Hello community, here is the log from the commit of package ruby2.1 for openSUSE:Factory checked in at 2014-11-05 15:54:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ruby2.1 (Old) and /work/SRC/openSUSE:Factory/.ruby2.1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ruby2.1" Changes: -------- --- /work/SRC/openSUSE:Factory/ruby2.1/ruby2.1.changes 2014-10-25 08:33:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ruby2.1.new/ruby2.1.changes 2014-11-05 15:54:48.000000000 +0100 @@ -1,0 +2,71 @@ +Tue Oct 28 00:30:05 UTC 2014 - mrueckert@suse.de + +- update to 2.1.4: + - Denial of Service XML Expansion CVE-2014-8080 + - keep the entity size within the limitation. + - Changed default settings of ext/openssl related to CVE-2014-3566 + - Explicitly whitelist the default SSL/TLS ciphers. Forbid + SSLv2 and SSLv3, disable compression by default. + - test/ruby/test_time_tz.rb: Fix test error with tzdata-2014g. + [ruby-core:65058] [Bug #10245] Reported by Vit Ondruch. + - vm_method.c (rb_method_entry_make): warn redefinition only for + already defined methods, but not for undefined methods. + [ruby-dev:48691] [Bug #10421] + - vm_method.c (rb_method_entry_make): warn redefinition only for + already defined methods, but not for undefined methods. + [ruby-dev:48691] [Bug #10421] + - class.c (unknown_keyword_error): delete expected keywords + directly from raw table, so that the given block is not called. + [ruby-core:65837] [Bug #10413] + - vm_core.h, vm.c, proc.c: fix GC mark miss on bindings. + [ruby-dev:48616] [Bug #10368] + - test/ruby/test_eval.rb: add a test code. + - parse.y (parser_here_document): do not append already appended + and disposed code fragment. [ruby-dev:48647] [Bug #10392] + - ext/stringio/stringio.c (strio_write): ASCII-8BIT StringIO + should be writable any encoding strings, without conversion. + [ruby-core:65240] [Bug #10285] + - vm_eval.c (eval_string_with_cref): fix super from eval with + scope. set klass in the current control frame to the class of + the receiver in the context to be evaluated, this class/module + must match the actual receiver to call super. + [ruby-core:65122] [Bug #10263] + - lib/find.rb (Find.find): Call to_path for arguments to obtain + strings. [ruby-core:63713] [Bug #10035] Reported by Herwin. + - object.c (rb_class_real): do not dereference 0 VALUE + - test/ruby/test_module.rb (test_inspect_segfault): Test case and + bug report by Thomas Stratmann. [ruby-core:65214] [Bug #10282] + - signal.c (rb_f_kill): get rid of deadlock as unhandled and + discarded signals do not make interrupt_cond signaled. based + on the patch by Kazuki Tsujimoto at [ruby-dev:48606]. + [Bug #9820] + - signal.c (rb_f_kill): should not ignore signal unless the + default handler is registered. [ruby-dev:48592] [Bug #9820] + merge r47598 partially. extracted commits are as follows. + [Bug #9728] + https://github.com/k-takata/Onigmo/commit/15ddec6d18e27fdc1988236764e766fd58... + - lib/fileutils.rb: handle ENOENT error with symlink targeted to + non-exists file. [ruby-dev:45933] [Bug #6716] + - configure.in: NetBSD's ksh, used by configure, needs escapes. + - array.c (ary_recycle_hash): add RB_GC_GUARD (rb_ary_diff): + remove volatile [Bug #10369] + - dir.c (dir_s_aref): fix rdoc. `Dir.glob` allows an array but + `Dir[]` not. the former accepts an optional parameter `flags`, + while the latter accepts arbitrary number of arguments but no + `flags`. [ruby-core:65265] [Bug #10294] + - configure.in: Fix typo. [Bug #9914] + - error.c: update exception tree. [DOC] reported by @hemge via + twitter. + - parse.y (parse_ident): just after a label, new expression + should start, cannot be a modifier. [ruby-core:65211] + [Bug #10279] + - win32/Makefile.sub (VCSUP): nothing to do if this worktree is + not under any VCS (it means that the worktree may be from the + release package). + - test/ruby/test_time_tz.rb: Fix test error with tzdata-2014g. + [ruby-core:65058] [Bug #10245] Reported by Vit Ondruch. + - test/minitest/test_minitest_unit.rb: removed obsoleted + condition for Ruby 1.8. + - test/ruby/test_time_tz.rb: ditto. + +------------------------------------------------------------------- Old: ---- ruby-2.1.3.tar.bz2 New: ---- ruby-2.1.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ruby2.1.spec ++++++ --- /var/tmp/diff_new_pack.u0A5kJ/_old 2014-11-05 15:54:50.000000000 +0100 +++ /var/tmp/diff_new_pack.u0A5kJ/_new 2014-11-05 15:54:50.000000000 +0100 @@ -27,7 +27,7 @@ #### %define patch_level p0 -Version: 2.1.3 +Version: 2.1.4 Release: 0 # make the exported API version explicit %define api_version 2.1.0 ++++++ ruby-2.1.3.tar.bz2 -> ruby-2.1.4.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/ruby2.1/ruby-2.1.3.tar.bz2 /work/SRC/openSUSE:Factory/.ruby2.1.new/ruby-2.1.4.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org