Changelog for
ruby-2.0-110.4.i586.rpm :
Wed Jun 26 14:00:00 2013 cooloAATTsuse.com
- use update-alternatives the right way - which is portable too
Tue Jun 25 14:00:00 2013 cooloAATTsuse.com
- remove --force usage in favor of portable rm (SLE11)
Tue Jun 4 14:00:00 2013 cooloAATTsuse.com
- use --force for update-alternatives
Sat Apr 27 14:00:00 2013 cooloAATTsuse.com
- switch to ruby 2.0 default
Mon Jan 21 13:00:00 2013 adrianAATTsuse.de
- buildignore rubygems package to avoid bootstrap problem
Tue Nov 13 13:00:00 2012 cooloAATTsuse.com
- ruby-common no longer provides anything that ruby requires,
so remove it
Sat Nov 3 13:00:00 2012 cooloAATTsuse.com
- buildignore own subpackages to avoid bootstrap problem
Mon Aug 6 14:00:00 2012 cooloAATTsuse.com
- reenable rdoc generation, no need to differ from upstream there
Wed Aug 1 14:00:00 2012 cooloAATTsuse.com
- add update-alternatives for ruby provided binaries
Wed Aug 1 14:00:00 2012 cooloAATTsuse.com
- expand ruby19 gemspecs as provides automatically
Thu Jul 26 14:00:00 2012 cooloAATTsuse.com
- remove rubygem-requires - rpm does it correctly
Thu Jul 26 14:00:00 2012 cooloAATTsuse.com
- split out ruby-common into a package on its own
Wed Jul 25 14:00:00 2012 cooloAATTsuse.com
- map the != operator to > - which might be wrong in 50% of all cases
Wed Jul 25 14:00:00 2012 cooloAATTsuse.com
- require a patched rpm in case rpm does not have magic hooks
Wed Jul 25 14:00:00 2012 cooloAATTsuse.com
- move the option parsing to a shell script that is able to do it
rightly (rpm macros are just
*BAD
*)
Wed Jul 25 14:00:00 2012 cooloAATTsuse.com
- make the rubygemdeps a ruby script much more clever about gemspecs
Wed Jul 25 14:00:00 2012 saschpeAATTsuse.de
- Another take on %gem_install, the version w/o passing parameters
seemed to be wrong
Wed Jul 25 14:00:00 2012 cooloAATTsuse.com
- avoid
*.gemspec, we get problems if we there are two
Tue Jul 24 14:00:00 2012 cooloAATTsuse.com
- remove too relaxing permissions from unpacked archive
Tue Jul 24 14:00:00 2012 cooloAATTsuse.com
- add a provides for ruby-macros
Tue Jul 24 14:00:00 2012 saschpeAATTsuse.de
- Fix %gem_unpack:
Fetch Gemspec from gem metadata for gems that don\'t package Gemspecs
but generate them programatically
Tue Jul 17 14:00:00 2012 saschpeAATTsuse.de
- Fix ruby(abi) requires generation, the path glob was to broad
Mon Jul 9 14:00:00 2012 cooloAATTsuse.com
- rename $bin19 binaries to $bin
Wed Jul 4 14:00:00 2012 saschpeAATTsuse.de
- Fix old-style %gem_install macro (missing parameter)
Tue Jul 3 14:00:00 2012 saschpeAATTsuse.de
- Provide the following new RPM macros:
+ %gem_unpack
+ %gem_build
+ %gem_install (retaining the old behavior)
Mon Jul 2 14:00:00 2012 cooloAATTsuse.com
- add automatic provides and requires for rubygems
Tue Jun 19 14:00:00 2012 cooloAATTsuse.com
- also add the old macro names as wrapper
Tue May 8 14:00:00 2012 cooloAATTsuse.com
- make this package a wrapper around the default ruby - ruby19 for now
Mon Feb 13 13:00:00 2012 cooloAATTsuse.com
- patch license to follow spdx.org standard
Thu Dec 29 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.8.7.p357
- randomize hash to avoid algorithmic complexity attacks.
CVE-2011-4815
- initialization of hash_seed to be at the beginning of the
process.
- initialize random seed at first.
- call OpenSSL::Random.seed at the SecureRandom.random_bytes
call. insert separators for array join. patch by Masahiro
Tomita. [ruby-dev:44270]
- mkconfig.rb: fix for continued lines. based on a patch from
Marcus Rueckert
at [ruby-core:20420].
- Infinity is greater than any bignum number. [ruby-dev:38672]
- initialize store->ex_data.sk. [ruby-core:28907]
[ruby-core:23971] [ruby-core:18121]
Thu Dec 1 13:00:00 2011 cooloAATTsuse.com
- add automake as buildrequire to avoid implicit dependency
Thu Jul 7 14:00:00 2011 mrueckertAATTsuse.de
- update to 1.8.7.p352
- support for openssl compiled without SSLv2
- multilib support for tk build
- some IPv6 related fixes
- zlib fixes
- reinitialize PRNG when forking children
- uri route_to fixes
- fix race condition with variables and autoload
- drop 1887f60a8540f64f5c7bb14d57c0be70506941b8.patch
included upstream
- drop ruby-1.8.7.p22_tcltk-multilib.patch
solved differently upstream
Fri May 20 14:00:00 2011 mrueckertAATTsuse.de
- drop ruby-1.8.7.p299_webrick_error_page_encoding.patch:
we will stick to the upstream charset
Fri Mar 18 13:00:00 2011 mrueckertAATTsuse.de
- added ruby-1.8.x_rubylibdir.patch:
allows us to also change the path for the stdlib part of the ruby
directory tree
Tue Feb 22 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.8.7.p334 (bnc#673740, bnc#673750, bnc#600752)
- A symlink race condition vulnerability was found in
FileUtils.remove_entry_secure. The vulnerability allows local
users to delete arbitrary files and directories. CVE-2011-1004
- Exception#to_s method can be used to trick $SAFE check, which
makes a untrusted codes to modify arbitrary strings.
CVE-2011-1005
- Ruby WEBrick character set issue (XSS) CVE-2010-0541
for all non security changes see
/usr/share/doc/packages/ruby/ChangeLog
- refreshed ruby-1.8.x_openssl_branch_update.patch
- buildrequires openssl to make the last openssl test work
- https://github.com/ruby/ruby/commit/1887f60a8540f64f5c7bb14d57c0be70506941b8.patch
* ext/zlib/zlib.c (zstream_append_input2): add RB_GC_GUARD.
This caused failure when test/csv is executed with GC.stress =
true.
- added ruby-1.8.7.p334_remove_zlib_test_params_test.patch:
remove the test_params patch from backport in r27917
It doesnt pass atm.
- removed ruby-1.8.6.p36_socket_ipv6.patch:
included upstream
Tue Sep 7 14:00:00 2010 mrueckertAATTsuse.de
- the testsuite and doc-html package should of course require the
main package
Fri Jul 2 14:00:00 2010 mrueckertAATTsuse.de
- add ruby(abi) = 1.8 provides
Thu Jul 1 14:00:00 2010 mrueckertAATTsuse.de
- update to 1.8.7.p299 (bnc#606056 and bnc#603914)
- OpenSSL 1.0.0 support
- Use OpenSSL engines which exist
- Fixed range and chunked support for Net::HTTP
- Iconv fixes
- Backported pack/unpack from the 1.9 branch (bnc#606056 bnc#603914)
- Multiple fixes in the resolver
- Fixed Unicode inspection bug.
- Escape characters properly for the accesslog (bnc#570616)
- cleaned up rpmlintrc
- refreshed patches:
old: ruby-1.8.7.p22_lib64.patch
new: ruby-1.8.7.p299_lib64.patch
old: ruby_1.8.6.p36_date_remove_privat.patch
new: ruby-1.8.7.p299_date_remove_privat.patch
old: ruby-pedantic-headers.diff
new: ruby-1.8.7.p299_pedantic-headers.patch
- replaced patches ruby-1.8.x_openssl-1.0.patch and
ruby-1.8.x_openssl-1.0-tests.patch with
ruby-1.8.x_openssl_branch_update.patch
Wed May 19 14:00:00 2010 mrueckertAATTsuse.de
- fix build on ix86:
- -target got removed from the %configure macro. add it back
locally for now.
Thu Apr 22 14:00:00 2010 mrueckertAATTsuse.de
- added ruby-1.8.x_openssl-1.0.patch and
ruby-1.8.x_openssl-1.0-tests.patch:
fix building with openssl 1.0.0 (taken from svn)
- added ruby-1.8.x_yaml2byte.patch:
fix warning about sequence point
- remove requires on glibc-devel again
Sat Mar 13 13:00:00 2010 crrodriguezAATTopensuse.org
- ruby-devel requires glibc-devel
Tue Feb 23 13:00:00 2010 mrueckertAATTsuse.de
- added ruby-1.8.x_digest_non_void_return.patch:
patch pulled from SVN to fix the warnings about no return in
non-void functions.
Sun Jan 31 13:00:00 2010 meissnerAATTsuse.de
- ruby calls \"ppc\" \"powerpc\".
Fri Jan 29 13:00:00 2010 mrueckertAATTsuse.de
- update to 1.8.7p249
small big fix release in the 1.8.7 branch, this includes the fix
for:
- ruby webrick doesn\'t sanitize non-printable characters in log
(bnc#570616) CVE-2009-4492
- drop ruby-1.8.6.p36_gc.patch: solution is upstream
Wed Dec 16 13:00:00 2009 jengelhAATTmedozas.de
- package documentation as noarch
- adjust ruby.macros to ask the ruby binary for the target plaform.
This is because %_host_cpu can expand to sparc64, while ruby is
built for the sparcv9 target, and %_target_cpu can expand to
noarch.
- in ruby.spec, %rb_arch is statically reset to %_target_cpu, as
we need the target name. Since it won\'t be noarch in this case,
that is good.
Thu Aug 20 14:00:00 2009 jansimon.moellerAATTopensuse.org
- remove s/armv5tel/armv4l/ in macros as it breaks build for armv5tel
Fri Nov 21 13:00:00 2008 mrueckertAATTsuse.de
- add ruby-1.8.7-p72_topdir.patch:
Config::TOPDIR was broken on lib64 systems as the code was
assuming $prefix/lib.
Fri Nov 21 13:00:00 2008 mrueckertAATTsuse.de
- added more ruby macros in /etc/rpm/macros.ruby
Sat Sep 6 14:00:00 2008 mrueckertAATTsuse.de
- update to 1.8.7p72
vendor_ruby support now officially included
for all the changes since 1.8.6 see
/usr/share/doc/packages/ruby/NEWS
- dropped ruby-1.8.6_openssl_verify_host.patch
included in update
- updated patch for new release:
old name: ruby-1.8.6.p36_lib64.patch
new name: ruby-1.8.7.p22_lib64.patch
- updated patch for new release:
old name: ruby-1.8.6.p36_tcltk-multilib.patch
new name: ruby-1.8.7.p22_tcltk-multilib.patch
- dropped ruby-1.8.6.p111_vendor_ruby.patch
only one chunk survived as ruby-1.8.7-p72_vendor_specific.patch
Fri May 16 14:00:00 2008 mrueckertAATTsuse.de
- update to 1.8.6.p114
bugfix release
- Fixes File access vulnerability of WEBrick (CVE-2008-1145)
(bnc#368618)
- ensure that the rss module adds the xml namespace
Thu Dec 6 13:00:00 2007 mrueckertAATTsuse.de
- update to 1.8.6.p111
bugfix release. important changes:
- ssl fixes (see notes on the ssl patch below)
- fixes for the threads support
- various overflow checks
- safe_level improvements
- printf fixes
- imap fixes
for all the details see /usr/share/doc/packages/ruby/ChangeLog
- added ruby-1.8.6.p111_openssl_verify_host.patch: (#329706)
validate the hostname against the CN from the presented SSL
certificicate. This has been enabled for telnets, ftptls, imaps
and https. (CVE-2007-5162,CVE-2007-5770)
For telnets and https the verification is done if the verify mode
is set to anything else than OpenSSL::SSL::VERIFY_NONE.
For ftptls it is always enabled.
For imaps it is checked if you enable verification.
- added support to build with bleak_house to allow better memleak
debugging. (requires additional package ruby-bleakhouse)
- updated ruby-1.8.6.p36_vendor_ruby.patch
new name ruby-1.8.6.p111_vendor_ruby.patch
- dropped ruby-1.8.6.p36_thread_prototype_and_testsuite.patch:
included in update
Thu Oct 11 14:00:00 2007 dmuellerAATTsuse.de
- fix headers to be compileable with -pedantic
Sun Aug 12 14:00:00 2007 mrueckertAATTsuse.de
- added ruby_1.8.6.p36_date_remove_privat.patch:
Time.to_date() and Time.to_datetime() shouldnt be private.
Mon Aug 6 14:00:00 2007 mrueckertAATTsuse.de
- added ruby-1.8.6.p36_thread_prototype_and_testsuite.patch:
pulled two fixes from the 1.8.6 branch:
* avoid executing shell in the testsuite
* moved definition of rb_thread_status() to avoid errors in C++
extensions.
Sun Aug 5 14:00:00 2007 mrueckertAATTsuse.de
- update to 1.8.6.p36:
many bugfixes and library updates. hilights:
=== Library updates (outstanding ones only)
* date
* Updated based on date2 4.0.3.
* digest
* New internal APIs for C and Ruby.
* Support for autoloading.
* See below for new features and compatibility issues.
* nkf
* Updated based on nkf as of 2007-01-28.
* tk
* Tk::X_Scrollable (Y_Scrollable) is renamed to Tk::XScrollable
(YScrollable). Tk::X_Scrollable (Y_Scrollable) is still
available, but it is an alias name.
* Updated Tile extension support based on Tile 0.7.8.
* Support --without-X11 configure option for non-X11 versions
of Tcl/Tk (e.g. Tcl/Tk Aqua).
* New sample script: irbtkw.rbw -- IRB on Ruby/Tk. It has no
trouble about STDIN blocking on Windows.
=== New methods and features
* builtin classes
* New method: Kernel#instance_variable_defined?
* New method: Module#class_variable_defined?
* New feature: Dir::glob() can now take an array of glob
patterns.
* digest
* New digest class methods: file
* New digest instance methods: clone, reset, new,
inspect, digest_length (alias size or length),
block_length()
* New library: digest/bubblebabble
* New function: Digest(name)
* fileutils
* New option for FileUtils.cp_r(): :remove_destination
* thread
* Replaced with much faster mutex implementation in C. The
former implementation is available with a configure option
`--disable-fastthread\'.
* webrick
* New method: WEBrick::Cookie.parse_set_cookies()
=== Compatibility issues (excluding feature bug fixes)
* builtin classes
* String#intern now raises SecurityError when $SAFE level is
greater than zero.
* fileutils
* A minor implementation change breaks Rake <=0.7.1.
Updating Rake to 0.7.2 fixes the problem.
* digest
* The constructor does no longer take an initial string to
feed; digest() and hexdigest() now do, instead.
For all details see the NEWS or ChangeLog file.
- rediffed patch ruby-1.8.2-gc.diff
new name ruby-1.8.6.p36_gc.patch
- rediffed patch ruby-1.8.2-tcltk-multilib.patch
new name ruby-1.8.6.p36_tcltk-multilib.patch
- rediffed patch ruby-socket_ipv6.patch
new name ruby-1.8.6.p36_socket_ipv6.patch
- rediffed patch ruby-1.8.5-vendor_ruby.patch
new name ruby-1.8.6.p36_vendor_ruby.patch
- rediffed patch ruby-1.8.5.p12-lib64.diff
new name ruby-1.8.6.p36_lib64.patch
Fri Mar 30 14:00:00 2007 rguentherAATTsuse.de
- add bison BuildRequires
- add emacs site-lisp directories
Fri Mar 23 13:00:00 2007 rguentherAATTsuse.de
- add gdbm-devel BuildRequires
Mon Feb 12 13:00:00 2007 mrueckertAATTsuse.de
- update to 1.8.5-p12:
* stable version 1.8.5-p12 released.
* ext/tk/tcltklib.c: shouldn\'t run the killed thread at callback.
[ruby-talk: 227408]
* lib/rdoc/ri/ri_options.rb: prevent NameError. [ruby-dev:29597]
* dir.c (glob_helper): get rid of possible memory leak.
* win32/win32.c (cmdglob, rb_w32_cmdvector, rb_w32_opendir,
rb_w32_get_environ): not to use GC before initialization.
* configure.in (SITE_DIR): fixed to emtpy RUBY_SITE_LIB in
config.h on NetBSD. fixed: [ruby-dev:29358]
* parse.y (dyna_init_gen): dvar initialization only if dvar is
assigned inner block. [ruby-talk:227402]
* stable version 1.8.5-p2 released.
* lib/cgi.rb (CGI::QueryExtension::read_multipart): should
quote boundary. JVN#84798830 (BNC #225983) (CVE-2006-6303)
* bignum.c (bignorm): avoid segmentation. a patch from Hiroyuki
Ito . [ruby-list:43012]
* parse.y (primary): should set NODE even when compstmt is NULL.
merge from trunk. fixed: [ruby-dev:29732]
* lib/cgi.rb (CGI::QueryExtension::read_multipart): CGI content
may be empty. a patch from Jamis Buck .
* ext/dbm/extconf.rb: create makefile according to the result of
check for dbm header. fixed: [ruby-dev:29445]
* hash.c (rb_hash_s_create): fixed memory leak, based on the
patch by Kent Sibilev .
fixed: [ruby-talk:211233]
- rediffed ruby-1.8.1-lib64.diff
new name ruby-1.8.5.p12-lib64.diff
- patches included in the update:
cgi_multipart_eof_fix.patch
ruby-1.8.4-fix-alias-safe-level.patch
ruby-1.8.4-fix-insecure-dir-operation.patch
ruby-1.8.4-fix-insecure-regexp-modification.patch
ruby-1.8.4-no-eaccess.diff
ruby-1.8.4-warnings.patch
ruby-fix-autoconf-magic-code.patch
- added ruby-1.8.x-autoconf_2.61a.patch:
config.status changed to awk in 2.61a. adapt mkconfig.rb to the
new syntax.
Mon Oct 30 13:00:00 2006 mrueckertAATTsuse.de
- added cgi_multipart_eof_fix.patch:
fix for a denial of service condition in cgi.rb CVE-2006-5467
(#214916)
Fri Oct 20 14:00:00 2006 mrueckertAATTsuse.de
- run ldconfig
- add site_ruby and vendor_ruby arch directories to the filelist
Wed Sep 27 14:00:00 2006 mrueckertAATTsuse.de
- added ruby-1.8.5-vendor_ruby.patch, site-specific.rb, vendor-specific.rb:
add vendor_ruby support. This is a small change for packager.
you can now run \'ruby -rvendor-specific extconf.rb\' (or setup.rb)
and it will be automatically installed in
%{_libdir}/ruby/vendor_ruby.
Sat Aug 26 14:00:00 2006 mrueckertAATTsuse.de
- Update to version 1.8.5:
o Non-blocking IO
| - Several methods backported from HEAD have been added:
| - BasicSocket?#recv_nonblock
| - IO#read_nonblock
| - IO#write_nonblock
| - Socket#accept_nonblock
| - Socket#connect_nonblock
| - Socket#recvfrom_nonblock
| - TCPServer#accept_nonblock
| - UDPSocket#recvfrom_nonblock
| - UNIXServer#accept_nonblock
| (see ruby-core:7917, ruby-core:7925).
|
o Process.getrlimit/setrlimit See ruby-dev:28729.
|
o Changes in rdoc/ri
| - lots of documentation added
| - RubyGems support: ri will search gem installation dirs for
| additional documentation
| - new options to limit the search path
|
o RSS
| - added RSS::RootElementMixin?#to_xml (ruby-talk:197284), which
| can be used to convert feeds to a different RSS version as
| follows:
| [[[
| rss10 = RSS::Parser.parse(File.read(\"1.0.rdf\"))
| File.open(\"2.0.rss\", \"w\") {|f| f.print(rss10.to_xml(\"2.0\"))}
| ]]]
| - Support for taxonomies added to the RSS parser and generator.
| - A number of convenience methods added
| - New style API for RSS generation ruby-talk:197284
| [[[
| The recommended style is nowxxx.new_yyy do |yyy|
| yyy.zzz = zzz
| ...
| end
|
|
| This corresponds to the following in pre-1.8.5:
| yyy = xxx.new_yyy
| yyy.zzz = zzz
| ]]]
o Misc
| - added Kernel.Pathname(path)
| - added Kernel#pretty_inspect
| - changes in the GC subsystem that result in better performance
| in some cases
| - added OptionParser?#getopts
| - the per-object overhead went down to 20 bytes on win32
| (from 24) ruby-core:7474
o What breaks (!!!)
| - Binding.of_caller, and therefore breakpoint (including Rails\')
| - several problems in ri reported: the documentation for some
| methods seems to have disappeared, and several methods that
| should not be documented appear in the indices;
| see ruby-core:08709
- removed patches, which are included in 1.8.5:
ruby-1.8.4-fix-insecure-dir-operation.patch
ruby-1.8.4-fix-insecure-regexp-modification.patch
ruby-1.8.4-fix-alias-safe-level.patch
- updated ruby-1.8.4_linkerflags.patch.
new name ruby-1.8.5_linkerflags.patch
Mon Jul 31 14:00:00 2006 mrueckertAATTsuse.de
- added ruby-fix-autoconf-magic-code.patch:
Fix for the latest changes in the autoconf code.
Mon Jul 31 14:00:00 2006 mrueckertAATTsuse.de
- security fixes [CVE-2006-3694] [#193661]
* added ruby-1.8.4-fix-insecure-dir-operation.patch &
ruby-1.8.4-fix-insecure-regexp-modification.patch:
fix the insecure operations in the certain safe-level
restrictions.
* ruby-1.8.4-fix-alias-safe-level.patch: preserve safe level
restrictions when aliasing a function.