head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2010Q2:1.1.0.6
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.4
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.2
	pkgsrc-2009Q4-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2010.09.10.03.29.00;	author taca;	state dead;
branches;
next	1.1;

1.1
date	2010.01.10.15.33.28;	author taca;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update ruby18-base to 1.8.7.302 (Ruby 1.8.7 patchlevel 302).

Since many changes from previous release, please refer
http://www.ruby-lang.org/en/news/2010/08/16/ruby-1-8-7-p302-is-released/.

Note: Since all security updates are already in previous package,
This update dosen't include any securify fix.
@
text
@$NetBSD: patch-dx,v 1.1 2010/01/10 15:33:28 taca Exp $

webrick security fix.

http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/

--- lib/webrick/httprequest.rb.orig	2009-02-14 19:17:52.000000000 +0000
+++ lib/webrick/httprequest.rb
@@@@ -242,11 +242,7 @@@@ module WEBrick
           @@raw_header << line
         end
       end
-      begin
-        @@header = HTTPUtils::parse_header(@@raw_header)
-      rescue => ex
-        raise  HTTPStatus::BadRequest, ex.message
-      end
+      @@header = HTTPUtils::parse_header(@@raw_header.join)
     end
 
     def parse_uri(str, scheme="http")
@


1.1
log
@Add patches for security problem of webrick.

http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@