ruby2.5 (2.5.5-3+deb10u3) buster; urgency=high * Add patch to fix a potential HTTP request smuggling vulnerability in WEBrick. (Fixes: CVE-2020-25613) -- Utkarsh Gupta Tue, 13 Oct 2020 18:32:32 +0530 ruby2.5 (2.5.5-3+deb10u2) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Add patch to fix: - CVE-2020-10663: unsafe object creation vulnerability in JSON. - CVE-2020-10933: do not return uninitialized buffer. -- Utkarsh Gupta Sat, 04 Jul 2020 00:07:58 +0530 ruby2.5 (2.5.5-3+deb10u1) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Fix for wrong fnmatch patttern (CVE-2019-15845) * Loop with String#scan without creating substrings (CVE-2019-16201) * WEBrick: prevent response splitting and header injection (CVE-2019-16254) * lib/shell/command-processor.rb (Shell#[]): prevent unknown command (CVE-2019-16255) -- Salvatore Bonaccorso Sun, 15 Dec 2019 13:58:03 +0100 ruby2.5 (2.5.5-3) unstable; urgency=medium * ia64: Don't clear register_stack_start (Closes: #928068) -- Antonio Terceiro Sun, 02 Jun 2019 10:16:57 -0300 ruby2.5 (2.5.5-2) unstable; urgency=medium * debian/tests/excludes/: fix exclusion of Rinda tests that depend on network availability, by moving the existing excludes files to the correct location. (Closes: #927122) -- Antonio Terceiro Mon, 13 May 2019 10:55:06 -0300 ruby2.5 (2.5.5-1) unstable; urgency=medium * New upstream version 2.5.5. Includes a series of bug fixes, most notably for 6 security bugs discovered in Rubygems: - CVE-2019-8320: Delete directory using symlink when decompressing tar - CVE-2019-8321: Escape sequence injection vulnerability in verbose - CVE-2019-8322: Escape sequence injection vulnerability in gem owner - CVE-2019-8323: Escape sequence injection vulnerability in API response handling - CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution - CVE-2019-8325: Escape sequence injection vulnerability in errors * Rebase patches. The following patches were applied upstream and dropped from the Debian package: - 0011-Update-for-tzdata-2018f.patch - 0012-test-update-test-certificate.patch -- Antonio Terceiro Tue, 26 Mar 2019 17:12:34 -0300 ruby2.5 (2.5.3-4) unstable; urgency=medium * 0012-test-update-test-certificate.patch: update test certificate so SSL-related tests pass (Closes: 919516) -- Antonio Terceiro Sat, 23 Feb 2019 17:51:21 -0300 ruby2.5 (2.5.3-3) unstable; urgency=medium * arm64: also skip TestBugReporter#test_bug_reporter_add, which also fails~ 4% of the time. * mipsel: fix location of skiplist for OpenSSL::TestSSL, from TestSSL.rb to OpenSSL/TestSSL.rb. * Remove skiplist for OpenSSL::TestSSL on all architectures. It was in the wrong place to begin with. * Fix location of skiplist for Rinda-related tests. -- Antonio Terceiro Tue, 27 Nov 2018 09:58:02 -0200 ruby2.5 (2.5.3-2) unstable; urgency=medium * arm64: skip TestRubyOptions#test_segv_loaded_features, fails ~3% of the time * mipsel: skip OpenSSL::TestSSL tests that frequently timeout on the Debian buildds - test_dh_callback - test_get_ephemeral_key - test_post_connect_check_with_anon_ciphers -- Antonio Terceiro Sun, 25 Nov 2018 13:05:27 -0200 ruby2.5 (2.5.3-1) unstable; urgency=medium * New upstream version 2.5.3 - Includes fix for CVE-2018-16396, "Tainted flags are not propagated in Array#pack and String#unpack with some directives" (Closes: #911920) * Refresh patches: - Dropped 0009-merge-changes-in-ruby-openssl-v2.1.1.patch, already applied upstream. * Add tzdata to Build-Depends (Closes: #911717) * Cherry-pick upstream commmit with update to tests due to changes in tzdata 2018f (Closes: #913181) * Update gemspec reproducibility patch to also make new default gems fiddle and ipaddr reproducible. (Closes: #898051) * debian/rules: don't install created.rid file produced by rdoc to make build reproducible. This file is used by rdoc to decide when to update documentation when in use in interactive settings, and containing a timestamp is one of its functions. Is is not necessary for a binary package, though, because the included documentation will never need to be updated in-place. -- Antonio Terceiro Sat, 24 Nov 2018 12:38:59 -0200 ruby2.5 (2.5.1-6) unstable; urgency=medium * Fix build with openssl 1.1.1 (Closes: #907790) - Apply Ruby upstream patch to update openssl extension to v2.1.1. This includes some, but not all, changes needed to make the tests pass against openssl 1.1.1 - Apply ruby-openssl upstream patches to fix tests against openssl 1.1.1 - Exclude tests that still fail with openssl 1.1.1 - debian/rules: set OPENSSL_CONF to /dev/null when running tests to use the default openssl settings. Unfortunately there are too many tests for several parts of the Ruby standard library that use openssl and that take very long to complete under the Debian settings, and I don't have the cycles to go fix each one. - debian/tests/run-all: also run autopkgtest against the default openssl settings and not the Debian-specific ones. * debian/tests/run-all: fix reference to excludes dir -- Antonio Terceiro Sat, 06 Oct 2018 14:15:02 -0300 ruby2.5 (2.5.1-5) unstable; urgency=medium * Fix spelling error in patch description * Remove always-on dh --parallel * Pass --host to configure when cross-building. We cannot just use dh_auto_configure because some of the added options then make configure need a baseruby, which we want to avoid when building for the native arch. (Closes: #893501) -- Chris Hofstaedtler Tue, 24 Jul 2018 08:56:14 +0000 ruby2.5 (2.5.1-4) unstable; urgency=medium * Disable tests failing on Ubuntu builders (Closes: #886515) * Bump Standards-Version to 4.1.5 -- Chris Hofstaedtler Sun, 22 Jul 2018 14:18:07 +0000 ruby2.5 (2.5.1-3) unstable; urgency=medium * Exclude test that often fails on the Debian mips buildds * Add missing patch needed for kfreebsd-amd64 port (Closes: #899267) -- Antonio Terceiro Sun, 10 Jun 2018 22:08:34 -0300 ruby2.5 (2.5.1-2) unstable; urgency=medium [ Antonio Terceiro ] * debian/tests/control: ignore output on stderr * debian/tests/bundled-gems: only fail on missing gems. Only warn if version found is not new enough * libruby2.5: add dependency on ruby-xmlrpc [ Samuel Thibault ] * Fix FTBFS on hurd (Closes: #896509) [ Svante Signell ] * Exclude tests that fail on kfreebsd (Closes: #899267) [ Antonio Terceiro ] * Update symbols file for 64-bit architectures [ Santiago R.R ] * Exclude Rinda TestRingFinger and TestRingServer test units requiring network access (Closes: #898917) -- Antonio Terceiro Sat, 09 Jun 2018 11:50:20 -0300 ruby2.5 (2.5.1-1) unstable; urgency=medium * New upstream version 2.5.1. According to the release announcement, includes fixes for the following security issues: - CVE-2017-17742: HTTP response splitting in WEBrick - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir - CVE-2018-8777: DoS by large request in WEBrick - CVE-2018-8778: Buffer under-read in String#unpack - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir - Multiple vulnerabilities in RubyGems * Refresh patches. Patches dropped for being already applied upstream: - 0005-Fix-tests-to-cope-with-updates-in-tzdata.patch - 0006-Rubygems-apply-upstream-patch-to-fix-multiple-vulner.patch * Add patch to fix FTBFS on ia64 (Closes: #889848) * Add simple autopkgtest to check for builtin extensions that are build against external dependencies (ssl, yaml, *dbm etc) * Add build-dependency on libgdbm-compat-dev (Closes: #892099) * debian/tests/excludes/any/TestTimeTZ.rb: ignore tests failing due to assumptions that don't hold on newer tzdata update. Upstream bug: https://bugs.ruby-lang.org/issues/14655 * debian/libruby2.5.symbols: update with new symbol added in this release -- Antonio Terceiro Sat, 31 Mar 2018 13:22:48 -0300 ruby2.5 (2.5.0-6) unstable; urgency=medium * debian/rules: explicitly pass --runstatedir, --localstatedir, and --sysconfdir to ./configure -- Antonio Terceiro Sun, 04 Mar 2018 13:30:49 -0300 ruby2.5 (2.5.0-5) unstable; urgency=medium * Change Maintainer: to Debian Ruby Team * debian/patches/0005-Fix-tests-to-cope-with-updates-in-tzdata.patch: fix test failures after updates in the Japan timezone data (Closes: #889046) * debian/patches/0006-Rubygems-apply-upstream-patch-to-fix-multiple-vulner.patch: upgrade to Rubygems 2.7.6 to fix multiple vulnerabilities -- Antonio Terceiro Sat, 24 Feb 2018 12:20:04 -0300 ruby2.5 (2.5.0-4) unstable; urgency=medium * debian/rules: pass --excludes-dir options to `make check` via $TESTS -- Antonio Terceiro Sat, 30 Dec 2017 10:50:04 -0300 ruby2.5 (2.5.0-3) unstable; urgency=medium * arm64: skip TestRubyOptimization#test_clear_unreachable_keyword_args. It works just fine on a porter box, but consistently hangs on the arm64 buildd. * mipsel: skip some tests from TestNum2int; they fail on the buildd, but not on the porterbox. -- Antonio Terceiro Fri, 29 Dec 2017 21:14:34 -0300 ruby2.5 (2.5.0-2) unstable; urgency=medium * Move test exclusions from a patch to debian/tests/excludes/ - debian/rules, debian/tests/run-all: pass the appropriate exclusion flags to the test runner * Exclude TestResolvMDNS. It will fail on some architectures, and be very slow on others. -- Antonio Terceiro Fri, 29 Dec 2017 12:57:39 -0300 ruby2.5 (2.5.0-1) unstable; urgency=medium * New upstream version 2.5.0 * Refresh patches * debian/libruby2.5.symbols: update * debian/tests/known-failures.txt: add another 3 test files that assume the tests are being run against a built source tree -- Antonio Terceiro Tue, 26 Dec 2017 11:48:55 -0200 ruby2.5 (2.5.0~rc1-1) unstable; urgency=medium * New upstream release candidate. Includes the following fixes: - Fix stack size on powerpc64 (Closes: #881772) - CVE-2017-17405: Command injection vulnerability in Net::FTP (Closes: #884437) * Refresh patches * debian/control: - Remove explicit Testsuite: header - ruby2.5-dev: Recommends: ruby2.5-doc - Declare compatibility with Debian Policy 4.1.2; no changes needed - Bump debhelper compatibility level to 10 - change debian/rules to call ./configure directly, to use upstream's built-in multiarch support as before debhelper compatibility level 9 * debian/watch: download release tarballs. Using release tarballs makes it possible to build ruby without having an existing ruby. This should help bootstrapping ruby on new architectures. (Closes: #832022) * debian/copyright: exclude embedded copies of bundled gems and libffi * debian/rules: - run tests in verbose mode during build - drop explicit usage of autotools-dev - drop usage of autoreconf debhelper sequence, it's not needed anymore since we are now using a complete upstream release tarball - drop passing --baseruby to configure, since do not require an existing ruby anymore - skip setting DEB_HOST_MULTIARCH if already set - replace manual call to dpkg-parsechangelog with including /usr/share/dpkg/pkg-info.mk and using variables from there. * autopkgtest: make use of the text exclusion rules under test/excludes/ * debian/libruby2.5.symbols: update with symbols added/removed since the preview1 release * debian/tests/bundled-gems: handle extra field in gems/bundled_gems * debian/libruby2.5.lintian-overrides: remove unused override (possible-gpl-code-linked-with-openssl) -- Antonio Terceiro Sun, 24 Dec 2017 12:29:25 -0200 ruby2.5 (2.5.0~preview1-1) unstable; urgency=medium [ Antonio Terceiro ] * New upstream version 2.5.0~preview1 * debian/patches: import all of our remaining changes wrt upstream. All the changes to tests were transformed into exclude files under test/excludes/ * ruby2.5-dev: don't install *.a files anymore; they are not installed by the upstream build system anymore. * debian/rules: adapt removal of embedded certificate store in Rubygems * debian/rules: also remove embedded certificate store from bundler [ Christian Hofstaedtler ] * Remove packaging for tcltk extension; it has been removed from Ruby core upstream. * Drop migration from old -dbg package * Disable test for homedir expansion which fails in sbuild * Upstream tarballs no longer come from git * Update jquery in missing-sources * d/copyright: Add info for darkfish icon set * Build with default OpenSSL once again -- Antonio Terceiro Tue, 10 Oct 2017 21:12:54 -0300 ruby2.3 (2.3.3-1) unstable; urgency=medium * New upstream version. -- Christian Hofstaedtler Tue, 22 Nov 2016 12:32:41 +0000 ruby2.3 (2.3.2-1) unstable; urgency=medium * New upstream version. -- Christian Hofstaedtler Wed, 16 Nov 2016 01:31:08 +0000 ruby2.3 (2.3.1-6) unstable; urgency=medium * debian/rules: honor 'nocheck' flag in DEB_BUILD_OPTIONS (Closes: #842768). Thanks to John Paul Adrian Glaubitz for the patch. * Build-Depends on libssl1.0-dev. Ruby 2.3 is not likely to get OpenSSL 1.1 compatibility (see #828535) -- Antonio Terceiro Wed, 09 Nov 2016 14:38:59 -0200 ruby2.3 (2.3.1-5) unstable; urgency=medium * Increase timeout for test_array.rb test_permutation_stack_error, as Array#permutation is very slow on armel, mips, mipsel. Forwarded to upstream as issue #12502. * Disable test_process.rb test_aspawn_too_long_path, as it uses ~2GB of RAM and a lot of CPU time before finally failing on mips, mipsel. Forwarded to upstream as issue #12500. * Increase timeout for test_gc.rb test_gc_parameter, for mips, mipsel. -- Christian Hofstaedtler Fri, 17 Jun 2016 23:30:49 +0000 ruby2.3 (2.3.1-4) unstable; urgency=medium * Backport some test changes from Ruby trunk, to fix (some) build failures on archs other than amd64, i386, ppc64el, s390x. -- Christian Hofstaedtler Wed, 15 Jun 2016 07:32:02 +0000 ruby2.3 (2.3.1-3) unstable; urgency=medium * Replace libruby2.3-dbg with automatic dbgsym packages. * Avoid unreproducible rbconfig.rb (always use bash to build). * rdoc: sort input filenames in a consistent way (for reproducible). * Run full testsuite during build (make check instead of make test). -- Christian Hofstaedtler Tue, 14 Jun 2016 20:47:45 +0000 ruby2.3 (2.3.1-2) unstable; urgency=medium [ Antonio Terceiro ] * debian/tests/known-failures.txt: remove test that now passes (test/rinda/test_rinda.rb) * debian/rules: enable bindnow hardening option (Closes: #822288) * debian/copyright: update and simplify copyright annotations for Unicode files under enc/trans/JIS/ * Bump Standards-Version to 3.9.8 (no changes needed) [ Christian Hofstaedtler ] * Stop providing ruby-interpreter. Only packages providing /usr/bin/ruby can be a credible provider of ruby-interpreter. (Closes: #822072) * Raise priority to "optional", now that ruby2.2 is gone, although the value of this change is unclear. (Closes: #822911) * Apply patch from Reiner Herrmann to help with reproducibility of mkmf.rb using packages. (Closes: #825569) -- Christian Hofstaedtler Mon, 30 May 2016 12:14:46 +0000 ruby2.3 (2.3.1-1) unstable; urgency=medium * Call make install-doc, install-nodoc with V=1, for diagnosing build failures. * New upstream TEENY version. -- Christian Hofstaedtler Wed, 27 Apr 2016 07:40:42 +0000 ruby2.3 (2.3.0-5) unstable; urgency=medium * Set gzip embedded mtime field to fixed value for rdoc-generated compressed javascript data. Helps with reproducibility of rdoc-using packages. * Build tcltk extension for Tcl/Tk 8.6. * Apply patch from upstream to fix crash in Proc binding. (ruby-core: 74100, trunk r54128, bug #12137). (Closes: #816161) -- Christian Hofstaedtler Wed, 16 Mar 2016 23:36:12 +0000 ruby2.3 (2.3.0-4) unstable; urgency=medium * Apply patch from upstream to fix deserializing OpenStruct via Psych, (ruby-core: 72501, trunk r53366). (Closes: #816358) -- Christian Hofstaedtler Tue, 01 Mar 2016 22:41:19 +0100 ruby2.3 (2.3.0-3) unstable; urgency=medium * Explicitly set bundled gem dates. Otherwise these multi-arch same files differ on different architectures depending on build date. (Closes: #810321) * Apply patch from upstream (ruby-core:72736, trunk r53455) to fix extension builds that use g++. * Bump Standards-Version to 3.9.7 with no addtl. changes * d/copyright: Remove rake, no longer bundled. * Switch Vcs-* URLs to https. -- Christian Hofstaedtler Mon, 29 Feb 2016 21:45:51 +0100 ruby2.3 (2.3.0-2) unstable; urgency=medium * debian/libruby2.3.symbols: update with new symbols introduced right before the final 2.3.0 release. * libruby2.3: add dependencies on rake, ruby-did-you-mean and ruby-net-telnet -- Antonio Terceiro Sat, 30 Jan 2016 09:20:31 -0200 ruby2.3 (2.3.0-1) unstable; urgency=medium [ Antonio Terceiro ] * Ruby 2.3 * debian/tests/bundled-gems: check if all libraries that are supposed to be bundled are present, with a version greater than or equal to the one specified in gems/bundled_gems * debian/tests/run-all: filter failures against list of known failures. Pass if only the tests listed in debian/tests/known-failures.txt fail, fail otherwise. This will help catch regressions. * debian/copyright: update wrt new files in the distribution [ Christian Hofstaedtler ] * autopkgtest: depend on all packages so we actually have header files installed. -- Antonio Terceiro Mon, 28 Dec 2015 09:17:47 -0300 ruby2.2 (2.2.3-2) unstable; urgency=medium * Add dependency on ruby-minitest to provide the same experience out of the box as the upstream package (Closes: #803665) * Apply upstream patch to not use SSLv3 methods if OpenSSL does not export them (Closes: #804089) * updated debian/libruby2.2.symbols with 1 new symbol. -- Antonio Terceiro Thu, 05 Nov 2015 18:43:02 -0200 ruby2.2 (2.2.3-1) unstable; urgency=medium * New upstream release -- Christian Hofstaedtler Tue, 18 Aug 2015 22:22:21 +0000 ruby2.2 (2.2.2-3) unstable; urgency=medium [ Christian Hofstaedtler ] * Have libruby2.2 depend on ruby-test-unit, as upstream bundles this externally maintained package in their tarballs. (Closes: #791925) [ Antonio Terceiro ] * Apply upstream patches to fix Request hijacking vulnerability in Rubygems [CVE-2015-3900] (Closes: #790111) -- Antonio Terceiro Wed, 29 Jul 2015 09:50:08 -0300 ruby2.2 (2.2.2-2) unstable; urgency=medium * Make Date in gemspec reproducible. Initial patch from Chris Lamb . (Closes: #779631, #784225) * Replace embedded copies of Lato with symlinks to fonts-lato. (Closes: #762348) * debian/copyright: improve DEP-5 compliance. * Provide debug symbols, in a new libruby2.2-dbg package. Patch from Matt Palmer . (Closes: #785685) * Build libruby.so with dpkg-buildflags supplied LDFLAGS. (Closes: #762350) -- Christian Hofstaedtler Wed, 01 Jul 2015 15:36:24 +0200 ruby2.2 (2.2.2-1) unstable; urgency=medium * New upstream release - includes fix for vulnerability with overly permissive matching of hostnames in OpenSSL extension [CVE-2015-1855] * debian/rules: add import-orig-source to automate importing orig tarballs generated from the upstream git mirror. * debian/tests: add a functional test that will run all tests under test/ -- Antonio Terceiro Sun, 03 May 2015 18:56:32 -0300 ruby2.2 (2.2.1-1) unstable; urgency=medium * New upstream release * debian/copyright: review - enc/* relicensed to the same license as Ruby - add license for ccan/* (CC0) - add license for enc/trans/JIS/* - some under the "Unicode" license - most under permissive "You can use, modify, distribute this table freely." terms - ext/nkf/ relicensed to zlib/libpng license * debian/upstream-changes: simpler and more accurate implementation * debian/libruby2.2.symbols: updated -- Antonio Terceiro Fri, 03 Apr 2015 21:30:14 -0300 ruby2.2 (2.2.0~1-1) UNRELEASED; urgency=medium * Ruby 2.2 RC1 * Dropped all Debian-specific changes to the upstream sources; everything we need is fixed upstream -- Antonio Terceiro Fri, 19 Dec 2014 14:46:35 -0200 ruby2.1 (2.1.5-1) unstable; urgency=medium * New upstream release - Fixes CVE-2014-8090 Another Denial of Service XML Expansion (Closes: #770932) - Fixes build on SPARC (Closes: #769731) -- Antonio Terceiro Sat, 29 Nov 2014 12:30:39 -0200 ruby2.1 (2.1.4-1) unstable; urgency=high * New upstream version - CVE-2014-8080: Denial of Service in XML Expansion - Changes default settings in OpenSSL bindings to not use deprecated and insecure ciphers; avoids issues associated to CVE-2014-3566 (i.e. the "POODLE" bug in OpenSSL) -- Antonio Terceiro Wed, 29 Oct 2014 12:07:22 -0200 ruby2.1 (2.1.3-2) unstable; urgency=medium [ Sebastian Boehm ] * Install SystemTap tap file (Closes: #765862) -- Christian Hofstaedtler Sun, 19 Oct 2014 20:07:50 +0200 ruby2.1 (2.1.3-1) unstable; urgency=medium * New upstream version -- Christian Hofstaedtler Sat, 20 Sep 2014 16:55:47 +0200 ruby2.1 (2.1.2-4) unstable; urgency=medium [ Antonio Terceiro ] * Move libjs-jquery dependency from libruby2.1 to ruby2.1, and turn it into Recommends:. This way programs that link against libruby2.1 won't pull in libjs-jquery; OTOH those using rdoc (and thus needing libjs-jquery) would be already using ruby2.1 anyway. [ Christian Hofstaedtler ] * Update Vcs-Git URL, as we've moved from master2.1 to master. * Prepare libruby21.symbols for x32 (Closes: #759615) * Remove embedded copies of SSL certificates. Rubygems is advised by rubygems-integration to use the ca-certificates provided certificates. (Closes: #689074) -- Christian Hofstaedtler Fri, 05 Sep 2014 03:06:30 +0200 ruby2.1 (2.1.2-3) unstable; urgency=medium [ Antonio Terceiro ] * debian/rules: call debian/split-tk-out.rb with $(baseruby) instead of `ruby` to actually support bootstrapping with ruby1.8 (and no `ruby`) * Break dependency loop (Closes: #747858) - ruby2.1: drop dependency on ruby - libruby2.1: drop dependency on ruby2.1 [ Christian Hofstaedtler ] * Add missing man pages for gem, rdoc, testrb (Closes: #756053, #756815) * Correct ruby2.1's Multi-Arch flag to 'allowed' (Closes: #745360) -- Antonio Terceiro Thu, 14 Aug 2014 10:45:29 -0300 ruby2.1 (2.1.2-2) unstable; urgency=medium * Support bootstrapping with Ruby 1.8 (which builds with gcc only) if another Ruby is not available. -- Antonio Terceiro Thu, 15 May 2014 23:20:49 -0300 ruby2.1 (2.1.2-1) unstable; urgency=medium [ Christian Hofstaedtler ] * New upstream version * Update watch file [ Sebastian Boehm ] * Build with basic systemtap support. (Closes: #747232) [ Antonio Terceiro ] * 2.1 is now the main development branch -- Christian Hofstaedtler Sat, 10 May 2014 15:51:13 +0200 ruby2.1 (2.1.1-4) unstable; urgency=medium * Use Debian copy of config.{guess,sub} Instead of downloading it from the Internet, which could be down or insecure. Thanks to Scott Kitterman for the report AND patch. (Closes: 745699) * Move jquery source file to d/missing-sources -- Christian Hofstaedtler Fri, 25 Apr 2014 00:57:13 +0200 ruby2.1 (2.1.1-3) unstable; urgency=medium [ Antonio Terceiro ] * Disable rubygems-integration during the build. This fixes the install location of the gemspecs for the bundled libraries. (Closes: #745465) -- Christian Hofstaedtler Tue, 22 Apr 2014 18:38:01 +0200 ruby2.1 (2.1.1-2) unstable; urgency=medium * Tie Tcl/Tk dependency to version 8.5, applying patch from Ubuntu. Thanks to Matthias Klose -- Christian Hofstaedtler Mon, 10 Mar 2014 13:38:41 +0100 ruby2.1 (2.1.1-1) unstable; urgency=medium * Imported Upstream version 2.1.1 * Update lintian overrides -- Christian Hofstaedtler Wed, 05 Mar 2014 18:22:58 +0100 ruby2.1 (2.1.0-2) unstable; urgency=medium * ruby2.1-dev: Depend on libgmp-dev. Thanks to John Leach * Fix FTBFS with libreadline 6.x, by applying upstream r45225. -- Christian Hofstaedtler Mon, 03 Mar 2014 21:10:32 +0100 ruby2.1 (2.1.0-1) unstable; urgency=medium * Upload to unstable. -- Christian Hofstaedtler Sat, 22 Feb 2014 23:44:44 +0100 ruby2.1 (2.1.0-1~exp2) experimental; urgency=medium [ Antonio Terceiro ] * ruby2.1-dev: add missing dependency on libruby2.1 [ Christian Hofstaedtler ] * Again depend on ruby without alternatives management * Tag 64bit-only symbols as such -- Christian Hofstaedtler Thu, 13 Feb 2014 13:02:25 +0100 ruby2.1 (2.1.0-1~exp1) experimental; urgency=medium * New release train, branch off and rename everything to ruby2.1 (Closes: #736664) * Build with GMP library for faster Bignum operations. * Target experimental as long as ruby 1:1.9.3.1 has not entered unstable, dropping the versioned dependency for now. -- Christian Hofstaedtler Thu, 23 Jan 2014 19:25:19 +0100 ruby2.0 (2.0.0.484-1) UNRELEASED; urgency=medium [ Antonio Terceiro ] * New upstream snapshot. * Add patch by Yamashita Yuu to fix build against newer OpenSSL (Closes: #733372) [ Christian Hofstaedtler ] * Use any valid Ruby interpreter to bootstrap * Bump Standards-Version to 3.9.5 (no changes) * Add myself to Uploaders: * Add Dependencies to facilitate upgrades from 1.8 * libruby2.0 now depends on ruby2.0 * ruby2.0 now depends on ruby * Stop installing alternatives/symlinks for binaries: * /usr/bin/{ruby,erb,testrb,irb,rdoc,ri} -- Christian Hofstaedtler Fri, 17 Jan 2014 16:35:57 +0100 ruby2.0 (2.0.0.353-1) unstable; urgency=low * New upstream release + Includes fix for Heap Overflow in Floating Point Parsing (CVE-2013-4164) Closes: #730190 -- Antonio Terceiro Mon, 25 Nov 2013 22:34:25 -0300 ruby2.0 (2.0.0.343-1) unstable; urgency=low * New upstream version (snapshot from 2.0 maintainance branch). * fix typo in ruby2.0-tcltk description * Backported upstream patches from Tanaka Akira to fix FTBFS on: - GNU/kFreeBSD (Closes: #726095) - x32 (Closes: #727010) * Make date for io-console gemspec predictable (Closes: #724974) * libruby2.0 now depends on libjs-jquery because of rdoc (Closes: #725056) * Backport upstream patch by Nobuyoshi Nakada to fix include directory in `pkg-config --cflags` (Closes: #725166) * Document missing licenses in debian/copyright (Closes: #723161) * debian/libruby2.0.symbols: add new symbol rb_exec_recursive_paired_outer (not in the public API though) -- Antonio Terceiro Tue, 05 Nov 2013 20:33:23 -0300 ruby2.0 (2.0.0.299-2) unstable; urgency=low * Split Ruby/Tk out of libruby2.0 into its own package, ruby2.0-tcltk. This will reduce the footprint of a basic Ruby installation. -- Antonio Terceiro Sun, 15 Sep 2013 22:09:57 -0300 ruby2.0 (2.0.0.299-1) unstable; urgency=low * New upstream release + Includes a fix for override of existing LDFLAGS when building compiled extensions that use pkg-config (Closes: #721799). * debian/rules: forward-port to tcl/tk packages with multi-arch support. Thanks to Tristan Hill for reporting on build for Ubuntu saucy * debian/control: ruby2.0 now provides ruby-interpreter * Now using tarballs generated from the git mirror. + The released tarballs will modify shipped files on clean. Without this we can stop messing around with files that need to be recovered after a `debian/rules clean` to make them match the orig tarball and avoid spurious diffs. + This also lets us drop the diffs against generated files such as tool/config.* and configure. + documented in debian/README.source * debian/libruby2.0.symbols: refreshed with 2 new symbols added since last version. -- Antonio Terceiro Sun, 08 Sep 2013 12:38:34 -0300 ruby2.0 (2.0.0.247-1) unstable; urgency=low * Initial release (Closes: #697703) -- Antonio Terceiro Mon, 07 Jan 2013 14:48:51 -0300