Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 483102 - dev-vcs/subversion-1.7.11 depends on deprecated dev-lang/ruby:1.8
Summary: dev-vcs/subversion-1.7.11 depends on deprecated dev-lang/ruby:1.8
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Thomas Sachau
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: ruby-1.8
  Show dependency tree
 
Reported: 2013-08-31 06:01 UTC by Hans de Graaff
Modified: 2016-08-06 17:22 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hans de Graaff gentoo-dev 2013-08-31 06:01:28 UTC
Your package depends explicitly on dev-lang/ruby:1.8. Versions in this slot are no longer supported upstream and this slot will be removed from Gentoo shortly. Please adapt your package to use a newer slot of ruby or mask it for removal if it is not compatible.
Comment 1 Thomas Sachau gentoo-dev 2013-08-31 11:30:14 UTC
Feel free to package.use.mask the ruby USE-flag, when you remove ruby-1.8

The ruby support is optional and afaik still only for ruby-1.8 so nothing in addition i will do for this package.
Comment 2 Manuel Rüger (RETIRED) gentoo-dev 2013-10-30 05:07:45 UTC
Please check also: https://svn.apache.org/viewvc?view=revision&revision=1407206
Comment 3 Agostino Sarubbo gentoo-dev 2013-11-25 19:58:21 UTC
From https://bugzilla.redhat.com/show_bug.cgi?id=1033995 :

It was found that mod_dontdothat did not block requests from certain clients (such as Serf-based 
clients). This could allow a client to bypass intended mod_dontdothat restrictions and use more 
resources on the server than expected. This issue affected mod_dontdothat versions 1.4.0 to 1.7.13, 
and 1.8.0 to 1.8.4. It has been corrected in versions 1.7.14 and 1.8.5.

External References:

http://subversion.apache.org/security/CVE-2013-4505-advisory.txt


@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 4 Agostino Sarubbo gentoo-dev 2013-11-25 19:59:41 UTC
(In reply to Agostino Sarubbo from comment #3)
> From https://bugzilla.redhat.com/show_bug.cgi?id=1033995 :
> 
> It was found that mod_dontdothat did not block requests from certain clients
> (such as Serf-based 
> clients). This could allow a client to bypass intended mod_dontdothat
> restrictions and use more 
> resources on the server than expected. This issue affected mod_dontdothat
> versions 1.4.0 to 1.7.13, 
> and 1.8.0 to 1.8.4. It has been corrected in versions 1.7.14 and 1.8.5.
> 
> External References:
> 
> http://subversion.apache.org/security/CVE-2013-4505-advisory.txt
> 
> 
> @maintainer(s): after the bump, in case we need to stabilize the package,
> please say explicitly if it is ready for the stabilization or not.

PLEASE IGNORE IT, script failure.
Comment 5 Manuel Rüger (RETIRED) gentoo-dev 2014-01-06 22:32:39 UTC
subversion-1.8.5 in tree, has support for ruby19. 

Remove it from stable 1.7.x?
Comment 6 Manuel Rüger (RETIRED) gentoo-dev 2014-03-07 00:36:55 UTC
The ruby USE-Flag has been package.use.mask'd. Please remove the broken support from your ebuild (1.7.x) and clean up the mask afterwards.