Add patch to cgi.rb for fixing security problem (CVE-2006-5467).

Bump PKGREVISION.
2006-11-03 05:36:23 +00:00 · 2006-11-03 05:36:23 +00:00 · 1a6efd4a5b
commit 1a6efd4a5b
parent 5b5e9f3e6c
3 changed files with 17 additions and 3 deletions
--- a/lang/ruby18-base/Makefile
+++ b/lang/ruby18-base/Makefile
@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.27 2006/10/29 02:45:42 taca Exp $
+# $NetBSD: Makefile,v 1.28 2006/11/03 05:36:23 taca Exp $
 #

 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}

--- a/lang/ruby18-base/distinfo
+++ b/lang/ruby18-base/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2006/10/29 02:45:42 taca Exp $
+$NetBSD: distinfo,v 1.16 2006/11/03 05:36:23 taca Exp $

 SHA1 (ruby-1.8.5-base-20060906.patch.bz2) = 99c283e6d9df4f90ab6d765041b91d37c70dd3ee
 RMD160 (ruby-1.8.5-base-20060906.patch.bz2) = 3b51a6b1d9badd76dc50735971411fa0800d2e85
@ -9,3 +9,4 @@ Size (ruby-1.8.5.tar.gz) = 4438603 bytes
 SHA1 (patch-aa) = c5413c506b93657d909bc3cbdcdb51e7c216491e
 SHA1 (patch-ab) = a1a76abd093a08e76be61678febd5f8c8cba164d
 SHA1 (patch-ae) = dfa9c5296c75f6193c790fca8d3eb15ad4a9f228
+SHA1 (patch-bl) = cfb31ebef08aebf9ce3bc6e44c83e1727950ef76
--- a/lang/ruby18-base/patches/patch-bl
+++ b/lang/ruby18-base/patches/patch-bl
@ -0,0 +1,13 @@
+$NetBSD: patch-bl,v 1.3 2006/11/03 05:36:23 taca Exp $
+
+--- lib/cgi.rb.orig	2006-11-02 22:44:37.000000000 +0900
+++ lib/cgi.rb
+@@ -1018,7 +1018,7 @@ class CGI
+               else
+                 stdinput.read(content_length)
+               end
+-          if c.nil?
+          if c.nil? || c.empty?
+             raise EOFError, "bad content body"
+           end
+           buf.concat(c)