[ubuntu/trusty-proposed] ruby1.9.1 1.9.3.448-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Nov 25 15:58:16 UTC 2013
ruby1.9.1 (1.9.3.448-1ubuntu1) trusty; urgency=low
* Merge from Debian. Remaining changes:
- debian/control: Add ca-certificates to libruby1.9.1 depends so that
rubygems can perform certificate verification
- debian/rules: Don't install SSL certificates from upstream sources
- debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
/etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
ruby1.9.1 (1.9.3.448-1) unstable; urgency=low
* New upstream release
+ Includes fix for potential thread deadlock after fork()
Closes: #698208
+ Includes fix for test error originally introduced by patch for
CVE-2012-4522
Closes: #701142
+ Includes fix for CVE-2012-4466 and CVE-2012-4464
Closes: #701144
+ Includes fix for incorrect setting of FD_CLOEXEC with F_SETFL instead of
F_SETFD
Closes: #696281
+ debian/patches/2013-09-08-restore-rb_f_lambda-declaration.patch:
backport upstream patch to reintroduce the declaration of rb_f_lamdba
for backwards compatibility.
+ Dropped patches already applied upstream; refreshed all others.
* Review of remaining patches in debian/patches/series:
+ 909_update_lib_README.diff: obsolete and ultimately wrong. Removed
+ 903_skip_base_ruby_check.diff: can't see a reason why this would be
needed. Removed.
* move logic to skip DRB tests inside debian/run-test-suites.bash
* Acknowledge security-related NMU's by Salvatore Bonaccorso.
+ Both CVE-2013-1821.patch and CVE-2013-4073.patch already applied in this
upstream version, not included anymore
* debian/rules: acknowledge reality, put myself as maintainer.
* debian/rules: dropped --with-baseruby=/usr/bin/ruby1.8. This way the build
will just use `ruby` for bootstrapping. Also, build-depend on ruby |
ruby-interpreter instead of ruby1.8; this way ruby1.9.1 can be
bootstrapped with any Ruby interpreter, and we can leave ruby1.8 Rest In
Peace.
* debian/rules: applied patch from Timothy Pearson to install pkg-config
file.
Closes: #688002
* debian/libruby1.9.1.symbols: removed debian revision from version numbers
for symbols introduced in 1.9.3.194
* debian/control: bump Standards-Version to 3.9.4. No changes needed.
* debian/control: remove -1 from build dependency on coreutils
ruby1.9.1 (1.9.3.194-8.2) unstable; urgency=high
* Non-maintainer upload.
* Add CVE-2013-4073.patch patch.
CVE-2013-4073: Fix hostname check bypassing vulnerability in SSL client.
(Closes: #714543)
Date: Mon, 25 Nov 2013 09:59:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/ruby1.9.1/1.9.3.448-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 25 Nov 2013 09:59:41 -0500
Source: ruby1.9.1
Binary: ruby1.9.1 libruby1.9.1 libruby1.9.1-dbg ruby1.9.1-dev libtcltk-ruby1.9.1 ruby1.9.1-examples ri1.9.1 ruby1.9.1-full ruby1.9.3
Architecture: source
Version: 1.9.3.448-1ubuntu1
Distribution: trusty
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libruby1.9.1 - Libraries necessary to run Ruby 1.9.1
libruby1.9.1-dbg - Debugging symbols for Ruby 1.9.1
libtcltk-ruby1.9.1 - Tcl/Tk interface for Ruby 1.9.1
ri1.9.1 - Ruby Interactive reference (for Ruby 1.9.1)
ruby1.9.1 - Interpreter of object-oriented scripting language Ruby
ruby1.9.1-dev - Header files for compiling extension modules for the Ruby 1.9.1
ruby1.9.1-examples - Examples for Ruby 1.9
ruby1.9.1-full - Ruby 1.9.1 full installation
ruby1.9.3 - Interpreter of object-oriented scripting language Ruby, version 1
Closes: 688002 696281 698208 701142 701144 714543
Changes:
ruby1.9.1 (1.9.3.448-1ubuntu1) trusty; urgency=low
.
* Merge from Debian. Remaining changes:
- debian/control: Add ca-certificates to libruby1.9.1 depends so that
rubygems can perform certificate verification
- debian/rules: Don't install SSL certificates from upstream sources
- debian/patches/20120927-rubygems_disable_upstream_certs.patch: Use
/etc/ssl/certs/ca-certificates.crt for the trusted CA certificates.
.
ruby1.9.1 (1.9.3.448-1) unstable; urgency=low
.
* New upstream release
+ Includes fix for potential thread deadlock after fork()
Closes: #698208
+ Includes fix for test error originally introduced by patch for
CVE-2012-4522
Closes: #701142
+ Includes fix for CVE-2012-4466 and CVE-2012-4464
Closes: #701144
+ Includes fix for incorrect setting of FD_CLOEXEC with F_SETFL instead of
F_SETFD
Closes: #696281
+ debian/patches/2013-09-08-restore-rb_f_lambda-declaration.patch:
backport upstream patch to reintroduce the declaration of rb_f_lamdba
for backwards compatibility.
+ Dropped patches already applied upstream; refreshed all others.
* Review of remaining patches in debian/patches/series:
+ 909_update_lib_README.diff: obsolete and ultimately wrong. Removed
+ 903_skip_base_ruby_check.diff: can't see a reason why this would be
needed. Removed.
* move logic to skip DRB tests inside debian/run-test-suites.bash
* Acknowledge security-related NMU's by Salvatore Bonaccorso.
+ Both CVE-2013-1821.patch and CVE-2013-4073.patch already applied in this
upstream version, not included anymore
* debian/rules: acknowledge reality, put myself as maintainer.
* debian/rules: dropped --with-baseruby=/usr/bin/ruby1.8. This way the build
will just use `ruby` for bootstrapping. Also, build-depend on ruby |
ruby-interpreter instead of ruby1.8; this way ruby1.9.1 can be
bootstrapped with any Ruby interpreter, and we can leave ruby1.8 Rest In
Peace.
* debian/rules: applied patch from Timothy Pearson to install pkg-config
file.
Closes: #688002
* debian/libruby1.9.1.symbols: removed debian revision from version numbers
for symbols introduced in 1.9.3.194
* debian/control: bump Standards-Version to 3.9.4. No changes needed.
* debian/control: remove -1 from build dependency on coreutils
.
ruby1.9.1 (1.9.3.194-8.2) unstable; urgency=high
.
* Non-maintainer upload.
* Add CVE-2013-4073.patch patch.
CVE-2013-4073: Fix hostname check bypassing vulnerability in SSL client.
(Closes: #714543)
Checksums-Sha1:
3d8b5a5258459826bc4dff81ec403da67d383bbe 2755 ruby1.9.1_1.9.3.448-1ubuntu1.dsc
c7f736e3bc1ca1e6619a9121837dd0840aad77ce 12559260 ruby1.9.1_1.9.3.448.orig.tar.gz
e01d626fa5ba70a1df61ee665ba9e3cc43091503 57177 ruby1.9.1_1.9.3.448-1ubuntu1.debian.tar.gz
Checksums-Sha256:
e2741990d28f5d097031955ab8d5df25fef19b7c18cf19db08c0b9578bf405c6 2755 ruby1.9.1_1.9.3.448-1ubuntu1.dsc
2f35e186543a03bec5e603296d6d8828b94ca58bab049b67b1ceb61d381bc8a7 12559260 ruby1.9.1_1.9.3.448.orig.tar.gz
37ae6fbb7a1717bc4c4fec582d4b0752264ef8a1ba108df0b79ddec8f3c7ad85 57177 ruby1.9.1_1.9.3.448-1ubuntu1.debian.tar.gz
Files:
2f518151b99db632159f5c3368fd2eb6 2755 ruby optional ruby1.9.1_1.9.3.448-1ubuntu1.dsc
a893cff26bcf351b8975ebf2a63b1023 12559260 ruby optional ruby1.9.1_1.9.3.448.orig.tar.gz
d16ed44f11f5e82df36b2e38b0f0ae24 57177 ruby optional ruby1.9.1_1.9.3.448-1ubuntu1.debian.tar.gz
Original-Maintainer: Antonio Terceiro <terceiro at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBCgAGBQJSk26aAAoJEGVp2FWnRL6T/6YP/ixFkuyGR9r8TpJvpnunk3U8
le2B6kC9D9TewDbNn1KJ77haiXiAqE6iTw5iPLb1qtg3FnJ/bUT26mTJx9/0mq8t
I+dU9rUmAbv0ngXC3IQXgr/oXD9sjI7ubYdcYUFq9bvz0J1Pp+BEx3/8gvtrGA+r
EDuBX2cbKPK362ONX/5l27aQt0nBfNZrm5fQLYheL01EQe+w7YDaIbV6lViysbDy
yHtchodFULW/lvW///ofsiIZHuDEV5PoDbljN9IQ+PN9/2Yeu7Xvddur1Iwrb2Xa
JFggU8CCBg6l8u3Rta3JRu0os85l/5XNr50oSMIdNjJjC5u6SPWXGsTYQ2dbkIP6
r7AvS3XfJHq+hRbG/v+bmxby7zIfGv4zLt3qBuxiOdDzBi1ejBKmow3wqK2k2chg
DMvsAEwnHjlOW5LBHgpAEFHeEU7eZLvOTqCOuOptYtghDwG/jmRKgBN6+25EWRaS
i1xJi7bBz6r8TiTGc1Sm8/KdHhRwiCaAkHJZ1+bw46PPbSX0UCuyi3nWPeaJbiv/
deWYmReR1E29DxprRxp6H+lANmZfPCEjFZPBSxMLeqROJoSeu+pGSIh0T3zQYI+e
yg9l0zmmeZXb+KKye0lYy4hCrpYKmmm+MfoXE9gPXpZ517S0AsBBBzO44evP2Lj4
TrJNb4WTBDl4yHaPv1/w
=GqYL
-----END PGP SIGNATURE-----
More information about the Trusty-changes
mailing list