diff options
-rw-r--r-- | .cvsignore | 2 | ||||
-rw-r--r-- | rubygem-actionpack-2.3.5-rack-compat.patch (renamed from rubygem-actionpack-2.3.4-rack-compat.patch) | 12 | ||||
-rw-r--r-- | rubygem-actionpack-2.3.x-CVE-2009-4214.patch | 39 | ||||
-rw-r--r-- | rubygem-actionpack.spec | 11 | ||||
-rw-r--r-- | sources | 2 |
5 files changed, 14 insertions, 52 deletions
@@ -1 +1 @@ -actionpack-2.3.4.gem +actionpack-2.3.5.gem diff --git a/rubygem-actionpack-2.3.4-rack-compat.patch b/rubygem-actionpack-2.3.5-rack-compat.patch index 8583a21..5e6451f 100644 --- a/rubygem-actionpack-2.3.4-rack-compat.patch +++ b/rubygem-actionpack-2.3.5-rack-compat.patch @@ -1,25 +1,25 @@ --- Rakefile.debug 2010-01-07 03:03:57.000000000 +0900 -+++ Rakefile 2010-01-07 03:05:36.000000000 +0900 ++++ Rakefile 2010-01-28 00:43:00.000000000 +0900 @@ -80,7 +80,7 @@ s.requirements << 'none' - s.add_dependency('activesupport', '= 2.3.4' + PKG_BUILD) + s.add_dependency('activesupport', '= 2.3.5' + PKG_BUILD) - s.add_dependency('rack', '~> 1.0.0') + s.add_dependency('rack', '>= 1.0.0') s.require_path = 'lib' s.autorequire = 'action_controller' --- lib/action_controller.rb.debug 2010-01-07 03:03:57.000000000 +0900 -+++ lib/action_controller.rb 2010-01-07 03:05:36.000000000 +0900 ++++ lib/action_controller.rb 2010-01-28 00:43:00.000000000 +0900 @@ -31,7 +31,7 @@ end end --gem 'rack', '~> 1.0.0' -+gem 'rack', '>= 1.0.0' +-gem 'rack', '~> 1.0.1' ++gem 'rack', '>= 1.0.1' require 'rack' + require 'action_controller/cgi_ext' - module ActionController --- lib/action_controller/integration.rb.debug 2010-01-07 03:03:57.000000000 +0900 +++ lib/action_controller/integration.rb 2010-01-07 18:46:03.000000000 +0900 @@ -320,9 +320,25 @@ diff --git a/rubygem-actionpack-2.3.x-CVE-2009-4214.patch b/rubygem-actionpack-2.3.x-CVE-2009-4214.patch deleted file mode 100644 index d180be8..0000000 --- a/rubygem-actionpack-2.3.x-CVE-2009-4214.patch +++ /dev/null @@ -1,39 +0,0 @@ -From bfe032858077bb2946abe25e95e485ba6da86bd5 Mon Sep 17 00:00:00 2001
-From: Gabe da Silveira <gabe@websaviour.com>
-Date: Mon, 16 Nov 2009 21:17:35 -0800
-Subject: [PATCH] Make sure strip_tags removes tags which start with a non-printable character
-
-Signed-off-by: Michael Koziarski <michael@koziarski.com>
----
- .../vendor/html-scanner/html/node.rb | 2 +-
- .../test/controller/html-scanner/sanitizer_test.rb | 1 +
- 2 files changed, 2 insertions(+), 1 deletions(-)
-
-diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
-index 6c03316..0cd05d8 100644
---- a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
-+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
-@@ -162,7 +162,7 @@ module HTML #:nodoc:
- end
-
- closing = ( scanner.scan(/\//) ? :close : nil )
-- return Text.new(parent, line, pos, content) unless name = scanner.scan(/[\w:-]+/)
-+ return Text.new(parent, line, pos, content) unless name = scanner.scan(/[-:\w\x00-\x09\x0b-\x0c\x0e-\x1f]+/)
- name.downcase!
-
- unless closing
-diff --git a/actionpack/test/controller/html-scanner/sanitizer_test.rb b/actionpack/test/controller/html-scanner/sanitizer_test.rb
-index e85a5c7..1923544 100644
---- a/actionpack/test/controller/html-scanner/sanitizer_test.rb
-+++ b/actionpack/test/controller/html-scanner/sanitizer_test.rb
-@@ -19,6 +19,7 @@ class SanitizerTest < ActionController::TestCase
- assert_equal "This has a here.", sanitizer.sanitize("This has a <!-- comment --> here.")
- assert_equal "This has a here.", sanitizer.sanitize("This has a <![CDATA[<section>]]> here.")
- assert_equal "This has an unclosed ", sanitizer.sanitize("This has an unclosed <![CDATA[<section>]] here...")
-+ assert_equal "non printable char is a tag", sanitizer.sanitize("<\x07a href='/hello'>non printable char is a tag</a>")
- [nil, '', ' '].each { |blank| assert_equal blank, sanitizer.sanitize(blank) }
- end
-
---
-1.6.0.1
-
diff --git a/rubygem-actionpack.spec b/rubygem-actionpack.spec index a12c62a..8215a6e 100644 --- a/rubygem-actionpack.spec +++ b/rubygem-actionpack.spec @@ -9,18 +9,17 @@ Summary: Web-flow and rendering framework putting the VC in MVC Name: rubygem-%{gemname} Epoch: 1 -Version: 2.3.4 -Release: 4%{?dist} +Version: 2.3.5 +Release: 1%{?dist} Group: Development/Languages License: MIT URL: http://www.rubyonrails.org Source0: http://gems.rubyforge.org/gems/%{gemname}-%{version}.gem Patch0: rubygem-actionpack-2.3.4-enable-test.patch -Patch1: rubygem-actionpack-2.3.x-CVE-2009-4214.patch # # Please someone fix the following Patch2!! (mtasaka) # -Patch2: rubygem-actionpack-2.3.4-rack-compat.patch +Patch2: rubygem-actionpack-2.3.5-rack-compat.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: rubygems Requires: rubygem(activesupport) = %{version} @@ -54,7 +53,6 @@ sed -i -e '/rack/s|~>|>=|' \ pushd .%{geminstdir} %patch0 -p0 -%patch1 -p2 %patch2 -p0 # create missing symlink @@ -121,6 +119,9 @@ rake test --trace %changelog +* Thu Jan 28 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1:2.3.5-1 +- Update to 2.3.5 + * Fri Jan 8 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1:2.3.4-4 - Workaround patch to fix for rack 1.1.0 dependency (bug 552972) @@ -1 +1 @@ -da53635065d9083ec37be4a36763af9c actionpack-2.3.4.gem +c32297f6e4af8ac9971dbc116e98a636 actionpack-2.3.5.gem |