head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2010Q2:1.1.0.6
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.4
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.2
	pkgsrc-2009Q4-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2010.09.10.03.29.00;	author taca;	state dead;
branches;
next	1.1;

1.1
date	2010.01.10.15.33.28;	author taca;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update ruby18-base to 1.8.7.302 (Ruby 1.8.7 patchlevel 302).

Since many changes from previous release, please refer
http://www.ruby-lang.org/en/news/2010/08/16/ruby-1-8-7-p302-is-released/.

Note: Since all security updates are already in previous package,
This update dosen't include any securify fix.
@
text
@$NetBSD: patch-dz,v 1.1 2010/01/10 15:33:28 taca Exp $

webrick security fix.

http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/

--- lib/webrick/httputils.rb.orig	2008-08-04 05:21:05.000000000 +0000
+++ lib/webrick/httputils.rb
@@@@ -128,11 +128,11 @@@@ module WEBrick
         when /^\s+(.*?)\s*\z/om
           value = $1
           unless field
-            raise "bad header '#{line.inspect}'."
+            raise HTTPStatus::BadRequest, "bad header '#{line}'."
           end
           header[field][-1] << " " << value
         else
-          raise "bad header '#{line.inspect}'."
+          raise HTTPStatus::BadRequest, "bad header '#{line}'."
         end
       }
       header.each{|key, values|
@


1.1
log
@Add patches for security problem of webrick.

http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@