Changelog for
ruby19-1.9.3.p392-1.7.x86_64.rpm :
Fri Mar 1 13:00:00 2013 jmassaguerplaAATTsuse.com
- update to 1.9.3 p392
This release includes security fixes about bundled JSON and
REXML.
* Denial of Service and Unsafe Object Creation Vulnerability
in JSON (CVE-2013-0269)
* Entity expansion DoS vulnerability in REXML (XML bomb)
And some small bugfixes are also included
see /usr/share/doc/packages/ruby19/Changelog for more details
Wed Feb 6 13:00:00 2013 mrueckertAATTsuse.de
- update to 1.9.3 p385 (bnc#802406)
XSS exploit of RDoc documentation generated by rdoc
(CVE-2013-0256)
for other changes see /usr/share/doc/packages/ruby19/Changelog
Tue Jan 8 13:00:00 2013 cooloAATTsuse.com
- readd the private header
*atomic.h
Fri Jan 4 13:00:00 2013 kkaempfAATTsuse.com
- added bind_stack.patch: (bnc#796757)
Fixes stack boundary issues when embedding Ruby into
threaded C code (Ruby bug #2294)
Sun Dec 30 13:00:00 2012 cooloAATTsuse.com
- update to 1.9.3 p362
* many bug fixes.
Tue Nov 13 13:00:00 2012 cooloAATTsuse.com
- update to 1.9.3 p327 (bnc#789983)
CVE-2012-5371 and plenty of other fixes
Tue Nov 6 13:00:00 2012 cooloAATTsuse.com
- make sure the rdoc output is more stable for build-compare
(new patch ruby-sort-rdoc-output.patch)
Sat Nov 3 13:00:00 2012 cooloAATTsuse.com
- update to 1.9.3 p286 (bnc#783511, bnc#791199)
This release includes some security fixes, and many other bug fixes.
$SAFE escaping vulnerability about Exception#to_s / NameError#to_s
(CVE-2012-4464, CVE-2012-4466)
Unintentional file creation caused by inserting an illegal NUL character
many other bug fixes. (CVE-2012-4522)
See Changelog for the complete set
- remove ruby-1.8.7_safe_level_bypass.patch as it\'s upstream
Fri Oct 26 14:00:00 2012 mrueckertAATTsuse.de
- added ruby-1.8.7_safe_level_bypass.patch: (bnc#783511)
Fixes a SAFE_LEVEL bypass in name_err_to_s and exc_to_s.
CVE-2012-4464
Thu Oct 18 14:00:00 2012 cooloAATTsuse.com
- remove build depencency on ca certificates - only causing cycles
Thu Sep 13 14:00:00 2012 cooloAATTsuse.com
- one more header needed for rubygem-ruby-debug-base19
Fri Sep 7 14:00:00 2012 cooloAATTsuse.com
- install vm_core.h and its dependencies as ruby-devel-extra
Wed Aug 1 14:00:00 2012 cooloAATTsuse.com
- move the provides to the ruby package instead
Fri Jul 27 14:00:00 2012 cooloAATTsuse.com
- add provides for the internal gems
Thu Jul 26 14:00:00 2012 cooloAATTsuse.com
- fix macros
Mon Jul 9 14:00:00 2012 cooloAATTsuse.com
- gem_install_wrapper no longer necessary
Mon Jun 4 14:00:00 2012 idonmezAATTsuse.com
- Add patch to export ruby_init_prelude, ruby bug #5174
Fri May 11 14:00:00 2012 cooloAATTsuse.com
- there is no obvious use for the vim buildrequires and it\'s causing
a build cycle (because vim really requires ruby) - so remove it
Fri May 11 14:00:00 2012 cooloAATTsuse.com
- rubygem-rake is still named like this
Thu May 10 14:00:00 2012 cooloAATTsuse.com
- update to 1.9.3 p194
- update rubygems to 1.8.23 to verify ssl certificates
- other bug fixes
Tue May 8 14:00:00 2012 cooloAATTsuse.com
- readd the requires on ruby-common to fix gems suffix
Sun Mar 11 13:00:00 2012 cooloAATTsuse.com
- let gems of 1.9 install bins without suffix
Fri Mar 9 13:00:00 2012 cooloAATTsuse.com
- remove provides for ruby and ruby-devel, only generates conflicts
with wrapper package
Wed Mar 7 13:00:00 2012 mrueckertAATTsuse.de
- update license:
Ruby is licensed under BSD 2 Clause or Ruby License now.
Wed Mar 7 13:00:00 2012 cooloAATTsuse.com
- update to 1.9.3 p125
- Fix for Ruby OpenSSL module: Allow \"0/n splitting\" as a
prevention for the TLS BEAST attack
- Fixed: LLVM/clang support [Bug #5076]
- Fixed: GCC 4.7 support [Bug #5851]
- other bug fixes
Mon Oct 31 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.9.3 preview 0
Mon Jul 18 14:00:00 2011 mrueckertAATTsuse.de
- override rb_arch macro from the rpm in the spec file
rb_arch in rpm is still using host_cpu instead of target_cpu. for
older distros we will need the override anyway. this allows us to
reduce the sed part in the marco to just ppc/powerpc.
- related to the first change:
pass --target={_target_platform} to configure (we used to do that
on 1.8 already)
- provide unversioned package names
- rip out bleakhouse support for now to make merging easier
- install macros file
- reorder some file list lines to make merging easier
- use a ruby variable instead of calculating rb_ver in the macros
file. (more important for 1.8)
Mon Jul 18 14:00:00 2011 mrueckertAATTsuse.de
- update 1.9.2 p290
some important fixes:
- require \'date\'; Date.new === nil throws an undefined method
error for coerce on p180 - this has now been fixed
- The Thread.kill segfaults when the object to be killed isn\'t a
thread bug has been resolved.
- Tweaks to reduce segmentation faults when using zlib on x86-64
Darwin (OS X) - always good
- Modification to prevent random number sequence repetition on
forked child processes in SecureRandom
- Fix to io system to resolve a Windows-only bug where characters
are being read incorrectly due to ASCII not being treated as 7
bit
- A tweak to Psych (the YAML parser) to plug a memory leak
- Load paths are now always expanded by rb_et_expanded_load_path
(I think this might yield a performance gain?)
- Fixes to Psych\'s treatment and testing of string taint
- Prevention of temporary objects being garbage collected in some
cases
- Fixes to resolve compilation problems with Visual C++ 2010
- A fix so that Tk\'s extconf.rb would run successfully
- Lots of Tk related fixes generally
- A fix to string parsing to resolve an obscure
symbol-containing-newlines parsing bug
for the complete changes see /usr/share/doc/packages/ruby19/ChangeLog
- refresh tcl rpath patch:
old ruby-1.9.2p180_tcl_no_stupid_rpaths.patch
new ruby-1.9.2p290_tcl_no_stupid_rpaths.patch
Fri May 6 14:00:00 2011 mrueckertAATTsuse.de
- sync with d:l:r:1.9/ruby19
Fri May 6 14:00:00 2011 mrueckertAATTsuse.de
- update 1.9.2 p180
- added ruby-1.9.2p180_tcl_no_stupid_rpaths.patch
- remove the other path entries that are unneeded on our system
- dropped ruby-1.9.1-rc2_gc_64bit_warning.patch
Thu Aug 26 14:00:00 2010 mrueckertAATTsuse.de
- build fiddle -> new dep libffi
Thu Aug 26 14:00:00 2010 mrueckertAATTsuse.de
- update to 1.9.2 p0
Wed Apr 7 14:00:00 2010 mrueckertAATTsuse.de
- split out tk bindings
Wed Apr 7 14:00:00 2010 mrueckertAATTsuse.de
- fixed tk support, though it still has a warning about missing
nativethread support in tcl/tk
Wed Apr 7 14:00:00 2010 mrueckertAATTsuse.de
- update to snapshot of today