Fairly simple update that fixes some segfaults and a possible security
issue:
Default parse options for XML documents were changed to not make
network connections during document parsing, to avoid XXE
vulnerability.
See full changelog at
https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.rdoc
Tested on i386, compiles on amd64. Will be committing later this week
unless I hear objections.
Thanks,
Jeremy
Index: Makefile
===================================================================
RCS file: /cvs/ports/textproc/ruby-nokogiri/Makefile,v
retrieving revision 1.14
diff -u -p -r1.14 Makefile
--- Makefile 7 Jun 2012 15:35:58 -0000 1.14
+++ Makefile 26 Jun 2012 17:46:32 -0000
@@ -2,7 +2,7 @@
COMMENT= HTML, XML, SAX and Reader parser
-DISTNAME= nokogiri-1.5.3
+DISTNAME= nokogiri-1.5.5
CATEGORIES= textproc
HOMEPAGE= http://nokogiri.rubyforge.org/nokogiri
Index: distinfo
===================================================================
RCS file: /cvs/ports/textproc/ruby-nokogiri/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo 7 Jun 2012 15:35:58 -0000 1.5
+++ distinfo 26 Jun 2012 17:50:19 -0000
@@ -1,5 +1,5 @@
-MD5 (nokogiri-1.5.3.gem) = Nrfv7IgI6hH0PyPeSZPELQ==
-RMD160 (nokogiri-1.5.3.gem) = cbtJF8KKu2096+BNsM6gZ8jpvHY=
-SHA1 (nokogiri-1.5.3.gem) = KDH5/k2Orda5TxZPWPWh6FjSptQ=
-SHA256 (nokogiri-1.5.3.gem) = bfIHh2WhAUsQvizwJSZIqktGJzmhGNx4ZKg8K04rjn8=
-SIZE (nokogiri-1.5.3.gem) = 205824
+MD5 (nokogiri-1.5.5.gem) = tlsmB78bPmzbBJH6q4FuaA==
+RMD160 (nokogiri-1.5.5.gem) = vJ+da3r6ppf8z7L0W3gqLctr+MU=
+SHA1 (nokogiri-1.5.5.gem) = xQW0YPzwOdtpwIzP5p2i3Li5Xxo=
+SHA256 (nokogiri-1.5.5.gem) = dkACGKnnCZ1NbUrSu28SGNgK6Toetn40tB5obTeI1I8=
+SIZE (nokogiri-1.5.5.gem) = 209920
Index: patches/patch-Rakefile
===================================================================
RCS file: /cvs/ports/textproc/ruby-nokogiri/patches/patch-Rakefile,v
retrieving revision 1.2
diff -u -p -r1.2 patch-Rakefile
--- patches/patch-Rakefile 7 Jun 2012 15:35:58 -0000 1.2
+++ patches/patch-Rakefile 26 Jun 2012 22:04:07 -0000
@@ -3,31 +3,26 @@ $OpenBSD: patch-Rakefile,v 1.2 2012/06/0
Allow regress tests to work.
--- Rakefile.orig Wed Dec 31 16:00:00 1969
-+++ Rakefile Fri Jun 1 14:17:42 2012
-@@ -37,18 +37,6 @@ HOE = Hoe.spec 'nokogiri' do
- GENERATED_TOKENIZER
- ]
-
-- self.extra_dev_deps += [
-- ["hoe-bundler", ">= 1.1"],
-- ["hoe-debugging", ">= 1.0.3"],
-- ["hoe-gemspec", ">= 1.0"],
-- ["hoe-git", ">= 1.4"],
-- ["mini_portile", ">= 0.2.2"],
-- ["minitest", "~> 2.2.2"],
-- ["racc", ">= 1.4.6"],
-- ["rake-compiler", "= 0.8.0"],
-- ["rexical", ">= 1.0.5"],
++++ Rakefile Tue Jun 26 15:04:00 2012
+@@ -47,12 +47,12 @@ HOE = Hoe.spec 'nokogiri' do
+ ["minitest", "~> 2.2.2"],
+ ["rake", ">= 0.9"],
+ ["rake-compiler", "= 0.8.0"]
- ]
--
++ ].clear
+ if ! java?
+ self.extra_dev_deps += [
+ ["racc", ">= 1.4.6"],
+ ["rexical", ">= 1.0.5"]
+- ]
++ ].clear
+ end
+
if java?
- self.spec_extras = { :platform => 'java' }
- else
-@@ -83,7 +71,7 @@ if java?
- else
+@@ -90,6 +90,7 @@ else
mingw_available = true
begin
-- require 'tasks/cross_compile'
+ require 'tasks/cross_compile'
+ raise
rescue
mingw_available = false
