[DRE-commits] [ruby-activerecord-3.2] 06/06: Remove obsolete patches
Ondrej Sury
ondrej at moszumanska.debian.org
Tue Apr 29 10:54:30 UTC 2014
This is an automated email from the git hooks/post-receive script.
ondrej pushed a commit to annotated tag debian/3.2.16-1
in repository ruby-activerecord-3.2.
commit 5a94ad6ce25fb8146591bce27525476dea97d983
Author: Ondřej Surý <ondrej at sury.org>
Date: Thu Dec 5 10:46:50 2013 +0100
Remove obsolete patches
---
debian/patches/3-2-dynamic_finder_injection.patch | 32 -----------------------
debian/patches/CVE-2013-0155.patch | 25 ------------------
debian/patches/CVE-2013-1854.patch | 22 ----------------
debian/patches/series | 3 ---
4 files changed, 82 deletions(-)
diff --git a/debian/patches/3-2-dynamic_finder_injection.patch b/debian/patches/3-2-dynamic_finder_injection.patch
deleted file mode 100644
index f2e5121..0000000
--- a/debian/patches/3-2-dynamic_finder_injection.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 325669f0795a9148fd31f7f496a40dc8e114ef52 Mon Sep 17 00:00:00 2001
-From: Aaron Patterson <aaron.patterson at gmail.com>
-Date: Sun, 23 Dec 2012 11:07:07 -0800
-Subject: [PATCH] CVE-2012-5664 options hashes should only be extracted if
- there are extra parameters
-
----
- lib/active_record/dynamic_matchers.rb | 7 ++++++-
- test/cases/finder_test.rb | 12 ++++++++++++
- 2 files changed, 18 insertions(+), 1 deletion(-)
-
-diff --git a/lib/active_record/dynamic_matchers.rb b/lib/active_record/dynamic_matchers.rb
-index b6b8e24..f15d0b7 100644
---- a/lib/active_record/dynamic_matchers.rb
-+++ b/lib/active_record/dynamic_matchers.rb
-@@ -40,7 +40,12 @@ module ActiveRecord
- METHOD
- send(method_id, *arguments)
- elsif match.finder?
-- options = arguments.extract_options!
-+ options = if arguments.length > attribute_names.size
-+ arguments.extract_options!
-+ else
-+ {}
-+ end
-+
- relation = options.any? ? scoped(options) : scoped
- relation.send :find_by_attributes, match, attribute_names, *arguments, &block
- elsif match.instantiator?
---
-1.7.10.2 (Apple Git-33)
-
diff --git a/debian/patches/CVE-2013-0155.patch b/debian/patches/CVE-2013-0155.patch
deleted file mode 100644
index 4ab9f2a..0000000
--- a/debian/patches/CVE-2013-0155.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From b7d666e95aee11e441908278425d16deef87cefb Mon Sep 17 00:00:00 2001
-From: Aaron Patterson <aaron.patterson at gmail.com>
-Date: Fri, 4 Jan 2013 12:02:22 -0800
-Subject: [PATCH 1/2] * Strip nils from collections on JSON and XML posts.
- [CVE-2013-0155] * dealing with empty hashes. Thanks
- Damien Mathieu
-
-diff --git a/lib/active_record/relation/predicate_builder.rb b/lib/active_record/relation/predicate_builder.rb
-index 6b118b4..b31fdfd 100644
---- a/lib/active_record/relation/predicate_builder.rb
-+++ b/lib/active_record/relation/predicate_builder.rb
-@@ -6,7 +6,12 @@ module ActiveRecord
-
- if allow_table_name && value.is_a?(Hash)
- table = Arel::Table.new(column, engine)
-- build_from_hash(engine, value, table, false)
-+
-+ if value.empty?
-+ '1 = 2'
-+ else
-+ build_from_hash(engine, value, table, false)
-+ end
- else
- column = column.to_s
-
diff --git a/debian/patches/CVE-2013-1854.patch b/debian/patches/CVE-2013-1854.patch
deleted file mode 100644
index 6293196..0000000
--- a/debian/patches/CVE-2013-1854.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- a/lib/active_record/relation.rb
-+++ b/lib/active_record/relation.rb
-@@ -464,7 +464,7 @@ module ActiveRecord
- node.left.relation.name == table_name
- }
-
-- Hash[equalities.map { |where| [where.left.name, where.right] }]
-+ Hash[equalities.map { |where| [where.left.name, where.right] }].with_indifferent_access
- end
-
- def scope_for_create
---- a/lib/active_record/relation/predicate_builder.rb
-+++ b/lib/active_record/relation/predicate_builder.rb
-@@ -20,7 +20,7 @@ module ActiveRecord
- table = Arel::Table.new(table_name, engine)
- end
-
-- attribute = table[column.to_sym]
-+ attribute = table[column]
-
- case value
- when ActiveRecord::Relation
diff --git a/debian/patches/series b/debian/patches/series
index 14181fc..2d73934 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1 @@
Remove_rubygems_dependency.patch
-3-2-dynamic_finder_injection.patch
-CVE-2013-0155.patch
-CVE-2013-1854.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-activerecord-3.2.git
More information about the Pkg-ruby-extras-commits
mailing list