r4895 - in trunk/BOOK: general/prog introduction/welcome

randy at linuxfromscratch.org randy at linuxfromscratch.org
Mon Aug 8 14:21:20 PDT 2005


Author: randy
Date: 2005-08-08 15:21:19 -0600 (Mon, 08 Aug 2005)
New Revision: 4895

Modified:
   trunk/BOOK/general/prog/ruby.xml
   trunk/BOOK/introduction/welcome/changelog.xml
Log:
Added a patch to the Ruby instructions which fixes a security vulnerability

Modified: trunk/BOOK/general/prog/ruby.xml
===================================================================
--- trunk/BOOK/general/prog/ruby.xml	2005-08-08 17:39:31 UTC (rev 4894)
+++ trunk/BOOK/general/prog/ruby.xml	2005-08-08 21:21:19 UTC (rev 4895)
@@ -4,12 +4,12 @@
   <!ENTITY % general-entities SYSTEM "../../general.ent">
   %general-entities;
 
-  <!ENTITY ruby-download-http " ">
+  <!ENTITY ruby-download-http "http://www.ibiblio.org/pub/languages/ruby/ruby/ruby-&ruby-version;.tar.gz">
   <!ENTITY ruby-download-ftp "ftp://ftp.ruby-lang.org/pub/ruby/ruby-&ruby-version;.tar.gz">
   <!ENTITY ruby-md5sum "8ffc79d96f336b80f2690a17601dea9b">
   <!ENTITY ruby-size "3.5 MB">
   <!ENTITY ruby-buildsize "55.2 MB">
-  <!ENTITY ruby-time "0.93 SBU">
+  <!ENTITY ruby-time "0.9 SBU">
 ]>
 
 <sect1 id="ruby" xreflabel="Ruby-&ruby-version;">
@@ -55,6 +55,15 @@
       </listitem>
     </itemizedlist>
 
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>Required patch to fix a vulnerability which allows remote
+        attackers to execute arbitrary commands: <ulink
+        url="http://www.ruby-lang.org/patches/ruby-&ruby-version;-xmlrpc-ipimethods-fix.diff"/></para>
+      </listitem>
+    </itemizedlist>
+
     <bridgehead renderas="sect3">Ruby Dependencies</bridgehead>
 
     <bridgehead renderas="sect4">Optional</bridgehead>
@@ -71,7 +80,8 @@
     <para>Install <application>Ruby</application> by running the following
     commands:</para>
 
-<screen><userinput>./configure --prefix=/usr --enable-shared \
+<screen><userinput>patch -Np1 -i ../ruby-&ruby-version;-xmlrpc-ipimethods-fix.diff &&
+./configure --prefix=/usr --enable-shared \
     --enable-pthread --enable-install-doc &&
 make</userinput></screen>
 

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2005-08-08 17:39:31 UTC (rev 4894)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2005-08-08 21:21:19 UTC (rev 4895)
@@ -25,6 +25,12 @@
   <itemizedlist>
 
     <listitem>
+      <para>August 8th, 2005 [randy]: Added instructions to install a patch
+      to the Ruby package which fixes a security vulnerability, thanks to
+      Ken Moffat for the suggestion.</para>
+    </listitem>
+
+    <listitem>
       <para>August 8th, 2005 [randy]: Added documentation installation to
       the expat instructions.</para>
     </listitem>




More information about the blfs-book mailing list