diff --git a/.gitignore b/.gitignore index 88af0e8..3ade1f4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/ruby-2.2.2.tar.xz +SOURCES/ruby-2.2.9.tar.xz diff --git a/.rh-ruby22-ruby.metadata b/.rh-ruby22-ruby.metadata index 4795c5e..4e110dc 100644 --- a/.rh-ruby22-ruby.metadata +++ b/.rh-ruby22-ruby.metadata @@ -1 +1 @@ -58cfec8db9b51ad1ff3bd2b9065da087913a6268 SOURCES/ruby-2.2.2.tar.xz +1144e19b4cdc77ee036847d261013c88fc59b5f8 SOURCES/ruby-2.2.9.tar.xz diff --git a/SOURCES/ruby-1.9.3-mkmf-verbose.patch b/SOURCES/ruby-1.9.3-mkmf-verbose.patch index eab5c73..0f2a742 100644 --- a/SOURCES/ruby-1.9.3-mkmf-verbose.patch +++ b/SOURCES/ruby-1.9.3-mkmf-verbose.patch @@ -11,7 +11,7 @@ diff --git a/lib/mkmf.rb b/lib/mkmf.rb index 682eb46..e6b1445 100644 --- a/lib/mkmf.rb +++ b/lib/mkmf.rb -@@ -1852,7 +1852,7 @@ SRC +@@ -1859,7 +1859,7 @@ SRC SHELL = /bin/sh # V=0 quiet, V=1 verbose. other values don't work. diff --git a/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch b/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch index d1513f2..db3aa48 100644 --- a/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch +++ b/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch @@ -39,7 +39,7 @@ diff --git a/configure.in b/configure.in index 0e371e2..d4f1dcb 100644 --- a/configure.in +++ b/configure.in -@@ -4165,6 +4165,13 @@ AC_SUBST(rubyarchhdrdir)dnl +@@ -4244,6 +4244,13 @@ AC_SUBST(rubyarchhdrdir)dnl AC_SUBST(sitearchhdrdir)dnl AC_SUBST(vendorarchhdrdir)dnl diff --git a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 7a23cd9..f51abd1 100644 --- a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.in b/configure.in index 37d9a62..553d4d0 100644 --- a/configure.in +++ b/configure.in -@@ -3381,6 +3381,11 @@ if test ${multiarch+set}; then +@@ -3460,6 +3460,11 @@ if test ${multiarch+set}; then fi archlibdir='${libdir}/${arch}' diff --git a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index ca56a6e..438242b 100644 --- a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.in b/configure.in index 17ed3ed..5843651 100644 --- a/configure.in +++ b/configure.in -@@ -3971,8 +3971,6 @@ AS_CASE(["$target_os"], +@@ -4050,8 +4050,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -23,7 +23,7 @@ index 17ed3ed..5843651 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, -@@ -4002,6 +4000,7 @@ AC_ARG_WITH(ruby-version, +@@ -4081,6 +4079,7 @@ AC_ARG_WITH(ruby-version, [ruby_version=full]) unset RUBY_LIB_VERSION unset RUBY_LIB_VERSION_STYLE @@ -31,7 +31,7 @@ index 17ed3ed..5843651 100644 AS_CASE(["$ruby_version"], [full], [RUBY_LIB_VERSION_STYLE='3 /* full */'], [minor], [RUBY_LIB_VERSION_STYLE='2 /* minor */']) -@@ -4018,30 +4017,34 @@ if test ${RUBY_LIB_VERSION_STYLE+set}; then +@@ -4097,30 +4096,34 @@ if test ${RUBY_LIB_VERSION_STYLE+set}; then ruby_version="`$CPP -I. -I"${srcdir}" -I"${srcdir}/include" conftest.c | sed '/^ruby_version=/!d;s/ //g'`" eval $ruby_version elif test -z "${ruby_version}"; then diff --git a/SOURCES/ruby-2.1.0-always-use-i386.patch b/SOURCES/ruby-2.1.0-always-use-i386.patch index 7181a87..8d0d3db 100644 --- a/SOURCES/ruby-2.1.0-always-use-i386.patch +++ b/SOURCES/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.in b/configure.in index 553d4d0..03a4152 100644 --- a/configure.in +++ b/configure.in -@@ -4083,6 +4083,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -4162,6 +4162,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch index d9eb2ae..f76cef0 100644 --- a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch +++ b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.in b/configure.in index 03a4152..0e371e2 100644 --- a/configure.in +++ b/configure.in -@@ -4057,6 +4057,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -4136,6 +4136,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby/${ruby_version}'}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 03a4152..0e371e2 100644 if test "${LOAD_RELATIVE+set}"; then AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4080,6 +4084,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4159,6 +4163,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/SOURCES/ruby-2.2.3-dsym_fstrs-for-object-allocation-gc-phase.patch b/SOURCES/ruby-2.2.3-dsym_fstrs-for-object-allocation-gc-phase.patch deleted file mode 100644 index 22ab89a..0000000 --- a/SOURCES/ruby-2.2.3-dsym_fstrs-for-object-allocation-gc-phase.patch +++ /dev/null @@ -1,31 +0,0 @@ -From c4e2e5df814e77bfa19dc3ee5e5f907e4f368db9 Mon Sep 17 00:00:00 2001 -From: nagachika -Date: Thu, 14 May 2015 20:12:59 +0000 -Subject: [PATCH] merge revision(s) 49842: [Backport #10933] - - * symbol.c (Init_sym): make dsym_fstrs a hash compared by identity - as the keys are unique fstrings, to get rid of running hash and - compare methods and causing new object allocation during garbage - collection phase. [ruby-dev:48891] [Bug #10933] - - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@50493 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - ChangeLog | 7 +++++++ - symbol.c | 2 +- - version.h | 6 +++--- - 3 files changed, 11 insertions(+), 4 deletions(-) - -diff --git a/symbol.c b/symbol.c -index 1127020..696f017 100644 ---- a/symbol.c -+++ b/symbol.c -@@ -122,7 +122,7 @@ static const struct st_hash_type symhash = { - void - Init_sym(void) - { -- VALUE dsym_fstrs = rb_hash_new(); -+ VALUE dsym_fstrs = rb_ident_hash_new(); - global_symbols.dsymbol_fstr_hash = dsym_fstrs; - rb_gc_register_mark_object(dsym_fstrs); - rb_obj_hide(dsym_fstrs); diff --git a/SOURCES/ruby-2.2.3-vm_args.c-protect-value-stack-from-calling-other-met.patch b/SOURCES/ruby-2.2.3-vm_args.c-protect-value-stack-from-calling-other-met.patch deleted file mode 100644 index 99dc5a9..0000000 --- a/SOURCES/ruby-2.2.3-vm_args.c-protect-value-stack-from-calling-other-met.patch +++ /dev/null @@ -1,239 +0,0 @@ -From 3e199f4c2b49a17104a0878f8e8505ab2411a608 Mon Sep 17 00:00:00 2001 -From: nagachika -Date: Wed, 20 May 2015 16:04:34 +0000 -Subject: [PATCH] merge revision(s) 50172,50173: [Backport #11027] - - * vm_args.c: protect value stack from calling other methods - during complex parameter setting process (splat, kw, and so on). - [Bug #11027] - - * vm_core.h: remove rb_thead_t::mark_stack_len. - With this modification, we don't need to use th->mark_stack_len. - - * test/ruby/test_keyword.rb: add a test. - - * cont.c (cont_capture): catch up this fix. - - * vm.c (rb_thread_mark): ditto. - - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@50562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - ChangeLog | 15 +++++++++++++++ - cont.c | 2 +- - test/ruby/test_keyword.rb | 10 ++++++++++ - vm.c | 1 - - vm_args.c | 44 +++++++++++++++++++++++++++++--------------- - vm_core.h | 1 - - 6 files changed, 55 insertions(+), 18 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index 308d5eb..d0b4cdd 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,3 +1,18 @@ -+Thu May 21 00:55:45 2015 Koichi Sasada -+ -+ * vm_args.c: protect value stack from calling other methods -+ during complex parameter setting process (splat, kw, and so on). -+ [Bug #11027] -+ -+ * vm_core.h: remove rb_thead_t::mark_stack_len. -+ With this modification, we don't need to use th->mark_stack_len. -+ -+ * test/ruby/test_keyword.rb: add a test. -+ -+ * cont.c (cont_capture): catch up this fix. -+ -+ * vm.c (rb_thread_mark): ditto. -+ - Mon Apr 13 22:11:21 2015 CHIKANAGA Tomoyuki - - * ext/openssl/lib/openssl/ssl.rb: stricter hostname verification -diff --git a/cont.c b/cont.c -index 78ae089..22e0c5a 100644 ---- a/cont.c -+++ b/cont.c -@@ -490,7 +490,7 @@ cont_capture(volatile int *stat) - contval = cont->self; - - #ifdef CAPTURE_JUST_VALID_VM_STACK -- cont->vm_stack_slen = th->cfp->sp + th->mark_stack_len - th->stack; -+ cont->vm_stack_slen = th->cfp->sp - th->stack; - cont->vm_stack_clen = th->stack + th->stack_size - (VALUE*)th->cfp; - cont->vm_stack = ALLOC_N(VALUE, cont->vm_stack_slen + cont->vm_stack_clen); - MEMCPY(cont->vm_stack, th->stack, VALUE, cont->vm_stack_slen); -diff --git a/test/ruby/test_keyword.rb b/test/ruby/test_keyword.rb -index 70cdba1..9c76e15 100644 ---- a/test/ruby/test_keyword.rb -+++ b/test/ruby/test_keyword.rb -@@ -566,4 +566,14 @@ def test_nonsymbol_key - result = m(["a" => 10]) { |a = nil, **b| [a, b] } - assert_equal([{"a" => 10}, {}], result) - end -+ -+ def method_for_test_to_hash_call_during_setup_complex_parameters k1:, k2:, **rest_kw -+ [k1, k2, rest_kw] -+ end -+ -+ def test_to_hash_call_during_setup_complex_parameters -+ sym = "sym_#{Time.now}".to_sym -+ h = method_for_test_to_hash_call_during_setup_complex_parameters k1: "foo", k2: "bar", sym => "baz" -+ assert_equal ["foo", "bar", {sym => "baz"}], h, '[Bug #11027]' -+ end - end -diff --git a/vm.c b/vm.c -index ca70d46..e0b536d 100644 ---- a/vm.c -+++ b/vm.c -@@ -2015,7 +2015,6 @@ rb_thread_mark(void *ptr) - rb_control_frame_t *limit_cfp = (void *)(th->stack + th->stack_size); - - rb_gc_mark_values((long)(sp - p), p); -- rb_gc_mark_locations(sp, sp + th->mark_stack_len); - - while (cfp != limit_cfp) { - rb_iseq_t *iseq = cfp->iseq; -diff --git a/vm_args.c b/vm_args.c -index 446ad48..abdd161 100644 ---- a/vm_args.c -+++ b/vm_args.c -@@ -83,19 +83,17 @@ args_reduce(struct args_info *args, int over_argc) - } - - static inline int --args_check_block_arg0(struct args_info *args, rb_thread_t *th, const int msl) -+args_check_block_arg0(struct args_info *args, rb_thread_t *th) - { - VALUE ary = Qnil; - - if (args->rest && RARRAY_LEN(args->rest) == 1) { - VALUE arg0 = RARRAY_AREF(args->rest, 0); - ary = rb_check_array_type(arg0); -- th->mark_stack_len = msl; - } - else if (args->argc == 1) { - VALUE arg0 = args->argv[0]; - ary = rb_check_array_type(arg0); -- th->mark_stack_len = msl; - args->argv[0] = arg0; /* see: https://bugs.ruby-lang.org/issues/8484 */ - } - -@@ -173,10 +171,9 @@ args_rest_array(struct args_info *args) - } - - static int --keyword_hash_p(VALUE *kw_hash_ptr, VALUE *rest_hash_ptr, rb_thread_t *th, const int msl) -+keyword_hash_p(VALUE *kw_hash_ptr, VALUE *rest_hash_ptr, rb_thread_t *th) - { - *rest_hash_ptr = rb_check_hash_type(*kw_hash_ptr); -- th->mark_stack_len = msl; - - if (!NIL_P(*rest_hash_ptr)) { - VALUE hash = rb_extract_keywords(rest_hash_ptr); -@@ -191,7 +188,7 @@ keyword_hash_p(VALUE *kw_hash_ptr, VALUE *rest_hash_ptr, rb_thread_t *th, const - } - - static VALUE --args_pop_keyword_hash(struct args_info *args, VALUE *kw_hash_ptr, rb_thread_t *th, const int msl) -+args_pop_keyword_hash(struct args_info *args, VALUE *kw_hash_ptr, rb_thread_t *th) - { - VALUE rest_hash; - -@@ -200,7 +197,7 @@ args_pop_keyword_hash(struct args_info *args, VALUE *kw_hash_ptr, rb_thread_t *t - assert(args->argc > 0); - *kw_hash_ptr = args->argv[args->argc-1]; - -- if (keyword_hash_p(kw_hash_ptr, &rest_hash, th, msl)) { -+ if (keyword_hash_p(kw_hash_ptr, &rest_hash, th)) { - if (rest_hash) { - args->argv[args->argc-1] = rest_hash; - } -@@ -216,7 +213,7 @@ args_pop_keyword_hash(struct args_info *args, VALUE *kw_hash_ptr, rb_thread_t *t - if (len > 0) { - *kw_hash_ptr = RARRAY_AREF(args->rest, len - 1); - -- if (keyword_hash_p(kw_hash_ptr, &rest_hash, th, msl)) { -+ if (keyword_hash_p(kw_hash_ptr, &rest_hash, th)) { - if (rest_hash) { - RARRAY_ASET(args->rest, len - 1, rest_hash); - } -@@ -511,9 +508,27 @@ setup_parameters_complex(rb_thread_t * const th, const rb_iseq_t * const iseq, r - int given_argc; - struct args_info args_body, *args; - VALUE keyword_hash = Qnil; -- const int msl = ci->argc + iseq->param.size; -+ VALUE * const orig_sp = th->cfp->sp; -+ int i; - -- th->mark_stack_len = msl; -+ /* -+ * Extend SP for GC. -+ * -+ * [pushed values] [uninitialized values] -+ * <- ci->argc --> -+ * <- iseq->param.size------------------> -+ * ^ locals ^ sp -+ * -+ * => -+ * [pushed values] [initialized values ] -+ * <- ci->argc --> -+ * <- iseq->param.size------------------> -+ * ^ locals ^ sp -+ */ -+ for (i=ci->argc; iparam.size; i++) { -+ locals[i] = Qnil; -+ } -+ th->cfp->sp = &locals[i]; - - /* setup args */ - args = &args_body; -@@ -556,7 +571,7 @@ setup_parameters_complex(rb_thread_t * const th, const rb_iseq_t * const iseq, r - (min_argc > 0 || iseq->param.opt_num > 1 || - iseq->param.flags.has_kw || iseq->param.flags.has_kwrest) && - !iseq->param.flags.ambiguous_param0 && -- args_check_block_arg0(args, th, msl)) { -+ args_check_block_arg0(args, th)) { - given_argc = RARRAY_LENINT(args->rest); - } - break; -@@ -564,7 +579,7 @@ setup_parameters_complex(rb_thread_t * const th, const rb_iseq_t * const iseq, r - if (given_argc == 1 && - given_argc != iseq->param.lead_num && - !iseq->param.flags.has_rest && -- args_check_block_arg0(args, th, msl)) { -+ args_check_block_arg0(args, th)) { - given_argc = RARRAY_LENINT(args->rest); - } - } -@@ -590,7 +605,7 @@ setup_parameters_complex(rb_thread_t * const th, const rb_iseq_t * const iseq, r - if (given_argc > min_argc && - (iseq->param.flags.has_kw || iseq->param.flags.has_kwrest) && - args->kw_argv == NULL) { -- if (args_pop_keyword_hash(args, &keyword_hash, th, msl)) { -+ if (args_pop_keyword_hash(args, &keyword_hash, th)) { - given_argc--; - } - } -@@ -662,8 +677,7 @@ setup_parameters_complex(rb_thread_t * const th, const rb_iseq_t * const iseq, r - } - #endif - -- th->mark_stack_len = 0; -- -+ th->cfp->sp = orig_sp; - return opt_pc; - } - -diff --git a/vm_core.h b/vm_core.h -index b61aea7..9079130 100644 ---- a/vm_core.h -+++ b/vm_core.h -@@ -642,7 +642,6 @@ typedef struct rb_thread_struct { - enum rb_thread_status status; - int to_kill; - int priority; -- int mark_stack_len; - - native_thread_data_t native_thread_data; - void *blocking_region_buffer; diff --git a/SOURCES/ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch b/SOURCES/ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch deleted file mode 100644 index 7ac2a48..0000000 --- a/SOURCES/ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch +++ /dev/null @@ -1,25 +0,0 @@ -From d000290a675745d9fb8a4658b8b5922f6a734522 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?V=C3=ADt=20Ondruch?= -Date: Tue, 16 Jun 2015 08:22:47 +0200 -Subject: [PATCH] Increase DH key size (fixes #1289). - -This fixes compatibility with OpenSLL 1.0.2c+: - -https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/ ---- - test/rubygems/test_gem_remote_fetcher.rb | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/test/rubygems/test_gem_remote_fetcher.rb b/test/rubygems/test_gem_remote_fetcher.rb -index 6b29e18..c318870 100644 ---- a/test/rubygems/test_gem_remote_fetcher.rb -+++ b/test/rubygems/test_gem_remote_fetcher.rb -@@ -898,7 +898,7 @@ def start_ssl_server(config = {}) - server.mount_proc("/insecure_redirect") { |req, res| - res.set_redirect(WEBrick::HTTPStatus::MovedPermanently, req.query['to']) - } -- server.ssl_context.tmp_dh_callback = proc { OpenSSL::PKey::DH.new 128 } -+ server.ssl_context.tmp_dh_callback = proc { OpenSSL::PKey::DH.new 2048 } - t = Thread.new do - begin - server.start diff --git a/SOURCES/ruby-2.5.0-Disable-Tokyo-TZ-tests.patch b/SOURCES/ruby-2.5.0-Disable-Tokyo-TZ-tests.patch new file mode 100644 index 0000000..0f30d75 --- /dev/null +++ b/SOURCES/ruby-2.5.0-Disable-Tokyo-TZ-tests.patch @@ -0,0 +1,30 @@ +diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb +index 20a57fe7dd..5b9e5a8bde 100644 +--- a/test/ruby/test_time_tz.rb ++++ b/test/ruby/test_time_tz.rb +@@ -125,8 +125,8 @@ def test_asia_singapore + + def test_asia_tokyo + with_tz(tz="Asia/Tokyo") { +- assert_time_constructor(tz, "1951-05-06 03:00:00 +1000", :local, [1951,5,6,2,0,0]) +- assert_time_constructor(tz, "1951-05-06 03:59:59 +1000", :local, [1951,5,6,2,59,59]) ++# assert_time_constructor(tz, "1951-05-06 03:00:00 +1000", :local, [1951,5,6,2,0,0]) ++# assert_time_constructor(tz, "1951-05-06 03:59:59 +1000", :local, [1951,5,6,2,59,59]) + assert_time_constructor(tz, "2010-06-10 06:13:28 +0900", :local, [2010,6,10,6,13,28]) + } + end +@@ -328,10 +328,10 @@ def self.gen_zdump_test(data) + Asia/Singapore Sun Aug 8 16:30:00 1965 UTC = Mon Aug 9 00:00:00 1965 SGT isdst=0 gmtoff=27000 + Asia/Singapore Thu Dec 31 16:29:59 1981 UTC = Thu Dec 31 23:59:59 1981 SGT isdst=0 gmtoff=27000 + Asia/Singapore Thu Dec 31 16:30:00 1981 UTC = Fri Jan 1 00:30:00 1982 SGT isdst=0 gmtoff=28800 +-Asia/Tokyo Sat May 5 16:59:59 1951 UTC = Sun May 6 01:59:59 1951 JST isdst=0 gmtoff=32400 +-Asia/Tokyo Sat May 5 17:00:00 1951 UTC = Sun May 6 03:00:00 1951 JDT isdst=1 gmtoff=36000 +-Asia/Tokyo Fri Sep 7 15:59:59 1951 UTC = Sat Sep 8 01:59:59 1951 JDT isdst=1 gmtoff=36000 +-Asia/Tokyo Fri Sep 7 16:00:00 1951 UTC = Sat Sep 8 01:00:00 1951 JST isdst=0 gmtoff=32400 ++#Asia/Tokyo Sat May 5 16:59:59 1951 UTC = Sun May 6 01:59:59 1951 JST isdst=0 gmtoff=32400 ++#Asia/Tokyo Sat May 5 17:00:00 1951 UTC = Sun May 6 03:00:00 1951 JDT isdst=1 gmtoff=36000 ++#Asia/Tokyo Fri Sep 7 15:59:59 1951 UTC = Sat Sep 8 01:59:59 1951 JDT isdst=1 gmtoff=36000 ++#Asia/Tokyo Fri Sep 7 16:00:00 1951 UTC = Sat Sep 8 01:00:00 1951 JST isdst=0 gmtoff=32400 + America/St_Johns Sun Mar 11 03:30:59 2007 UTC = Sun Mar 11 00:00:59 2007 NST isdst=0 gmtoff=-12600 + America/St_Johns Sun Mar 11 03:31:00 2007 UTC = Sun Mar 11 01:01:00 2007 NDT isdst=1 gmtoff=-9000 + America/St_Johns Sun Nov 4 02:30:59 2007 UTC = Sun Nov 4 00:00:59 2007 NDT isdst=1 gmtoff=-9000 diff --git a/SOURCES/ruby-2.5.0-Fixed-command-Injection.patch b/SOURCES/ruby-2.5.0-Fixed-command-Injection.patch new file mode 100644 index 0000000..4a8b59e --- /dev/null +++ b/SOURCES/ruby-2.5.0-Fixed-command-Injection.patch @@ -0,0 +1,156 @@ +From ba0d5f7a6df6ba5545c3ce0b09e107e10d082d49 Mon Sep 17 00:00:00 2001 +From: nobu +Date: Wed, 20 Dec 2017 04:18:31 +0000 +Subject: [PATCH 1/3] Fixed command Injection + +* resolv.rb (Resolv::Hosts#lazy_initialize): fixed potential + command Injection in Hosts::new() by use of Kernel#open. + [Fix GH-1777] [ruby-core:84347] [Bug #14205] + +From: Drigg3r + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + lib/resolv.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/resolv.rb b/lib/resolv.rb +index 1044b95e68..56183b837d 100644 +--- a/lib/resolv.rb ++++ b/lib/resolv.rb +@@ -186,7 +186,7 @@ def lazy_initialize # :nodoc: + unless @initialized + @name2addr = {} + @addr2name = {} +- open(@filename, 'rb') {|f| ++ File.open(@filename, 'rb') {|f| + f.each {|line| + line.sub!(/#.*/, '') + addr, hostname, *aliases = line.split(/\s+/) +-- +2.15.1 + + +From 0b6213635018ef73567388c1095ad1c556e1f4ee Mon Sep 17 00:00:00 2001 +From: nobu +Date: Wed, 20 Dec 2017 04:25:01 +0000 +Subject: [PATCH 2/3] Fixed command Injection + +* lib/resolv.rb (Resolv::Config.parse_resolv_conf): fixed + potential command injection by use of Kernel#open. + [ruby-core:84347] [Bug #14205] + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + lib/resolv.rb | 2 +- + test/resolv/test_addr.rb | 11 +++++++++++ + test/resolv/test_dns.rb | 10 ++++++++++ + 3 files changed, 22 insertions(+), 1 deletion(-) + +diff --git a/lib/resolv.rb b/lib/resolv.rb +index 56183b837d..48ee400efe 100644 +--- a/lib/resolv.rb ++++ b/lib/resolv.rb +@@ -926,7 +926,7 @@ def Config.parse_resolv_conf(filename) + nameserver = [] + search = nil + ndots = 1 +- open(filename, 'rb') {|f| ++ File.open(filename, 'rb') {|f| + f.each {|line| + line.sub!(/[#;].*/, '') + keyword, *args = line.split(/\s+/) +diff --git a/test/resolv/test_addr.rb b/test/resolv/test_addr.rb +index 4a2df5bfca..78a28c9633 100644 +--- a/test/resolv/test_addr.rb ++++ b/test/resolv/test_addr.rb +@@ -26,4 +26,15 @@ def test_invalid_byte_comment + end + end + end ++ ++ def test_hosts_by_command ++ Dir.mktmpdir do |dir| ++ Dir.chdir(dir) do ++ hosts = Resolv::Hosts.new("|echo error") ++ assert_raise(Errno::ENOENT) do ++ hosts.each_name("") {} ++ end ++ end ++ end ++ end + end +diff --git a/test/resolv/test_dns.rb b/test/resolv/test_dns.rb +index f21a094b20..8236078374 100644 +--- a/test/resolv/test_dns.rb ++++ b/test/resolv/test_dns.rb +@@ -178,6 +178,16 @@ def test_invalid_byte_comment + end + end + ++ def test_resolv_conf_by_command ++ Dir.mktmpdir do |dir| ++ Dir.chdir(dir) do ++ assert_raise(Errno::ENOENT) do ++ Resolv::DNS::Config.parse_resolv_conf("|echo foo") ++ end ++ end ++ end ++ end ++ + def test_dots_diffences + name1 = Resolv::DNS::Name.create("example.org") + name2 = Resolv::DNS::Name.create("ex.ampl.eo.rg") +-- +2.15.1 + + +From dd71a5a9a459dbda9b9a4786f6a0b5bd59a81aae Mon Sep 17 00:00:00 2001 +From: usa +Date: Wed, 20 Dec 2017 16:04:41 +0000 +Subject: [PATCH 3/3] fix test errors on Windows + + * test/resolv/test_addr.rb (test_hosts_by_command): on Windows, `|` is + invalid charactor for path and raises `Errno::EINVAL` if trying to + open. + + * test/resolv/test_dns.rb (test_resolv_conf_by_command): ditto. + + cf. [Bug #14205] + + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61374 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/resolv/test_addr.rb | 2 +- + test/resolv/test_dns.rb | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/test/resolv/test_addr.rb b/test/resolv/test_addr.rb +index 78a28c9633..14ec2651ab 100644 +--- a/test/resolv/test_addr.rb ++++ b/test/resolv/test_addr.rb +@@ -31,7 +31,7 @@ def test_hosts_by_command + Dir.mktmpdir do |dir| + Dir.chdir(dir) do + hosts = Resolv::Hosts.new("|echo error") +- assert_raise(Errno::ENOENT) do ++ assert_raise(Errno::ENOENT, Errno::EINVAL) do + hosts.each_name("") {} + end + end +diff --git a/test/resolv/test_dns.rb b/test/resolv/test_dns.rb +index 8236078374..1b44f32807 100644 +--- a/test/resolv/test_dns.rb ++++ b/test/resolv/test_dns.rb +@@ -181,7 +181,7 @@ def test_invalid_byte_comment + def test_resolv_conf_by_command + Dir.mktmpdir do |dir| + Dir.chdir(dir) do +- assert_raise(Errno::ENOENT) do ++ assert_raise(Errno::ENOENT, Errno::EINVAL) do + Resolv::DNS::Config.parse_resolv_conf("|echo foo") + end + end +-- +2.15.1 + diff --git a/SOURCES/rubygems-2.2.4-Limit-API-endpoint-to-original-security-domain.patch b/SOURCES/rubygems-2.2.4-Limit-API-endpoint-to-original-security-domain.patch deleted file mode 100644 index 228fa52..0000000 --- a/SOURCES/rubygems-2.2.4-Limit-API-endpoint-to-original-security-domain.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 6bbee35fd6daed045103f3122490a588d97c066a Mon Sep 17 00:00:00 2001 -From: Evan Phoenix -Date: Thu, 14 May 2015 14:53:35 -0700 -Subject: [PATCH] Limit API endpoint to original security domain - -Conflicts: - lib/rubygems/remote_fetcher.rb - -Conflicts: - test/rubygems/test_gem_remote_fetcher.rb ---- - lib/rubygems/remote_fetcher.rb | 8 +++++++- - test/rubygems/test_gem_remote_fetcher.rb | 18 ++++++++++++++++-- - 2 files changed, 23 insertions(+), 3 deletions(-) - -diff --git a/lib/rubygems/remote_fetcher.rb b/lib/rubygems/remote_fetcher.rb -index da1febb..ec78e5f 100644 ---- a/lib/rubygems/remote_fetcher.rb -+++ b/lib/rubygems/remote_fetcher.rb -@@ -94,7 +94,13 @@ def api_endpoint(uri) - rescue Resolv::ResolvError - uri - else -- URI.parse "#{uri.scheme}://#{res.target}#{uri.path}" -+ target = res.target.to_s.strip -+ -+ if /#{host}\z/ =~ target -+ return URI.parse "#{uri.scheme}://#{target}#{uri.path}" -+ end -+ -+ uri - end - end - -diff --git a/test/rubygems/test_gem_remote_fetcher.rb b/test/rubygems/test_gem_remote_fetcher.rb -index 883e1bd..a590dca 100644 ---- a/test/rubygems/test_gem_remote_fetcher.rb -+++ b/test/rubygems/test_gem_remote_fetcher.rb -@@ -167,6 +167,21 @@ def test_no_proxy - end - - def test_api_endpoint -+ uri = URI.parse "http://example.com/foo" -+ target = MiniTest::Mock.new -+ target.expect :target, "gems.example.com" -+ -+ dns = MiniTest::Mock.new -+ dns.expect :getresource, target, [String, Object] -+ -+ fetch = Gem::RemoteFetcher.new nil, dns -+ assert_equal URI.parse("http://gems.example.com/foo"), fetch.api_endpoint(uri) -+ -+ target.verify -+ dns.verify -+ end -+ -+ def test_api_endpoint_ignores_trans_domain_values - uri = URI.parse "http://gems.example.com/foo" - target = MiniTest::Mock.new - target.expect :target, "blah.com" -@@ -175,8 +190,7 @@ def test_api_endpoint - dns.expect :getresource, target, [String, Object] - - fetch = Gem::RemoteFetcher.new nil, dns -- @fetcher = fetcher -- assert_equal URI.parse("http://blah.com/foo"), fetch.api_endpoint(uri) -+ assert_equal URI.parse("http://gems.example.com/foo"), fetch.api_endpoint(uri) - - target.verify - dns.verify diff --git a/SOURCES/rubygems-2.2.5-Fix-API-endpoint-domain-clamping.patch b/SOURCES/rubygems-2.2.5-Fix-API-endpoint-domain-clamping.patch deleted file mode 100644 index c025015..0000000 --- a/SOURCES/rubygems-2.2.5-Fix-API-endpoint-domain-clamping.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 5c7bfb5c05202b4db971dd672d88a42298a0d84e Mon Sep 17 00:00:00 2001 -From: Evan Phoenix -Date: Mon, 18 May 2015 13:42:34 -0700 -Subject: [PATCH] Fix API endpoint domain clamping - ---- - lib/rubygems/remote_fetcher.rb | 2 +- - test/rubygems/test_gem_remote_fetcher.rb | 30 ++++++++++++++++++++++++++++++ - 2 files changed, 31 insertions(+), 1 deletion(-) - -diff --git a/lib/rubygems/remote_fetcher.rb b/lib/rubygems/remote_fetcher.rb -index ec78e5f..3f107a3 100644 ---- a/lib/rubygems/remote_fetcher.rb -+++ b/lib/rubygems/remote_fetcher.rb -@@ -96,7 +96,7 @@ def api_endpoint(uri) - else - target = res.target.to_s.strip - -- if /#{host}\z/ =~ target -+ if /\.#{Regexp.quote(host)}\z/ =~ target - return URI.parse "#{uri.scheme}://#{target}#{uri.path}" - end - -diff --git a/test/rubygems/test_gem_remote_fetcher.rb b/test/rubygems/test_gem_remote_fetcher.rb -index a590dca..6b29e18 100644 ---- a/test/rubygems/test_gem_remote_fetcher.rb -+++ b/test/rubygems/test_gem_remote_fetcher.rb -@@ -196,6 +196,36 @@ def test_api_endpoint_ignores_trans_domain_values - dns.verify - end - -+ def test_api_endpoint_ignores_trans_domain_values_that_starts_with_original -+ uri = URI.parse "http://example.com/foo" -+ target = MiniTest::Mock.new -+ target.expect :target, "example.combadguy.com" -+ -+ dns = MiniTest::Mock.new -+ dns.expect :getresource, target, [String, Object] -+ -+ fetch = Gem::RemoteFetcher.new nil, dns -+ assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri) -+ -+ target.verify -+ dns.verify -+ end -+ -+ def test_api_endpoint_ignores_trans_domain_values_that_end_with_original -+ uri = URI.parse "http://example.com/foo" -+ target = MiniTest::Mock.new -+ target.expect :target, "badexample.com" -+ -+ dns = MiniTest::Mock.new -+ dns.expect :getresource, target, [String, Object] -+ -+ fetch = Gem::RemoteFetcher.new nil, dns -+ assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri) -+ -+ target.verify -+ dns.verify -+ end -+ - def test_cache_update_path - uri = URI 'http://example/file' - path = File.join @tempdir, 'file' diff --git a/SPECS/ruby.spec b/SPECS/ruby.spec index 4655818..4a7362b 100644 --- a/SPECS/ruby.spec +++ b/SPECS/ruby.spec @@ -3,7 +3,7 @@ %global major_version 2 %global minor_version 2 -%global teeny_version 2 +%global teeny_version 9 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -24,10 +24,10 @@ %endif -%global release 16 +%global release 19 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} -%global rubygems_version 2.4.5 +%global rubygems_version 2.4.5.4 # The RubyGems library has to stay out of Ruby directory three, since the # RubyGems should be share by all Ruby implementations. @@ -39,10 +39,10 @@ %global bigdecimal_version 1.2.6 %global io_console_version 0.4.3 -%global json_version 1.8.1 +%global json_version 1.8.1.1 %global minitest_version 5.4.3 %global power_assert_version 0.2.2 -%global psych_version 2.0.8 +%global psych_version 2.0.8.1 %global rake_version 10.4.2 %global rdoc_version 4.2.0 %global test_unit_version 3.0.8 @@ -115,23 +115,13 @@ Patch5: ruby-1.9.3-mkmf-verbose.patch # http://bugs.ruby-lang.org/issues/8566 Patch6: ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch -# Fix DNS hijacking vulnerability in api_endpoint() (CVE-2015-3900). -# https://github.com/rubygems/rubygems/commit/6bbee35 -Patch7: rubygems-2.2.4-Limit-API-endpoint-to-original-security-domain.patch -# Incomplete fix for CVE-2015-3900 (CVE-2015-4020). -# https://github.com/rubygems/rubygems/commit/5c7bfb5 -Patch8: rubygems-2.2.5-Fix-API-endpoint-domain-clamping.patch -# Fix the bug for object allocation during gc phase. -# https://bugzilla.redhat.com/show_bug.cgi?id=1317076 -# https://github.com/ruby/ruby/commit/c4e2e5d.patch -Patch9: ruby-2.2.3-dsym_fstrs-for-object-allocation-gc-phase.patch -# Fix "dh key too small" error of OpenSSL 1.0.2c+. -# https://github.com/rubygems/rubygems/issues/1289 -Patch10: ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch -# Fix named argument assignment from hash failure -# https://bugzilla.redhat.com/show_bug.cgi?id=1369090 -# https://bugs.ruby-lang.org/issues/11027 -Patch11: ruby-2.2.3-vm_args.c-protect-value-stack-from-calling-other-met.patch +# Recent tzdata change breaks Ruby test suite. +# https://bugs.ruby-lang.org/issues/14438 +Patch7: ruby-2.5.0-Disable-Tokyo-TZ-tests.patch +# CVE-2017-17790 - Command injection in lib/resolv.rb:lazy_initialize() allows +# arbitrary code execution +# https://bugs.ruby-lang.org/issues/14205 +Patch8: ruby-2.5.0-Fixed-command-Injection.patch Requires: %{?scl_prefix}%{pkg_name}-libs%{?_isa} = %{version}-%{release} Requires: %{?scl_prefix}ruby(rubygems) >= %{rubygems_version} @@ -438,9 +428,6 @@ rm -rf ext/fiddle/libffi* %patch6 -p1 %patch7 -p1 %patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 # Allow to use autoconf 2.63. sed -i '/AC_PREREQ/ s/(.*)/(2.62)/' configure.in @@ -797,7 +784,9 @@ make check TESTS="-v $DISABLE_TESTS" %{ruby_libarchdir}/enc/utf_16le.so %{ruby_libarchdir}/enc/utf_32be.so %{ruby_libarchdir}/enc/utf_32le.so +%{ruby_libarchdir}/enc/windows_1250.so %{ruby_libarchdir}/enc/windows_1251.so +%{ruby_libarchdir}/enc/windows_1252.so %{ruby_libarchdir}/enc/windows_31j.so %{ruby_libarchdir}/etc.so %{ruby_libarchdir}/fcntl.so @@ -938,9 +927,32 @@ make check TESTS="-v $DISABLE_TESTS" %{ruby_libdir}/tkextlib %changelog +* Mon Mar 12 2018 Pavel Valena - 2.2.9-19 +- Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code + execution(CVE-2017-17790). + * ruby-2.5.0-Fixed-command-Injection.patch + Related: rhbz#1549646 + +* Thu Jan 18 2018 Pavel Valena - 2.2.9-18 +- Upgrade to Ruby 2.2.9. + Resolves: rhbz#1549646 + Resolves: CVE-2017-17405 + * Remove Patch7: rubygems-2.2.4-Limit-API-endpoint-to-original-security + -domain.patch + subsumed + * Remove Patch8: rubygems-2.2.5-Fix-API-endpoint-domain-clamping.patch + subsumed + * Remove Patch9: ruby-2.2.3-dsym_fstrs-for-object-allocation-gc-phase.patch + subsumed + * Remove Patch10: ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch + subsumed + * Remove Patch11: ruby-2.2.3-vm_args.c-protect-value-stack-from-calling-other + -met.patch + subsumed + * Mon Oct 31 2016 Vít Ondruch - 2.2.2-16 - Fix named argument assignment from hash failure. - Resolves: rhbz#1369090 + Resolves: rhbz#1390501 * Wed Jun 22 2016 Jun Aruga - 2.2.2-15 - Fix for "dh key too small" error of OpenSSL 1.0.2+.