bug in require.
- don\'t apply long2int patch to s390 and s390x. it doesn\'t work.

Wed Jan 15 23:00:00 2003 Akira TAGOH 1.6.8-1
- New upstream release.
- removed some patches. it\'s no longer needed.
- ruby-1.6.7-100.patch
- ruby-1.6.7-101.patch
- ruby-1.6.7-102.patch
- ruby-1.6.7-103.patch
- 801_extmk.rb-shellwords.patch
- 801_mkmf.rb-shellwords.patch
- 804_parse.y-new-bison.patch
- 805_uri-bugfix.patch
- ruby-1.6.6-900_XXX_strtod.patch
- ruby-1.6.7-sux0rs.patch
- ruby-1.6.7-libobj.patch

Wed Jan 15 23:00:00 2003 Jens Petersen 1.6.7-14
- rebuild to update tcltk deps

Mon Dec 16 23:00:00 2002 Elliot Lee 1.6.7-13
- Remove ExcludeArch: x86_64
- Fix x86_64 ruby with long2int.patch (ruby was assuming that sizeof(long)
== sizeof(int). The patch does not fix the source of the problem, just
makes it a non-issue.)
- _smp_mflags

Tue Dec 10 23:00:00 2002 Tim Powers 1.6.7-12
- rebuild to fix broken tcltk deps

Wed Oct 23 00:00:00 2002 Akira TAGOH 1.6.7-11
- use %configure macro instead of configure script.
- use the latest config.{sub,guess}.
- get archname from rbconfig.rb for %dir
- applied some patches from Debian:
- 801_extmk.rb-shellwords.patch: use Shellwords
- 801_mkmf.rb-shellwords.patch: mkmf.rb creates bad Makefile. the Makefile
links libruby.a to the target.
- 803_sample-fix-shbang.patch: all sample codes should be
s|/usr/local/bin|/usr/bin|g
- 804_parse.y-new-bison.patch: fix syntax warning.
- 805_uri-bugfix.patch: uri.rb could not handle correctly broken mailto-uri.
- add ExcludeArch x86_64 temporarily to fix Bug#74581. Right now ruby can\'t be
built on x86_64.

Wed Aug 28 00:00:00 2002 Akira TAGOH 1.6.7-10
- moved sitedir to /usr/lib/ruby/site_ruby again according as our perl and
python.
- ruby-1.6.7-resolv1.patch, ruby-1.6.7-resolv2.patch: applied to fix \'Too many
open files - \"/etc/resolv.conf\"\' issue. (Bug#64830)

Fri Jul 19 00:00:00 2002 Akira TAGOH 1.6.7-9
- add the owned directory.

Sat Jul 13 00:00:00 2002 Akira TAGOH 1.6.7-8
- fix typo.

Fri Jul 5 00:00:00 2002 Akira TAGOH 1.6.7-7
- removed the ruby-mode-xemacs because it\'s merged to the xemacs sumo.

Sat Jun 22 00:00:00 2002 Tim Powers
- automated rebuild

Thu Jun 20 00:00:00 2002 Akira TAGOH 1.6.7-5
- fix the stripped binary.
- use the appropriate macros.

Mon May 27 00:00:00 2002 Tim Powers
- automated rebuild

Fri May 24 00:00:00 2002 Akira TAGOH 1.6.7-3
- ruby-1.6.7-libobj.patch: applied to fix autoconf2.53 error.

Mon Mar 18 23:00:00 2002 Akira TAGOH 1.6.7-2
- ruby-man-1.4.6-jp.tar.bz2: removed.
- ruby-refm-rdp-1.4.7-ja-html.tar.bz2: uses it instead of.
- ruby-1.6.7-500-marshal-proc.patch, ruby-1.6.7-501-class-var.patch:
removed.
- ruby-1.6.7-100.patch: applied a bug fix patch.
(ruby-dev#16274: patch for \'wm state\')
(PR#206ja: SEGV handle EXIT)
- ruby-1.6.7-101.patch: applied a bug fix patch.
(ruby-list#34313: singleton should not be Marshal.dump\'ed)
(ruby-dev#16411: block local var)
- ruby-1.6.7-102.patch: applied a bug fix patch.
(handling multibyte chars is partially broken)
- ruby-1.6.7-103.patch: applied a bug fix patch.
(ruby-dev#16462: preserve reference for GC, but link should be cut)

Fri Mar 8 23:00:00 2002 Akira TAGOH 1.6.7-1
- New upstream release.
- ruby-1.6.6-100.patch, ruby-1.6.6-501-ruby-mode.patch:
removed. these patches no longer should be needed.
- ruby-1.6.7-500-marshal-proc.patch: applied a fix patch.
(ruby-dev#16178: Marshal::dump should call Proc#call.)
- ruby-1.6.7-501-class-var.patch: applied a fix patch.
(ruby-talk#35157: class vars broken in 1.6.7)

Wed Feb 27 23:00:00 2002 Akira TAGOH 1.6.6-5
- Disable alpha because nothing is xemacs for alpha now.

Tue Feb 5 23:00:00 2002 Akira TAGOH 1.6.6-3
- Fixed the duplicate files.

Tue Feb 5 23:00:00 2002 Akira TAGOH 1.6.6-2
- Fixed the missing %defattr

Fri Feb 1 23:00:00 2002 Akira TAGOH 1.6.6-1
- New upstream release.
- Applied bug fix patches:
- ruby-1.6.6-501-ruby-mode.patch: ruby-talk#30479: disables font-lock
coloring.
- ruby-1.6.6-100.patch: ruby-talk#30203: Ruby 1.6.6 bug and fix
ruby-list#33047: regex bug
PR#230: problem with -d in 1.6.6
- Added ruby-mode and ruby-mode-xemacs packages.
- Ruby works fine for ia64. so re-enable to build with ia64.
(probably it should be worked for alpha)

Wed Jan 9 23:00:00 2002 Tim Powers
- automated rebuild

Fri Jul 20 00:00:00 2001 Bernhard Rosenkraenzer 1.6.4-2
- Remove Japanese description and summaries; they belong in specspo and
break rpm
- Clean up specfile
- Mark language specific files (README.jp) as such
- bzip2 sources
- rename the libruby package to ruby-libs for consistency
- Exclude ia64 (doesn\'t build - the code doesn\'t seem to be 64-bit clean
[has been excluded on alpha forever])

Wed Jul 18 00:00:00 2001 Akira TAGOH 1.6.4-1
- rebuild for Red Hat 7.2

Tue Jun 5 00:00:00 2001 akira yamada
- upgrade to nwe upstream version 1.6.4.

Tue Apr 3 00:00:00 2001 akira yamada
- applied patch:
- fixed method cache bug. etc. (Patch103, Patch104)

Wed Mar 28 00:00:00 2001 akira yamada
- applied patch:
- fixed marshal for bignum bug.
- fixed scope of constant variables bug.

Tue Mar 20 23:00:00 2001 akira yamada
- upgraded to new upstream version 1.6.3.

Fri Feb 9 23:00:00 2001 akira yamada
- fixed bad group for libruby.
- Applied patch: upgraded to cvs version (2001-02-08):
fixed minor bugs.

Thu Jan 18 23:00:00 2001 akira yamada
- Applied patch: upgraded to cvs version (2001-01-15):
fixed minor bugs(e.g. ruby makes extention librares too large...).

Wed Jan 10 23:00:00 2001 akira yamada
- Applied patch: upgraded to cvs version (2001-01-09):
fixed minor bugs.

Sat Dec 30 23:00:00 2000 akira yamada
- Applied bug fix patch.

Mon Dec 25 23:00:00 2000 akira yamada
- Updated to new upstream version 1.6.2.

Fri Dec 22 23:00:00 2000 akira yamada
- Removed ruby_cvs.2000122019.patch, added ruby_cvs.2000122215.patch
(upgraded ruby to latest cvs version, 1.6.2-preview4).

Wed Dec 20 23:00:00 2000 akira yamada
- Removed ruby_cvs.2000121413.patch, added ruby_cvs.2000122019.patch
(upgraded ruby to latest cvs version).
- new package: libruby

Thu Dec 14 23:00:00 2000 akira yamada
- Removed ruby_cvs.2000101901.patch, added ruby_cvs.2000121413.patch
(upgraded ruby to latest cvs version).
- Removed ruby-dev.11262.patch, ruby-dev.11265.patch,
and ruby-dev.11268.patch (included into above patch).

Sun Nov 12 23:00:00 2000 MACHINO, Satoshi 1.6.1-0vl9
- build on gcc-2.95.3

Fri Oct 20 00:00:00 2000 akira yamada
- Added ruby-dev.11268.patch.

Fri Oct 20 00:00:00 2000 akira yamada
- Removed ruby_cvs.2000101117.patch and added ruby_cvs.2000101901.patch
(upgraded ruby to latest cvs version).
- Added ruby-dev.11262.patch.
- Added ruby-dev.11265.patch.

Thu Oct 12 00:00:00 2000 akira yamada
- Removed ruby_cvs.2000100313.patch and added ruby_cvs.2000101117.patch
(upgraded ruby to latest cvs version).

Tue Oct 10 00:00:00 2000 akira yamada
- Removed ruby_cvs.2000100313.patch and added ruby_cvs.2000100313.patch
(upgraded ruby to latest cvs version).

Wed Oct 4 00:00:00 2000 akira yamada
- Removed ruby_cvs.2000100218.patch and added ruby_cvs.2000100313.patch
(upgraded ruby to latest cvs version).

Tue Oct 3 00:00:00 2000 akira yamada
- Removed ruby_cvs.2000092718.patch and added ruby_cvs.2000100218.patch
(upgraded ruby to latest cvs version).

Thu Sep 28 00:00:00 2000 akira yamada
- Updated to upstream version 1.6.1.
- Removed ruby_cvs.2000082901.patch and added ruby_cvs.2000092718.patch
(upgraded ruby to latest cvs version).

Wed Aug 30 00:00:00 2000 akira yamada
- Updated to version 1.4.6.
- removed ruby-dev.10123.patch(included into ruby-1.4.6).
- Added ruby_cvs.2000082901.patch(upgraded ruby to latest cvs version).

Wed Jun 28 00:00:00 2000 akira yamada
- Updated manuals to version 1.4.5.

Mon Jun 26 00:00:00 2000 akira yamada
- Added ruby-dev.10123.patch.

Sun Jun 25 00:00:00 2000 akira yamada
- Updated to version 1.4.5.
- Removed ruby_cvs.2000062401.patch(included into ruby-1.4.5).

Fri Jun 23 00:00:00 2000 akira yamada
- Updated to version 1.4.4(06/22/2000 CVS).
- Removed ruby-dev.10054.patch(included into ruby_cvs.patch).

Fri Jun 23 00:00:00 2000 akira yamada
- Renamed to ruby_cvs20000620.patch from ruby_cvs.patch.

Wed Jun 21 00:00:00 2000 akira yamada
- Updated to version 1.4.4(06/20/2000 CVS).
- Removed ruby-list.23190.patch(included into ruby_cvs.patch).
- Added ruby-dev.10054.patch.

Fri Jun 16 00:00:00 2000 akira yamada
- Updated to version 1.4.4(06/12/2000 CVS).
- Added manuals and FAQs.
- Split into ruby, ruby-devel, ruby-tcltk, ruby-docs, irb.

Wed Jun 14 00:00:00 2000 Mitsuo Hamada
- Updated to version 1.4.4

Wed Dec 8 23:00:00 1999 Atsushi Yamagata
- Updated to version 1.4.3

Tue Sep 21 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.4.2 (Sep 18)

Sat Sep 18 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.4.2

Wed Aug 18 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.4.0

Sat Jul 24 00:00:00 1999 Atsushi Yamagata
- 2nd release
- Updated to version 1.2.6(15 Jul 1999)
- striped %{prefix}/bin/ruby

Tue Jun 29 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.2.6(21 Jun 1999)

Thu Apr 15 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.2.5

Sat Apr 10 00:00:00 1999 Atsushi Yamagata
- Updated to version 1.2.4

Fri Dec 25 23:00:00 1998 Toru Hoshina
- Version up to 1.2 stable.

Fri Nov 27 23:00:00 1998 Toru Hoshina
- Version up to 1.1c9.

Thu Nov 19 23:00:00 1998 Toru Hoshina
- Version up to 1.1c8, however it appear short life :-P

Fri Nov 13 23:00:00 1998 Toru Hoshina
- Version up.

Wed Sep 23 00:00:00 1998 Toru Hoshina
- To make a libruby.so.

Tue Sep 22 00:00:00 1998 Toru Hoshina
- Modified SPEC in order to install libruby.a so that it should be used by
another ruby entention.
- 2nd release.

Mon Mar 9 23:00:00 1998 Shoichi OZAWA
- Added a powerPC arch part. Thanks, MURATA Nobuhiro


 
ICM