Hello community, here is the log from the commit of package ruby checked in at Mon Jul 31 16:58:13 CEST 2006. -------- --- ruby/ruby.changes 2006-04-10 18:19:34.000000000 +0200 +++ ruby/ruby.changes 2006-07-31 16:00:11.000000000 +0200 @@ -1,0 +2,17 @@ +Mon Jul 31 15:59:55 CEST 2006 - mrueckert@suse.de + +- added ruby-fix-autoconf-magic-code.patch: + Fix for the latest changes in the autoconf code. + +------------------------------------------------------------------- +Mon Jul 31 15:43:29 CEST 2006 - mrueckert@suse.de + +- security fixes [CVE-2006-3694] [#193661] + * added ruby-1.8.4-fix-insecure-dir-operation.patch & + ruby-1.8.4-fix-insecure-regexp-modification.patch: + fix the insecure operations in the certain safe-level + restrictions. + * ruby-1.8.4-fix-alias-safe-level.patch: preserve safe level + restrictions when aliasing a function. + +------------------------------------------------------------------- New: ---- ruby-1.8.4-fix-alias-safe-level.patch ruby-1.8.4-fix-insecure-dir-operation.patch ruby-1.8.4-fix-insecure-regexp-modification.patch ruby-fix-autoconf-magic-code.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ruby.spec ++++++ --- /var/tmp/diff_new_pack.zASKBc/_old 2006-07-31 16:57:43.000000000 +0200 +++ /var/tmp/diff_new_pack.zASKBc/_new 2006-07-31 16:57:43.000000000 +0200 @@ -15,7 +15,7 @@ %define rb_ver %(echo %{version} | sed -e 's/\\\.[0-9]\\\+$//') URL: http://www.ruby-lang.org/ Version: 1.8.4 -Release: 12 +Release: 17 License: GPL, Other License(s), see package Group: Development/Languages/Ruby Summary: An Interpreted Object-Oriented Scripting Language @@ -29,6 +29,10 @@ Patch7: ruby-socket_ipv6.patch Patch8: ruby-1.8.4-warnings.patch Patch9: ruby-1.8.4_linkerflags.patch +Patch10: ruby-1.8.4-fix-insecure-dir-operation.patch +Patch11: ruby-1.8.4-fix-insecure-regexp-modification.patch +Patch12: ruby-1.8.4-fix-alias-safe-level.patch +Patch13: ruby-fix-autoconf-magic-code.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -183,6 +187,10 @@ %patch7 #%patch8 %patch9 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 find . -type f | xargs -n 1 sed -i "s@#!\s*/usr/local/bin/ruby@#!/usr/bin/ruby@" touch parse.y @@ -241,9 +249,7 @@ --op=rdoc/html . %install - %makeinstall - %makeinstall -C ext/tk/ %{__install} -Dd -m 0755 \ %{buildroot}%{_docdir}/%{name}{,-test-suite} \ @@ -423,6 +429,17 @@ %doc %{_docdir}/%{name}/examples %changelog -n ruby +* Mon Jul 31 2006 - mrueckert@suse.de +- added ruby-fix-autoconf-magic-code.patch: + Fix for the latest changes in the autoconf code. +* Mon Jul 31 2006 - mrueckert@suse.de +- security fixes [CVE-2006-3694] [#193661] + * added ruby-1.8.4-fix-insecure-dir-operation.patch & + ruby-1.8.4-fix-insecure-regexp-modification.patch: + fix the insecure operations in the certain safe-level + restrictions. + * ruby-1.8.4-fix-alias-safe-level.patch: preserve safe level + restrictions when aliasing a function. * Mon Apr 10 2006 - mrueckert@suse.de - build with -fno-strict-aliasing - enable more tests on ppc ++++++ ruby-1.8.4-fix-alias-safe-level.patch ++++++ diff -ruN ruby-1.8.4.orig/eval.c ruby-1.8.4/eval.c --- ruby-1.8.4.orig/eval.c 2005-12-20 22:41:47.000000000 +0900 +++ ruby-1.8.4/eval.c 2006-07-20 18:33:50.000000000 +0900 @@ -2097,7 +2097,8 @@ } } st_insert(RCLASS(klass)->m_tbl, name, - (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), orig->nd_noex)); + (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), + NOEX_WITH_SAFE(orig->nd_noex))); if (singleton) { rb_funcall(singleton, singleton_added, 1, ID2SYM(name)); } @@ -5638,6 +5639,11 @@ TMP_PROTECT; volatile int safe = -1; + if (NOEX_SAFE(flags) > ruby_safe_level && + !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { + rb_raise(rb_eSecurityError, "calling insecure method: %s", + rb_id2name(id)); + } switch (ruby_iter->iter) { case ITER_PRE: case ITER_PAS: @@ -5742,10 +5748,6 @@ b2 = body = body->nd_next; if (NOEX_SAFE(flags) > ruby_safe_level) { - if (!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { - rb_raise(rb_eSecurityError, "calling insecure method: %s", - rb_id2name(id)); - } safe = ruby_safe_level; ruby_safe_level = NOEX_SAFE(flags); } ++++++ ruby-1.8.4-fix-insecure-dir-operation.patch ++++++ diff -ruN ruby-1.8.4.orig/dir.c ruby-1.8.4/dir.c --- ruby-1.8.4.orig/dir.c 2005-09-14 22:40:58.000000000 +0900 +++ ruby-1.8.4/dir.c 2006-07-19 22:14:05.000000000 +0900 @@ -325,7 +325,17 @@ rb_raise(rb_eIOError, "closed directory"); } +static void +dir_check(dir) + VALUE dir; +{ + if (!OBJ_TAINTED(dir) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: operation on untainted Dir"); + rb_check_frozen(dir); +} + #define GetDIR(obj, dirp) do {\ + dir_check(dir);\ Data_Get_Struct(obj, struct dir_data, dirp);\ if (dirp->dir == NULL) dir_closed();\ } while (0) @@ -536,6 +546,9 @@ { struct dir_data *dirp; + if (rb_safe_level() >= 4 && !OBJ_TAINTED(dir)) { + rb_raise(rb_eSecurityError, "Insecure: can't close"); + } GetDIR(dir, dirp); closedir(dirp->dir); dirp->dir = NULL; ++++++ ruby-1.8.4-fix-insecure-regexp-modification.patch ++++++ diff -ruN ruby-1.8.4.orig/re.c ruby-1.8.4/re.c --- ruby-1.8.4.orig/re.c 2005-12-13 12:27:51.000000000 +0900 +++ ruby-1.8.4/re.c 2006-07-19 18:07:59.000000000 +0900 @@ -70,10 +70,11 @@ #endif int -rb_memcicmp(p1, p2, len) - char *p1, *p2; +rb_memcicmp(x, y, len) + const void *x, *y; long len; { + const unsigned char *p1 = x, *p2 = y; int tmp; while (len--) { @@ -85,7 +86,7 @@ int rb_memcmp(p1, p2, len) - char *p1, *p2; + const void *p1, *p2; long len; { if (!ruby_ignorecase) { @@ -96,11 +97,11 @@ long rb_memsearch(x0, m, y0, n) - char *x0, *y0; + const void *x0, *y0; long m, n; { - unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0; - unsigned char *s, *e; + const unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0; + const unsigned char *s, *e; long i; int d; unsigned long hx, hy; @@ -1332,6 +1333,8 @@ { struct RRegexp *re = RREGEXP(obj); + if (!OBJ_TAINTED(obj) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: can't modify regexp"); if (re->ptr) re_free_pattern(re->ptr); if (re->str) free(re->str); re->ptr = 0; diff -ruN ruby-1.8.4.orig/intern.h ruby-1.8.4/intern.h --- ruby-1.8.4.orig/intern.h 2006-07-19 18:13:49.000000000 +0900 +++ ruby-1.8.4/intern.h 2006-07-19 18:20:34.000000000 +0900 @@ -353,9 +353,9 @@ VALUE rb_range_beg_len _((VALUE, long*, long*, long, int)); VALUE rb_length_by_each _((VALUE)); /* re.c */ -int rb_memcmp _((char*,char*,long)); -int rb_memcicmp _((char*,char*,long)); -long rb_memsearch _((char*,long,char*,long)); +int rb_memcmp _((const void*,const void*,long)); +int rb_memcicmp _((const void*,const void*,long)); +long rb_memsearch _((const void*,long,const void*,long)); VALUE rb_reg_nth_defined _((int, VALUE)); VALUE rb_reg_nth_match _((int, VALUE)); VALUE rb_reg_last_match _((VALUE)); ++++++ ruby-fix-autoconf-magic-code.patch ++++++ diff -ruN ruby-1.8.4.orig/mkconfig.rb ruby-1.8.4/mkconfig.rb --- ruby-1.8.4.orig/mkconfig.rb 2006-07-19 20:39:48.000000000 +0900 +++ ruby-1.8.4/mkconfig.rb 2006-07-19 20:40:12.000000000 +0900 @@ -37,6 +37,7 @@ has_version = false File.foreach "config.status" do |line| next if /^#/ =~ line + line.gsub!(/\|#_!!_#\|/, '') if /^s[%,]@program_transform_name@[%,]s,(.*)/ =~ line next if $install_name ptn = $1.sub(/\$\$/, '$').split(/,/) #' ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit-unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit-help@opensuse.org