[DRE-commits] [ruby-parser] 01/10: Drop 002-fix-CVE-2013-0162.patch, applied upstream
Cédric Boutillier
boutil at moszumanska.debian.org
Fri Feb 28 12:32:10 UTC 2014
This is an automated email from the git hooks/post-receive script.
boutil pushed a commit to branch master
in repository ruby-parser.
commit 38dfd82904f2b58492fe5784e01658b8169fd374
Author: Cédric Boutillier <boutil at debian.org>
Date: Wed Dec 25 22:40:18 2013 +0100
Drop 002-fix-CVE-2013-0162.patch, applied upstream
---
debian/patches/002-fix-CVE-2013-0162.patch | 36 ------------------------------
debian/patches/series | 1 -
2 files changed, 37 deletions(-)
diff --git a/debian/patches/002-fix-CVE-2013-0162.patch b/debian/patches/002-fix-CVE-2013-0162.patch
deleted file mode 100644
index e160752..0000000
--- a/debian/patches/002-fix-CVE-2013-0162.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Description: Fix incorrect /tmp/ usage (CVE-2013-0162)
-Author: Michael Scherer <mscherer at redhat.com>
-Reviewed-by: Cédric Boutillier <boutil at debian.org>
-Last-Updated: 2013-02-26
-
---- a/lib/gauntlet_rubyparser.rb
-+++ b/lib/gauntlet_rubyparser.rb
-@@ -31,18 +31,19 @@
- def diff_pp o1, o2
- require 'pp'
-
-- File.open("/tmp/a.#{$$}", "w") do |f|
-- PP.pp o1, f
-- end
-+ file_a = Tempfile.new('ruby_parser_a')
-+ PP.pp o1, file_a
-+ file_a.close
-
-- File.open("/tmp/b.#{$$}", "w") do |f|
-- PP.pp o2, f
-- end
-+ file_b = Tempfile.new('ruby_parser_b')
-+ PP.pp o2, file_b
-+ file_b.close
-+
-+ `diff -u #{file_a.path} #{file_b.path}`
-
-- `diff -u /tmp/a.#{$$} /tmp/b.#{$$}`
- ensure
-- File.unlink "/tmp/a.#{$$}" rescue nil
-- File.unlink "/tmp/b.#{$$}" rescue nil
-+ file_a.unlink
-+ file_b.unlink
- end
-
- def broke name, file, msg
diff --git a/debian/patches/series b/debian/patches/series
index 26cbddd..beb05d3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1 @@
001-remove-rubygems-require.patch
-002-fix-CVE-2013-0162.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-parser.git
More information about the Pkg-ruby-extras-commits
mailing list