Comparing changes
Open a pull request
base repository: ruby/ruby
base: v2_4_2
head repository: ruby/ruby
compare: v2_4_3
- 8 commits
- 16 files changed
- 1 contributor
Commits on Sep 14, 2017
-
bump up teeny version to 2.4.3.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@59913 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-
merge revision(s) 58254: [Backport #13402]
fix --with-gmp (broken by r57490) Looking at the generated shell script (also the autoconf manual), it seems AC_SEARCH_LIBS() m4 macro does not define HAVE_LIBsomething C preprocessor macros, unlike AC_CHECK_LIB() which does define them. This previous change effectively killed building with GMP because building that mode depends on existence of HAVE_LIBGMP. [Bug #13402] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@59914 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Commits on Oct 11, 2017
-
merge revision(s) 60149: [Backport #14003]
Merge rubygems-2.6.14 changes. It fixed http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@60168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Commits on Nov 3, 2017
-
merge revision(s) 58499,58500: [Backport #13181]
parse.y: fix line in rescue * parse.y (set_line_body, primary): fix line number of bodystmt as the beginning of the block. [ruby-core:79388] [Bug #13181] parse.y: set_line_body is not used in ripper git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@60626 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Commits on Dec 14, 2017
-
merge revision(s) 61197: [Backport #14184]
webrick: compile RE correctly for beginning and end match Using ^ and $ in regexps means we can accidentally get fooled by "%0a" in HTTP request paths being decoded to newline characters. Use \A and \z to match beginning and end-of-string respectively, instead. Thanks to mame and hsbt for reporting. * lib/webrick/httpserver.rb (MountTable#compile): use \A and \z instead of ^ and $ * lib/webrick/httpserver.rb (MountTable#normalize): use \z instead of $ * test/webrick/test_httpserver.rb (test_cntrl_in_path): new test git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@61238 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-
merge revision(s) 60123,60172,60189,60208,60210,60211: [Backport #14005]
webrick: avoid unnecessary IO#sync= call Sockets and pipes are always created with FMODE_SYNC flag already set (otherwise many things would be broken). * lib/webrick/server.rb (accept_client): remove unnecessary IO#sync= call webrick: do not hang acceptor on slow TLS connections OpenSSL::SSL::SSLSocket#accept may block indefinitely on clients which negotiate the TCP connection, but fail (or are slow) to negotiate the subsequent TLS handshake. This prevents the multi-threaded WEBrick server from accepting other connections. Since the TLS handshake (via OpenSSL::SSL::SSLSocket#accept) consists of normal read/write traffic over TCP, handle it in the per-client thread, instead. Furthermore, using non-blocking accept() is useful for non-TLS sockets anyways because spurious wakeups are possible from select(2). * lib/webrick/server.rb (accept_client): use TCPServer#accept_nonblock and remove OpenSSL::SSL::SSLSocket#accept call * lib/webrick/server.rb (start_thread): call OpenSSL::SSL::SSLSocket#accept * test/webrick/test_ssl_server.rb (test_slow_connect): new test [ruby-core:83221] [Bug #14005] webrick: fix up r60172 By making the socket non-blocking in r60172, TLS/SSL negotiation via the SSL_accept function must handle non-blocking sockets properly and retry on SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE. OpenSSL::SSL::SSLSocket#accept cannot do that properly with a non-blocking socket, so it must use non-blocking logic of OpenSSL::SSL::SSLSocket#accept_nonblock. Thanks to MSP-Greg (Greg L) for finding this. * lib/webrick/server.rb (start_thread): use SSL_accept properly with non-blocking socket. [Bug #14013] [Bug #14005] webrick: fix up r60172 and revert r60189 Thanks to MSP-Greg (Greg L) for helping with this. * lib/webrick/server.rb (start_thread): ignore ECONNRESET, ECONNABORTED, EPROTO, and EINVAL on TLS negotiation errors the same way they were ignored before r60172 in the accept_client method of the main acceptor thread. [Bug #14013] [Bug #14005] webrick: fix up r60172 and r60208 Thanks to MSP-Greg (Greg L) for helping with this. * lib/webrick/server.rb (start_thread): fix non-local return introduced in r60208 webrick: fix up r60172 and r60210 Thanks to MSP-Greg (Greg L) for helping with this. * lib/webrick/server.rb (start_thread): properly fix non-local return introduced in r60208 and r60210 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@61239 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-
merge revision(s) 61242: [Backport #14185]
Fix a command injection vulnerability in Net::FTP. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@61245 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/tags/v2_4_3@61247 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2_4_2...v2_4_3