Bug#692231: unblock: ruby1.8/1.8.7.358-6

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#692231: unblock: ruby1.8/1.8.7.358-6
From: Antonio Terceiro <terceiro@debian.org>
Date: Sat, 3 Nov 2012 21:08:25 +0100
Message-id: <[🔎] 20121103200825.GA10975@debian.org>
Reply-to: Antonio Terceiro <terceiro@debian.org>, 692231@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package ruby1.8

This upload fixes a build problem in kfreebsd-* (#691793).

You will find attached the debdiff against the package in testing.

unblock ruby1.8/1.8.7.358-6

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=pt_BR.utf8, LC_CTYPE=pt_BR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- 
Antonio Terceiro <terceiro@debian.org>

diff -Nru ruby1.8-1.8.7.358/debian/changelog ruby1.8-1.8.7.358/debian/changelog
--- ruby1.8-1.8.7.358/debian/changelog	2012-06-02 12:34:01.000000000 +0200
+++ ruby1.8-1.8.7.358/debian/changelog	2012-11-01 01:20:28.000000000 +0100
@@ -1,3 +1,17 @@
+ruby1.8 (1.8.7.358-6) unstable; urgency=high
+
+  * Timeout the execution of the tests after 2 hours. This should fix the
+    build on kfreebsd-* (Closes: #691793) and hurd.
+
+ -- Antonio Terceiro <terceiro@debian.org>  Wed, 31 Oct 2012 22:12:50 +0100
+
+ruby1.8 (1.8.7.358-5) unstable; urgency=high
+
+  * added debian/patches/CVE-2012-4481.patch to fix CVE-2012-4481
+    (Closes: #689945)
+
+ -- Antonio Terceiro <terceiro@debian.org>  Sun, 14 Oct 2012 19:45:52 -0300
+
 ruby1.8 (1.8.7.358-4) unstable; urgency=low
 
   * debian/rules: avoid running DRB tests, since they crash and leave runaway
diff -Nru ruby1.8-1.8.7.358/debian/patches/CVE-2012-4481.patch ruby1.8-1.8.7.358/debian/patches/CVE-2012-4481.patch
--- ruby1.8-1.8.7.358/debian/patches/CVE-2012-4481.patch	1970-01-01 01:00:00.000000000 +0100
+++ ruby1.8-1.8.7.358/debian/patches/CVE-2012-4481.patch	2012-10-15 00:45:15.000000000 +0200
@@ -0,0 +1,18 @@
+Description: avoid breaking safefity in strings passed to Exception#to_s
+ Fixes CVE-2012-4481
+Bug-Debian: http://bugs.debian.org/689945
+Origin: http://seclists.org/oss-sec/2012/q4/22
+Reviewed-By: Antonio Terceiro <terceiro@debian.org>
+
+--- ruby1.8-1.8.7.358.orig/error.c
++++ ruby1.8-1.8.7.358/error.c
+@@ -665,9 +665,6 @@ name_err_to_s(exc)
+ 
+     if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));
+     StringValue(str);
+-    if (str != mesg) {
+-	OBJ_INFECT(str, mesg);
+-    }
+     return str;
+ }
+ 
diff -Nru ruby1.8-1.8.7.358/debian/patches/series ruby1.8-1.8.7.358/debian/patches/series
--- ruby1.8-1.8.7.358/debian/patches/series	2012-05-27 15:59:27.000000000 +0200
+++ ruby1.8-1.8.7.358/debian/patches/series	2012-10-15 00:43:03.000000000 +0200
@@ -13,3 +13,4 @@
 110703_CVE-2011-0188.patch
 tcltk-no-rpath.patch
 use-ldflags.patch
+CVE-2012-4481.patch
diff -Nru ruby1.8-1.8.7.358/debian/rules ruby1.8-1.8.7.358/debian/rules
--- ruby1.8-1.8.7.358/debian/rules	2012-06-02 12:31:13.000000000 +0200
+++ ruby1.8-1.8.7.358/debian/rules	2012-10-31 23:12:27.000000000 +0100
@@ -65,7 +65,7 @@
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
 	# avoid running drb tests -- they make buildds hang forever
 	mv test/drb _test_drb
-	-make test-all
+	-timeout 2h make test-all
 	mv _test_drb test/drb
 endif

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#692231: marked as done (unblock: ruby1.8/1.8.7.358-6)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#692145: unblock: maradns/1.4.12-4
Next by Date: Re: Freeze exception request for intel-microcode and amd64-microcode
Previous by thread: Bug#692227: RM: simgear/2.4.0-1.3
Next by thread: Bug#692231: marked as done (unblock: ruby1.8/1.8.7.358-6)
Index(es):
- Date
- Thread