Files
kimura wataru 8522b08b8a lang/ruby24: update to 2.4.3, includes fixes for CVE-2017-17405
CVE-2017-17405: Command injection vulnerability in Net::FTP
https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/

fix install_name of libruby on darwin (#54866).
this problem was fixed at upstream trunk (2.5.0-dev), but the change
is not merged into 2.4.
2017-12-15 07:44:30 +09:00

12 lines
623 B
Diff

--- configure.orig 2017-12-14 23:36:11.000000000 +0900
+++ configure 2017-12-15 06:38:45.000000000 +0900
@@ -25691,7 +25691,7 @@
libprefix="@executable_path/../${libdir_basename}"
LIBRUBY_RELATIVE=yes
fi
- LIBRUBY_DLDFLAGS="$LIBRUBY_DLDFLAGS "'-install_name '${libprefix}'/$(LIBRUBY_SO)'
+ LIBRUBY_DLDFLAGS="$LIBRUBY_DLDFLAGS "'-install_name '${libprefix}'/lib$(RUBY_BASE_NAME).$(MAJOR).$(MINOR).dylib'
LIBRUBY_DLDFLAGS="$LIBRUBY_DLDFLAGS "'-compatibility_version $(MAJOR).$(MINOR)'
LIBRUBY_DLDFLAGS="$LIBRUBY_DLDFLAGS "'-current_version $(RUBY_PROGRAM_VERSION)'
if test "$visibility_option" = ld; then