From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-966067-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id A900D1396D0
	for <garchives@archives.gentoo.org>; Wed,  9 Aug 2017 06:21:31 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 178AE1FC04F;
	Wed,  9 Aug 2017 06:21:30 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id DA8301FC04F
	for <gentoo-commits@lists.gentoo.org>; Wed,  9 Aug 2017 06:21:28 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id D017334184D
	for <gentoo-commits@lists.gentoo.org>; Wed,  9 Aug 2017 06:21:27 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 97C3374B9
	for <gentoo-commits@lists.gentoo.org>; Wed,  9 Aug 2017 06:21:25 +0000 (UTC)
From: "Patrice Clement" <monsieurp@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Patrice Clement" <monsieurp@gentoo.org>
Message-ID: <1502259673.0ab47c621f6211b455352604a9c776bbc4f601ba.monsieurp@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-ruby/activesupport/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: dev-ruby/activesupport/files/4-1-xml_depth.patch
X-VCS-Directories: dev-ruby/activesupport/files/
X-VCS-Committer: monsieurp
X-VCS-Committer-Name: Patrice Clement
X-VCS-Revision: 0ab47c621f6211b455352604a9c776bbc4f601ba
X-VCS-Branch: master
Date: Wed,  9 Aug 2017 06:21:25 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 6f6bcb46-5431-4bed-9c50-faae49babf70
X-Archives-Hash: 82156ac3d3b8f40eb189ba47b6c59f0b

commit:     0ab47c621f6211b455352604a9c776bbc4f601ba
Author:     Michael Mair-Keimberger (asterix) <m.mairkeimberger <AT> gmail <DOT> com>
AuthorDate: Mon Aug  7 15:56:04 2017 +0000
Commit:     Patrice Clement <monsieurp <AT> gentoo <DOT> org>
CommitDate: Wed Aug  9 06:21:13 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ab47c62

dev-ruby/activesupport: remove unused patch.

Closes: https://github.com/gentoo/gentoo/pull/5338

 dev-ruby/activesupport/files/4-1-xml_depth.patch | 114 -----------------------
 1 file changed, 114 deletions(-)

diff --git a/dev-ruby/activesupport/files/4-1-xml_depth.patch b/dev-ruby/activesupport/files/4-1-xml_depth.patch
deleted file mode 100644
index 29bc4d2ec72..00000000000
--- a/dev-ruby/activesupport/files/4-1-xml_depth.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From eb4f1d6a02e9557b97cdbed76157dc5a625cdb82 Mon Sep 17 00:00:00 2001
-From: Aaron Patterson <aaron.patterson@gmail.com>
-Date: Tue, 9 Jun 2015 11:24:25 -0700
-Subject: [PATCH] enforce a depth limit on XML documents
-
-XML documents that are too deep can cause an stack overflow, which in
-turn will cause a potential DoS attack.
-
-CVE-2015-3227
----
- activesupport/lib/active_support/xml_mini.rb       |  3 +++
- activesupport/lib/active_support/xml_mini/jdom.rb  | 11 ++++++-----
- activesupport/lib/active_support/xml_mini/rexml.rb | 11 ++++++-----
- 3 files changed, 15 insertions(+), 10 deletions(-)
-
-diff --git a/activesupport/lib/active_support/xml_mini.rb b/activesupport/lib/active_support/xml_mini.rb
-index 009ee4d..df7b081 100644
---- a/activesupport/lib/active_support/xml_mini.rb
-+++ b/activesupport/lib/active_support/xml_mini.rb
-@@ -78,6 +78,9 @@ module ActiveSupport
-       )
-     end
- 
-+    attr_accessor :depth
-+    self.depth = 100
-+
-     delegate :parse, :to => :backend
- 
-     def backend
-diff --git a/activesupport/lib/active_support/xml_mini/jdom.rb b/activesupport/lib/active_support/xml_mini/jdom.rb
-index 27c64c4..cdc5490 100644
---- a/activesupport/lib/active_support/xml_mini/jdom.rb
-+++ b/activesupport/lib/active_support/xml_mini/jdom.rb
-@@ -46,7 +46,7 @@ module ActiveSupport
-         xml_string_reader = StringReader.new(data)
-         xml_input_source = InputSource.new(xml_string_reader)
-         doc = @dbf.new_document_builder.parse(xml_input_source)
--        merge_element!({CONTENT_KEY => ''}, doc.document_element)
-+        merge_element!({CONTENT_KEY => ''}, doc.document_element, XmlMini.depth)
-       end
-     end
- 
-@@ -58,9 +58,10 @@ module ActiveSupport
-     #   Hash to merge the converted element into.
-     # element::
-     #   XML element to merge into hash
--    def merge_element!(hash, element)
-+    def merge_element!(hash, element, depth)
-+      raise 'Document too deep!' if depth == 0
-       delete_empty(hash)
--      merge!(hash, element.tag_name, collapse(element))
-+      merge!(hash, element.tag_name, collapse(element, depth))
-     end
- 
-     def delete_empty(hash)
-@@ -71,14 +72,14 @@ module ActiveSupport
-     #
-     # element::
-     #   The document element to be collapsed.
--    def collapse(element)
-+    def collapse(element, depth)
-       hash = get_attributes(element)
- 
-       child_nodes = element.child_nodes
-       if child_nodes.length > 0
-         (0...child_nodes.length).each do |i|
-           child = child_nodes.item(i)
--          merge_element!(hash, child) unless child.node_type == Node.TEXT_NODE
-+          merge_element!(hash, child, depth - 1) unless child.node_type == Node.TEXT_NODE
-         end
-         merge_texts!(hash, element) unless empty_content?(element)
-         hash
-diff --git a/activesupport/lib/active_support/xml_mini/rexml.rb b/activesupport/lib/active_support/xml_mini/rexml.rb
-index 5c7c78b..924ed72 100644
---- a/activesupport/lib/active_support/xml_mini/rexml.rb
-+++ b/activesupport/lib/active_support/xml_mini/rexml.rb
-@@ -29,7 +29,7 @@ module ActiveSupport
-         doc = REXML::Document.new(data)
- 
-         if doc.root
--          merge_element!({}, doc.root)
-+          merge_element!({}, doc.root, XmlMini.depth)
-         else
-           raise REXML::ParseException,
-             "The document #{doc.to_s.inspect} does not have a valid root"
-@@ -44,19 +44,20 @@ module ActiveSupport
-       #   Hash to merge the converted element into.
-       # element::
-       #   XML element to merge into hash
--      def merge_element!(hash, element)
--        merge!(hash, element.name, collapse(element))
-+      def merge_element!(hash, element, depth)
-+        raise REXML::ParseException, "The document is too deep" if depth == 0
-+        merge!(hash, element.name, collapse(element, depth))
-       end
- 
-       # Actually converts an XML document element into a data structure.
-       #
-       # element::
-       #   The document element to be collapsed.
--      def collapse(element)
-+      def collapse(element, depth)
-         hash = get_attributes(element)
- 
-         if element.has_elements?
--          element.each_element {|child| merge_element!(hash, child) }
-+          element.each_element {|child| merge_element!(hash, child, depth - 1) }
-           merge_texts!(hash, element) unless empty_content?(element)
-           hash
-         else
--- 
-2.2.1
-
-
\ No newline at end of file