[Frugalware-darcs] frugalware-0.6: activesupport-1.4.1-2terminus1-i686

voroskoi voroskoi at frugalware.org
Tue Jul 10 09:57:43 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070710075431-dd049-91cbf9881dd01dbef6f21b16c7cff771a3c408c0.gz;

[activesupport-1.4.1-2terminus1-i686
voroskoi <voroskoi at frugalware.org>**20070710075431
 secfix relbump, closes #2200
] {
addfile ./source/devel-extra/activesupport/CVE-2007-3227.diff
hunk ./source/devel-extra/activesupport/CVE-2007-3227.diff 1
+diff -aur activesupport-1.4.1/lib/active_support/json/encoders/core.rb fw-activesupport-1.4.1/lib/active_support/json/encoders/core.rb
+--- activesupport-1.4.1/lib/active_support/json/encoders/core.rb	2007-07-10 08:39:57.000000000 +0200
++++ fw-activesupport-1.4.1/lib/active_support/json/encoders/core.rb	2007-07-10 08:45:49.000000000 +0200
+@@ -24,11 +24,13 @@
+         "\r" =>    '\r',
+         "\t" =>    '\t',
+         '"' =>     '\"',
+-        '\\' =>    '\\\\'
++        '\\' =>    '\\\\',
++	">" =>     '\076',
++	'<' =>     '\074'
+       }
+       
+       define_encoder String do |string|
+-        '"' + string.gsub(/[\010\f\n\r\t"\\]/) { |s|
++        '"' + string.gsub(/[\010\f\n\r\t"\\><]/) { |s|
+           ESCAPED_CHARS[s]
+         }.gsub(/([\xC0-\xDF][\x80-\xBF]|
+                  [\xE0-\xEF][\x80-\xBF]{2}|
hunk ./source/devel-extra/activesupport/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/devel-extra/activesupport/FrugalBuild 12
+source=($source CVE-2007-3227.diff)
+sha1sums=('6173bc66739be28fed210fb9bfba3007e14c3211' \
+          'c0803b7f7f08bc7762250dc26f5eccd3186799e4')
hunk ./source/devel-extra/activesupport/FrugalBuild 16
-# optimalization OK
-
-sha1sums=('6173bc66739be28fed210fb9bfba3007e14c3211')
+# optimization OK
}


More information about the Frugalware-darcs mailing list