[DRE-commits] [ruby-pg] 05/06: prevent loading remote uncontrolled data from the HTML documentation
Cédric Boutillier
boutil at moszumanska.debian.org
Thu Aug 21 11:04:52 UTC 2014
This is an automated email from the git hooks/post-receive script.
boutil pushed a commit to branch master
in repository ruby-pg.
commit f7ecc6074b0f2f81f1c55c0b535efcd5dadfab94
Author: Cédric Boutillier <boutil at debian.org>
Date: Thu Aug 21 12:56:35 2014 +0200
prevent loading remote uncontrolled data from the HTML documentation
---
debian/changelog | 2 ++
debian/patches/0003-privacy-breach.patch | 20 ++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 23 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 7808a5d..9f03b41 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,6 +10,8 @@ ruby-pg (0.17.1-2) UNRELEASED; urgency=medium
* Build-depend on ruby-hoe and rake-compiler to be able to run rake tasks
from the upstream Rakefile
* Update the rule to generate the documentation and register it in doc-base
+ - Add 0003-privacy-breach.patch to prevent loading remote uncontrolled
+ data from the HTML documentation
-- Cédric Boutillier <boutil at debian.org> Thu, 21 Aug 2014 11:49:38 +0200
diff --git a/debian/patches/0003-privacy-breach.patch b/debian/patches/0003-privacy-breach.patch
new file mode 100644
index 0000000..134cf77
--- /dev/null
+++ b/debian/patches/0003-privacy-breach.patch
@@ -0,0 +1,20 @@
+Description: remove reference to travis-ci.org service from README
+ once converted to HTML, this would load uncontrolled remote data, which could
+ lead to a privacy breach.
+Author: Cédric Boutillier <boutil at debian.org>
+Last-Update: 2014-08-21
+
+--- a/README.rdoc
++++ b/README.rdoc
+@@ -27,11 +27,6 @@
+ end
+ end
+
+-== Build Status
+-
+-{<img src="https://travis-ci.org/ged/ruby-pg.png?branch=master" alt="Build Status" />}[https://travis-ci.org/ged/ruby-pg]
+-
+-
+ == Requirements
+
+ * Ruby 1.9.3-p392, or 2.0.0-p0.
diff --git a/debian/patches/series b/debian/patches/series
index bd9f667..89bb9c0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
0002-fix-license-gemspec.patch
0001-do-not-set-rpath.patch
+0003-privacy-breach.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-pg.git
More information about the Pkg-ruby-extras-commits
mailing list