[DRE-commits] [ruby-passenger] 08/17: Drop fix_ftbfs_glibc217.patch, CVE-2013-2119.patch and CVE-2013-4136.patch, applied upstream.
Felix Geyer
fgeyer at alioth.debian.org
Mon Aug 5 19:12:09 UTC 2013
This is an automated email from the git hooks/post-receive script.
fgeyer pushed a commit to branch master
in repository ruby-passenger.
commit 9639949cfce7b213eceee21b315deb46472b620b
Author: Felix Geyer <fgeyer at debian.org>
Date: Mon Aug 5 20:38:19 2013 +0200
Drop fix_ftbfs_glibc217.patch, CVE-2013-2119.patch and CVE-2013-4136.patch, applied upstream.
---
debian/changelog | 2 +
debian/patches/CVE-2013-2119.patch | 286 -------------------------------
debian/patches/CVE-2013-4136.patch | 152 ----------------
debian/patches/fix_ftbfs_glibc217.patch | 164 ------------------
debian/patches/series | 3 -
5 files changed, 2 insertions(+), 605 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 1cf7222..13c4ea5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,8 @@ ruby-passenger (4.0.10-1) UNRELEASED; urgency=low
* Stop repacking the upstream tarball as it doesn't contain any minified
javascript files anymore.
* Refresh fix_install_path.patch.
+ * Drop fix_ftbfs_glibc217.patch, CVE-2013-2119.patch and CVE-2013-4136.patch,
+ applied upstream.
* Add myself as Uploader.
-- Felix Geyer <fgeyer at debian.org> Mon, 05 Aug 2013 20:31:08 +0200
diff --git a/debian/patches/CVE-2013-2119.patch b/debian/patches/CVE-2013-2119.patch
deleted file mode 100644
index d5459c0..0000000
--- a/debian/patches/CVE-2013-2119.patch
+++ /dev/null
@@ -1,286 +0,0 @@
-Description: Fix for CVE-2013-2119: insecure tmp files usage
-Origin: upstream, https://github.com/phusion/passenger/commit/0eaebb00f6b7327374069a7998064c68cc54e9f1
- and https://github.com/phusion/passenger/commit/56d9d39fb522e0967acbde0bcec1afc37313ceb4
-Bug-Debian: http://bugs.debian.org/710351
-
---- a/bin/passenger-install-nginx-module
-+++ b/bin/passenger-install-nginx-module
-@@ -27,6 +27,7 @@ $LOAD_PATH.unshift("#{passenger_root}/lib")
- require 'phusion_passenger'
- require 'optparse'
- require 'fileutils'
-+require 'tmpdir'
- require 'phusion_passenger/platform_info/ruby'
- require 'phusion_passenger/dependencies'
- require 'phusion_passenger/abstract_installer'
-@@ -108,14 +109,12 @@ class Installer < PhusionPassenger::AbstractInstaller
- def before_install
- super
- myself = `whoami`.strip
-- @working_dir = "/tmp/#{myself}-passenger-#{Process.pid}"
-- FileUtils.rm_rf(@working_dir)
-- FileUtils.mkdir_p(@working_dir)
-+ @working_dir = Dir.mktmpdir("passenger.")
- end
-
- def after_install
- super
-- FileUtils.rm_rf(@working_dir)
-+ FileUtils.remove_entry_secure(@working_dir) if @working_dir
- end
-
- private
---- a/lib/phusion_passenger/dependencies.rb
-+++ b/lib/phusion_passenger/dependencies.rb
-@@ -22,6 +22,7 @@
- # THE SOFTWARE.
-
- require 'rbconfig'
-+require 'tmpdir'
- require 'phusion_passenger'
- require 'phusion_passenger/packaging'
- require 'phusion_passenger/platform_info'
-@@ -117,6 +118,12 @@ def self.mizuho_required?
- end
- end
-
-+ def self.create_temp_files(name1, name2, dir = PlatformInfo.tmpexedir)
-+ Dir.mktmpdir("passenger.", dir) do |subdir|
-+ yield "#{subdir}/#{name1}", "#{subdir}/#{name2}"
-+ end
-+ end
-+
- GCC = Dependency.new do |dep|
- dep.name = "GNU C++ compiler"
- dep.define_checker do |result|
-@@ -456,9 +463,7 @@ def self.mizuho_required?
- Curl_Dev = Dependency.new do |dep|
- dep.name = "Curl development headers with SSL support"
- dep.define_checker do |result|
-- source_file = "#{PlatformInfo.tmpexedir}/passenger-curl-check.c"
-- output_file = "#{PlatformInfo.tmpexedir}/passenger-curl-check"
-- begin
-+ Dependencies.create_temp_files("check.c", "check") do |source_file, output_file|
- found = true
- File.open(source_file, 'w') do |f|
- f.puts("#include <curl/curl.h>")
-@@ -482,9 +487,6 @@ def self.mizuho_required?
- found = false
- end
- result.found(found)
-- ensure
-- File.unlink(source_file) rescue nil
-- File.unlink(output_file) rescue nil
- end
- end
- dep.install_instructions = "Please download Curl from <b>http://curl.haxx.se/libcurl</b> " +
-@@ -514,22 +516,17 @@ def self.mizuho_required?
- OpenSSL_Dev = Dependency.new do |dep|
- dep.name = "OpenSSL development headers"
- dep.define_checker do |result|
-- source_file = "#{PlatformInfo.tmpexedir}/passenger-openssl-check.c"
-- object_file = "#{PlatformInfo.tmpexedir}/passenger-openssl-check.o"
-- begin
-+ Dependencies.create_temp_files("check.c", "check.o") do |source_file, output_file|
- File.open(source_file, 'w') do |f|
- f.write("#include <openssl/ssl.h>")
- end
- Dir.chdir(File.dirname(source_file)) do
-- if system("(gcc #{ENV['CFLAGS']} -c '#{source_file}') >/dev/null 2>/dev/null")
-+ if system("(gcc #{ENV['CFLAGS']} -c '#{source_file}' -o '#{output_file}') >/dev/null 2>/dev/null")
- result.found
- else
- result.not_found
- end
- end
-- ensure
-- File.unlink(source_file) rescue nil
-- File.unlink(object_file) rescue nil
- end
- end
- if RUBY_PLATFORM =~ /linux/
-@@ -546,22 +543,17 @@ def self.mizuho_required?
- Zlib_Dev = Dependency.new do |dep|
- dep.name = "Zlib development headers"
- dep.define_checker do |result|
-- source_file = "#{PlatformInfo.tmpexedir}/zlib-check.c"
-- object_file = "#{PlatformInfo.tmpexedir}/zlib-check.o"
-- begin
-+ Dependencies.create_temp_files("check.c", "check.o") do |source_file, output_file|
- File.open(source_file, 'w') do |f|
- f.write("#include <zlib.h>")
- end
- Dir.chdir(File.dirname(source_file)) do
-- if system("(g++ -c zlib-check.c) >/dev/null 2>/dev/null")
-+ if system("(g++ -c '#{source_file}' -o '#{output_file}') >/dev/null 2>/dev/null")
- result.found
- else
- result.not_found
- end
- end
-- ensure
-- File.unlink(source_file) rescue nil
-- File.unlink(object_file) rescue nil
- end
- end
- if RUBY_PLATFORM =~ /linux/
---- a/lib/phusion_passenger/standalone/command.rb
-+++ b/lib/phusion_passenger/standalone/command.rb
-@@ -172,8 +172,11 @@ def determine_various_resource_locations(create_subdirs = true)
-
- def write_nginx_config_file
- require 'phusion_passenger/platform_info/ruby'
-- ensure_directory_exists(@temp_dir)
--
-+ require 'tmpdir'
-+ @temp_dir = Dir.mktmpdir("passenger.", "/tmp")
-+ @config_filename = "#{@temp_dir}/config"
-+ File.chmod(0755, @temp_dir)
-+
- File.open(@config_filename, 'w') do |f|
- f.chmod(0644)
- template_filename = File.join(TEMPLATES_DIR, "standalone", "config.erb")
-@@ -213,8 +216,6 @@ def nginx_ping_port
- def create_nginx_controller(extra_options = {})
- require_daemon_controller
- require 'socket' unless defined?(UNIXSocket)
-- @temp_dir = "/tmp/passenger-standalone.#{$$}"
-- @config_filename = "#{@temp_dir}/config"
- if @options[:socket_file]
- ping_spec = [:unix, @options[:socket_file]]
- else
---- a/lib/phusion_passenger/standalone/runtime_installer.rb
-+++ b/lib/phusion_passenger/standalone/runtime_installer.rb
-@@ -23,6 +23,7 @@
- # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- # THE SOFTWARE.
- require 'fileutils'
-+require 'tmpdir'
- require 'phusion_passenger'
- require 'phusion_passenger/abstract_installer'
- require 'phusion_passenger/packaging'
-@@ -164,16 +165,14 @@ def install!
- def before_install
- super
- @plugin.call_hook(:runtime_installer_start, self) if @plugin
-- @working_dir = "/tmp/#{myself}-passenger-standalone-#{Process.pid}"
-- FileUtils.rm_rf(@working_dir)
-- FileUtils.mkdir_p(@working_dir)
-+ @working_dir = Dir.mktmpdir("passenger.")
- @download_binaries = true if !defined?(@download_binaries)
- @binaries_url_root ||= STANDALONE_BINARIES_URL_ROOT
- end
-
- def after_install
- super
-- FileUtils.rm_rf(@working_dir)
-+ FileUtils.remove_entry_secure(@working_dir) if @working_dir
- @plugin.call_hook(:runtime_installer_cleanup) if @plugin
- end
-
---- a/lib/phusion_passenger/platform_info.rb
-+++ b/lib/phusion_passenger/platform_info.rb
-@@ -21,6 +21,8 @@
- # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- # THE SOFTWARE.
-
-+require 'tmpdir'
-+
- module PhusionPassenger
-
- # This module autodetects various platform-specific information, and
-@@ -263,15 +265,12 @@ def self.try_compile(language, source, flags = nil)
- else
- raise ArgumentError,"Unsupported language '#{language}'"
- end
-- filename = File.join("#{tmpexedir}/passenger-compile-check-#{Process.pid}.c")
-- File.open(filename, "w") do |f|
-- f.puts(source)
-- end
-- begin
-+ Dir.mktmpdir("passenger.", tmpexedir) do |dir|
-+ filename = File.join(dir, "check.c")
-+ File.open(filename, "w") do |f|
-+ f.puts(source)
-+ end
- return system("(#{compiler} #{flags} -c '#{filename}' -o '#{filename}.o') >/dev/null 2>/dev/null")
-- ensure
-- File.unlink(filename) rescue nil
-- File.unlink("#{filename}.o") rescue nil
- end
- end
- private_class_method :try_compile
-@@ -284,15 +283,12 @@ def self.try_link(language, source, flags = nil)
- else
- raise ArgumentError,"Unsupported language '#{language}'"
- end
-- filename = File.join("#{tmpexedir}/passenger-link-check-#{Process.pid}.c")
-- File.open(filename, "w") do |f|
-- f.puts(source)
-- end
-- begin
-+ Dir.mktmpdir("passenger.", tmpexedir) do |dir|
-+ filename = File.join(dir, "check.c")
-+ File.open(filename, "w") do |f|
-+ f.puts(source)
-+ end
- return system("(#{compiler} #{flags} '#{filename}' -o '#{filename}.out') >/dev/null 2>/dev/null")
-- ensure
-- File.unlink(filename) rescue nil
-- File.unlink("#{filename}.out") rescue nil
- end
- end
- private_class_method :try_link
-@@ -305,17 +301,16 @@ def self.try_compile_and_run(language, source, flags = nil)
- else
- raise ArgumentError,"Unsupported language '#{language}'"
- end
-- filename = File.join("#{tmpexedir}/passenger-compile-check-#{Process.pid}.c")
-- File.open(filename, "w") do |f|
-- f.puts(source)
-- end
-- begin
-+ Dir.mktmpdir("passenger.", tmpexedir) do |dir|
-+ filename = File.join(dir, "check.c")
-+ File.open(filename, "w") do |f|
-+ f.puts(source)
-+ end
- if system("(#{compiler} #{flags} '#{filename}' -o '#{filename}.out') >/dev/null 2>/dev/null")
- if Process.respond_to?(:spawn)
- pid = Process.spawn("#{filename}.out",
- :out => ["/dev/null", "w"],
- :err => ["/dev/null", "w"])
--
- else
- pid = fork do
- STDOUT.reopen("/dev/null", "w")
-@@ -328,9 +323,6 @@ def self.try_compile_and_run(language, source, flags = nil)
- else
- return false
- end
-- ensure
-- File.unlink(filename) rescue nil
-- File.unlink("#{filename}.out") rescue nil
- end
- end
- private_class_method :try_compile_and_run
---- a/lib/phusion_passenger/platform_info/apache.rb
-+++ b/lib/phusion_passenger/platform_info/apache.rb
-@@ -285,16 +285,7 @@ def self.apu_libs
- # headers are placed into the same directory as the Apache headers,
- # and so 'apr-config' and 'apu-config' won't be necessary in that case.
- def self.apr_config_needed_for_building_apache_modules?
-- filename = File.join("#{tmpexedir}/passenger-platform-check-#{Process.pid}.c")
-- File.open(filename, "w") do |f|
-- f.puts("#include <apr.h>")
-- end
-- begin
-- return !system("(gcc #{apache2_module_cflags(false)} -c '#{filename}' -o '#{filename}.o') >/dev/null 2>/dev/null")
-- ensure
-- File.unlink(filename) rescue nil
-- File.unlink("#{filename}.o") rescue nil
-- end
-+ return !try_compile(:c, "#include <apr.h>", apache2_module_cflags(false))
- end
- memoize :apr_config_needed_for_building_apache_modules?
-
diff --git a/debian/patches/CVE-2013-4136.patch b/debian/patches/CVE-2013-4136.patch
deleted file mode 100644
index a4ac0a2..0000000
--- a/debian/patches/CVE-2013-4136.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-Description: Fix for CVE-2013-4136: insecure tmp files usage
-Origin: backport, https://github.com/phusion/passenger/commit/5483b3292cc2af1c83033eaaadec20dba4dcfd9b
- and https://github.com/phusion/passenger/commit/9dda49f4a3ebe9bafc48da1bd45799f30ce19566
-Bug: https://code.google.com/p/phusion-passenger/issues/detail?id=910
-Bug-Debian: http://bugs.debian.org/717176
-
---- a/ext/common/LoggingAgent/Main.cpp
-+++ b/ext/common/LoggingAgent/Main.cpp
-@@ -265,11 +265,6 @@
- ev::sig sigtermWatcher(eventLoop);
- ev::sig sigquitWatcher(eventLoop);
-
-- if (feedbackFdAvailable()) {
-- feedbackFdWatcher.set<&feedbackFdBecameReadable>();
-- feedbackFdWatcher.start(FEEDBACK_FD, ev::READ);
-- writeArrayMessage(FEEDBACK_FD, "initialized", NULL);
-- }
- sigintWatcher.set<&caughtExitSignal>();
- sigintWatcher.start(SIGINT);
- sigtermWatcher.set<&caughtExitSignal>();
-@@ -281,6 +276,11 @@
- /********** Initialized! Enter main loop... **********/
-
- P_DEBUG("Logging agent online, listening at " << socketAddress);
-+ if (feedbackFdAvailable()) {
-+ feedbackFdWatcher.set<&feedbackFdBecameReadable>();
-+ feedbackFdWatcher.start(FEEDBACK_FD, ev::READ);
-+ writeArrayMessage(FEEDBACK_FD, "initialized", NULL);
-+ }
- ev_loop(eventLoop, 0);
- return exitCode;
- } catch (const tracable_exception &e) {
---- a/ext/common/ServerInstanceDir.h
-+++ b/ext/common/ServerInstanceDir.h
-@@ -30,6 +30,7 @@
- #include <oxt/backtrace.hpp>
-
- #include <sys/types.h>
-+#include <sys/stat.h>
- #include <dirent.h>
- #include <unistd.h>
- #include <pwd.h>
-@@ -38,6 +39,7 @@
- #include <cstring>
- #include <string>
-
-+#include <Logging.h>
- #include "Exceptions.h"
- #include "Utils.h"
- #include "Utils/StrIntUtils.h"
-@@ -47,6 +49,15 @@
- using namespace std;
- using namespace boost;
-
-+/* TODO: I think we should move away from generation dirs in the future.
-+ * That way we can become immune to existing-directory-in-tmp denial of
-+ * service attacks. To achieve the same functionality as we do now, each
-+ * server instance directory is tagged with the control process's PID
-+ * and a creation timestamp. passenger-status should treat the server instance
-+ * directory with the most recent creation timestamp as the one to query.
-+ * For now, the current code does not lead to an exploit.
-+ */
-+
- class ServerInstanceDir: public noncopyable {
- public:
- // Don't forget to update lib/phusion_passenger/admin_tools/server_instance.rb too.
-@@ -217,7 +228,69 @@
- * rights though, because we want admin tools to be able to list the available
- * generations no matter what user they're running as.
- */
-- makeDirTree(path, "u=rwxs,g=rx,o=rx");
-+ if (owner) {
-+ switch (getFileType(path)) {
-+ case FT_NONEXISTANT:
-+ createDirectory(path);
-+ break;
-+ case FT_DIRECTORY:
-+ verifyDirectoryPermissions(path);
-+ break;
-+ default:
-+ throw RuntimeException("'" + path + "' already exists, and is not a directory");
-+ }
-+ } else if (getFileType(path) != FT_DIRECTORY) {
-+ throw RuntimeException("Server instance directory '" + path +
-+ "' does not exist");
-+ }
-+ }
-+
-+ void createDirectory(const string &path) const {
-+ // We do not use makeDirTree() here. If an attacker creates a directory
-+ // just before we do, then we want to abort because we want the directory
-+ // to have specific permissions.
-+ if (mkdir(path.c_str(), parseModeString("u=rwx,g=rx,o=rx")) == -1) {
-+ int e = errno;
-+ throw FileSystemException("Cannot create server instance directory '" +
-+ path + "'", e, path);
-+ }
-+ // verifyDirectoryPermissions() checks for the owner/group so we must make
-+ // sure the server instance directory has that owner/group, even when the
-+ // parent directory has setgid on.
-+ if (chown(path.c_str(), geteuid(), getegid()) == -1) {
-+ int e = errno;
-+ throw FileSystemException("Cannot change the permissions of the server "
-+ "instance directory '" + path + "'", e, path);
-+ }
-+ }
-+
-+ /**
-+ * When reusing an existing server instance directory, check permissions
-+ * so that an attacker cannot pre-create a directory with too liberal
-+ * permissions.
-+ */
-+ void verifyDirectoryPermissions(const string &path) {
-+ TRACE_POINT();
-+ struct stat buf;
-+
-+ if (stat(path.c_str(), &buf) == -1) {
-+ int e = errno;
-+ throw FileSystemException("Cannot stat() " + path, e, path);
-+ } else if (buf.st_mode != (S_IFDIR | parseModeString("u=rwx,g=rx,o=rx"))) {
-+ throw RuntimeException("Tried to reuse existing server instance directory " +
-+ path + ", but it has wrong permissions");
-+ } else if (buf.st_uid != geteuid() || buf.st_gid != getegid()) {
-+ /* The server instance directory is always created by the Watchdog. Its UID/GID never
-+ * changes because:
-+ * 1. Disabling user switching only lowers the privilege of the HelperAgent.
-+ * 2. For the UID/GID to change, the web server must be completely restarted
-+ * (not just graceful reload) so that the control process can change its UID/GID.
-+ * This causes the PID to change, so that an entirely new server instance
-+ * directory is created.
-+ */
-+ throw RuntimeException("Tried to reuse existing server instance directory " +
-+ path + ", but it has wrong owner and group");
-+ }
- }
-
- bool isDirectory(const string &dir, struct dirent *entry) const {
---- a/test/cxx/ServerInstanceDirTest.cpp
-+++ b/test/cxx/ServerInstanceDirTest.cpp
-@@ -73,9 +73,11 @@
- }
-
- TEST_METHOD(5) {
-- // The destructor doesnn't remove the server instance directory if it
-+ // The destructor doesn't remove the server instance directory if it
- // wasn't created with the ownership flag or if it's been detached.
- string path, path2;
-+ makeDirTree(parentDir + "/passenger-test.1234");
-+ makeDirTree(parentDir + "/passenger-test.5678");
- {
- ServerInstanceDir dir(1234, parentDir, false);
- ServerInstanceDir dir2(5678, parentDir);
diff --git a/debian/patches/fix_ftbfs_glibc217.patch b/debian/patches/fix_ftbfs_glibc217.patch
deleted file mode 100644
index 3de37e2..0000000
--- a/debian/patches/fix_ftbfs_glibc217.patch
+++ /dev/null
@@ -1,164 +0,0 @@
-From 27894da4c7a5da30ef7ab4b03f914d1dec8531ac Mon Sep 17 00:00:00 2001
-From: "Hongli Lai (Phusion)" <hongli at phusion.nl>
-Date: Sun, 26 Aug 2012 14:27:39 +0200
-Subject: [PATCH] Backport fix from
- https://svn.boost.org/trac/boost/ticket/6940 This allows passenger to build
- on Fedora 18/19.
-
----
- ext/boost/config/suffix.hpp | 12 ++++++++++++
- ext/boost/src/pthread/thread.cpp | 4 ++--
- ext/boost/src/pthread/timeconv.inl | 16 ++++++++--------
- ext/boost/thread/locks.hpp | 6 +++---
- ext/boost/thread/xtime.hpp | 4 ++--
- ext/common/ApplicationPool/Pool.h | 2 +-
- 7 files changed, 30 insertions(+), 16 deletions(-)
-
-diff --git a/ext/boost/config/suffix.hpp b/ext/boost/config/suffix.hpp
-index 3408d22..6464f33 100644
---- a/ext/boost/config/suffix.hpp
-+++ b/ext/boost/config/suffix.hpp
-@@ -103,6 +103,18 @@
- #endif
-
- //
-+// constexpr workarounds
-+//
-+#if defined(BOOST_NO_CONSTEXPR)
-+#define BOOST_CONSTEXPR
-+#define BOOST_CONSTEXPR_OR_CONST const
-+#else
-+#define BOOST_CONSTEXPR constexpr
-+#define BOOST_CONSTEXPR_OR_CONST constexpr
-+#endif
-+#define BOOST_STATIC_CONSTEXPR static BOOST_CONSTEXPR_OR_CONST
-+
-+//
- // if there is no __int64 then there is no specialisation
- // for numeric_limits<__int64> either:
- //
-diff --git a/ext/boost/src/pthread/thread.cpp b/ext/boost/src/pthread/thread.cpp
-index b5a0572..f90cfcd 100644
---- a/ext/boost/src/pthread/thread.cpp
-+++ b/ext/boost/src/pthread/thread.cpp
-@@ -365,7 +365,7 @@
- cond.timed_wait(lock, xt);
- # endif
- xtime cur;
-- xtime_get(&cur, TIME_UTC);
-+ xtime_get(&cur, TIME_UTC_);
- if (xtime_cmp(xt, cur) <= 0)
- return;
- }
-@@ -380,7 +380,7 @@
- BOOST_VERIFY(!pthread_yield());
- # else
- xtime xt;
-- xtime_get(&xt, TIME_UTC);
-+ xtime_get(&xt, TIME_UTC_);
- sleep(xt);
- # endif
- }
-diff --git a/ext/boost/src/pthread/timeconv.inl b/ext/boost/src/pthread/timeconv.inl
-index b75a135..7c07802 100644
---- a/ext/boost/src/pthread/timeconv.inl
-+++ b/ext/boost/src/pthread/timeconv.inl
-@@ -20,8 +20,8 @@ const int NANOSECONDS_PER_MICROSECOND = 1000;
- inline void to_time(int milliseconds, boost::xtime& xt)
- {
- int res = 0;
-- res = boost::xtime_get(&xt, boost::TIME_UTC);
-- BOOST_ASSERT(res == boost::TIME_UTC);
-+ res = boost::xtime_get(&xt, boost::TIME_UTC_);
-+ BOOST_ASSERT(res == boost::TIME_UTC_);
-
- xt.sec += (milliseconds / MILLISECONDS_PER_SECOND);
- xt.nsec += ((milliseconds % MILLISECONDS_PER_SECOND) *
-@@ -57,8 +57,8 @@ inline void to_timespec_duration(const boost::xtime& xt, timespec& ts)
- {
- boost::xtime cur;
- int res = 0;
-- res = boost::xtime_get(&cur, boost::TIME_UTC);
-- BOOST_ASSERT(res == boost::TIME_UTC);
-+ res = boost::xtime_get(&cur, boost::TIME_UTC_);
-+ BOOST_ASSERT(res == boost::TIME_UTC_);
-
- if (boost::xtime_cmp(xt, cur) <= 0)
- {
-@@ -88,8 +88,8 @@ inline void to_duration(boost::xtime xt, int& milliseconds)
- {
- boost::xtime cur;
- int res = 0;
-- res = boost::xtime_get(&cur, boost::TIME_UTC);
-- BOOST_ASSERT(res == boost::TIME_UTC);
-+ res = boost::xtime_get(&cur, boost::TIME_UTC_);
-+ BOOST_ASSERT(res == boost::TIME_UTC_);
-
- if (boost::xtime_cmp(xt, cur) <= 0)
- milliseconds = 0;
-@@ -110,8 +110,8 @@ inline void to_microduration(boost::xtime xt, int& microseconds)
- {
- boost::xtime cur;
- int res = 0;
-- res = boost::xtime_get(&cur, boost::TIME_UTC);
-- BOOST_ASSERT(res == boost::TIME_UTC);
-+ res = boost::xtime_get(&cur, boost::TIME_UTC_);
-+ BOOST_ASSERT(res == boost::TIME_UTC_);
-
- if (boost::xtime_cmp(xt, cur) <= 0)
- microseconds = 0;
-diff --git a/ext/boost/thread/locks.hpp b/ext/boost/thread/locks.hpp
-index dd66a67..d77b145 100644
---- a/ext/boost/thread/locks.hpp
-+++ b/ext/boost/thread/locks.hpp
-@@ -164,9 +164,9 @@
- struct adopt_lock_t
- {};
-
-- const defer_lock_t defer_lock={};
-- const try_to_lock_t try_to_lock={};
-- const adopt_lock_t adopt_lock={};
-+ BOOST_CONSTEXPR_OR_CONST defer_lock_t defer_lock={};
-+ BOOST_CONSTEXPR_OR_CONST try_to_lock_t try_to_lock={};
-+ BOOST_CONSTEXPR_OR_CONST adopt_lock_t adopt_lock={};
-
- template<typename Mutex>
- class shared_lock;
-diff --git a/ext/boost/thread/xtime.hpp b/ext/boost/thread/xtime.hpp
-index 7cc6272..f908298 100644
---- a/ext/boost/thread/xtime.hpp
-+++ b/ext/boost/thread/xtime.hpp
-@@ -20,7 +20,7 @@
-
- enum xtime_clock_types
- {
-- TIME_UTC=1
-+ TIME_UTC_=1
- // TIME_TAI,
- // TIME_MONOTONIC,
- // TIME_PROCESS,
-@@ -68,7 +68,7 @@ inline xtime get_xtime(boost::system_time const& abs_time)
-
- inline int xtime_get(struct xtime* xtp, int clock_type)
- {
-- if (clock_type == TIME_UTC)
-+ if (clock_type == TIME_UTC_)
- {
- *xtp=get_xtime(get_system_time());
- return clock_type;
-diff --git a/ext/common/ApplicationPool/Pool.h b/ext/common/ApplicationPool/Pool.h
-index 8c87ad5..d26529d 100644
---- a/ext/common/ApplicationPool/Pool.h
-+++ b/ext/common/ApplicationPool/Pool.h
-@@ -718,7 +718,7 @@ class Pool: public ApplicationPool::Interface {
- }
- } else {
- xtime xt;
-- xtime_get(&xt, TIME_UTC);
-+ xtime_get(&xt, TIME_UTC_);
- xt.sec += maxIdleTime + 1;
- if (cleanerThreadSleeper.timed_wait(l, xt)) {
- // Condition was woken up.
---
-1.8.1.6
-
diff --git a/debian/patches/series b/debian/patches/series
index f984f3e..7a4b3dc 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1 @@
fix_install_path.patch
-fix_ftbfs_glibc217.patch
-CVE-2013-2119.patch
-CVE-2013-4136.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-passenger.git
More information about the Pkg-ruby-extras-commits
mailing list