[DRE-commits] [ruby-rack] 01/01: Update debian/changelog

Youhei SASAKI uwabami-guest at moszumanska.debian.org
Sat Aug 1 04:26:54 UTC 2015


This is an automated email from the git hooks/post-receive script.

uwabami-guest pushed a commit to branch master-1.5.2-jessie
in repository ruby-rack.

commit 49dbf6b5605e00d82bffc5d6e792f3581457f7ce
Author: Youhei SASAKI <uwabami at gfd-dennou.org>
Date:   Sat Aug 1 13:26:07 2015 +0900

    Update debian/changelog
    
    Signed-off-by: Youhei SASAKI <uwabami at gfd-dennou.org>
---
 debian/changelog                                   |  4 +++-
 .../0002-Add-missing-require-to-response.rb.patch  | 24 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index a01cec0..a5866f1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-ruby-rack (1.5.2-3+deb8u1) unstable; urgency=high
+ruby-rack (1.5.2-3+deb8u1) jessie-security; urgency=high
 
   * Create cherry-picked patch for Security Fix (Closes: #789311).
     - CVE-2015-3225: 0001-Fix-Params_Depth.patch
@@ -6,6 +6,8 @@ ruby-rack (1.5.2-3+deb8u1) unstable; urgency=high
       for being too deep, allows remote attackers to cause a denial of
       service (SystemStackError) via a request with a large parameter
       depth.
+  * Add 0002-Add-missing-require-to-response.rb.patch.
+    Add missing require of rack/body_proxy in response.rb
 
  -- Youhei SASAKI <uwabami at gfd-dennou.org>  Wed, 29 Jul 2015 17:12:00 +0900
 
diff --git a/debian/patches/0002-Add-missing-require-to-response.rb.patch b/debian/patches/0002-Add-missing-require-to-response.rb.patch
new file mode 100644
index 0000000..94fab72
--- /dev/null
+++ b/debian/patches/0002-Add-missing-require-to-response.rb.patch
@@ -0,0 +1,24 @@
+From 24935a53d8ee561229a5e7e651be120ddda11562 Mon Sep 17 00:00:00 2001
+From: James Tucker <jftucker at gmail.com>
+Date: Sat, 28 Dec 2013 13:33:54 -0400
+Subject: [PATCH] Add missing require to response.rb
+
+Closes #631
+---
+ lib/rack/response.rb | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/rack/response.rb b/lib/rack/response.rb
+index 2076aff..1acfce2 100644
+--- a/lib/rack/response.rb
++++ b/lib/rack/response.rb
+@@ -1,5 +1,6 @@
+ require 'rack/request'
+ require 'rack/utils'
++require 'rack/body_proxy'
+ require 'time'
+ 
+ module Rack
+-- 
+2.5.0
+
diff --git a/debian/patches/series b/debian/patches/series
index 3a39f9c..a85379a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 0001-Fix-Params_Depth.patch
+0002-Add-missing-require-to-response.rb.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-rack.git



More information about the Pkg-ruby-extras-commits mailing list