diff --git a/.gitignore b/.gitignore index 1dfa940..752552f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/ruby-2.7.6.tar.xz +SOURCES/ruby-2.7.8.tar.xz SOURCES/ruby-rubygems-bundler-v2.2.24.txz diff --git a/.rh-ruby27-ruby.metadata b/.rh-ruby27-ruby.metadata index 72f3175..1c803fa 100644 --- a/.rh-ruby27-ruby.metadata +++ b/.rh-ruby27-ruby.metadata @@ -1,2 +1,2 @@ -068e3e11799250781ba4a68eb4f015bab35966e3 SOURCES/ruby-2.7.6.tar.xz +9e7c7b790652d6c81ce1157b18eab5f8b11b0a27 SOURCES/ruby-2.7.8.tar.xz da17623116cb189baeb3251f828d679e5570a938 SOURCES/ruby-rubygems-bundler-v2.2.24.txz diff --git a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 77b20ef..adff2e7 100644 --- a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3121,6 +3121,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3140,6 +3140,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index a79aa25..df5b642 100644 --- a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -3759,7 +3759,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -3778,7 +3778,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/SOURCES/ruby-2.1.0-always-use-i386.patch b/SOURCES/ruby-2.1.0-always-use-i386.patch index a5a4011..7010897 100644 --- a/SOURCES/ruby-2.1.0-always-use-i386.patch +++ b/SOURCES/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -3823,6 +3823,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -3842,6 +3842,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch index ddfe9a5..f7c4c13 100644 --- a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch +++ b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -3795,6 +3795,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -3814,6 +3814,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -3819,6 +3823,7 @@ AC_SUBST(sitearchdir)dnl +@@ -3838,6 +3842,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/SOURCES/ruby-2.3.0-ruby_version.patch b/SOURCES/ruby-2.3.0-ruby_version.patch index a5865ce..7ea4b76 100644 --- a/SOURCES/ruby-2.3.0-ruby_version.patch +++ b/SOURCES/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -3710,9 +3710,6 @@ AS_CASE(["$target_os"], +@@ -3729,9 +3729,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -3735,56 +3732,62 @@ AC_ARG_WITH(ridir, +@@ -3754,56 +3751,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -3801,6 +3804,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -3820,6 +3823,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch b/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch index 5dd2654..97bcbac 100644 --- a/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch +++ b/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch @@ -57,7 +57,7 @@ diff --git a/ruby.c b/ruby.c index 60c57d6259..1eec16f2c8 100644 --- a/ruby.c +++ b/ruby.c -@@ -1451,10 +1451,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) +@@ -1463,10 +1463,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) void Init_builtin_features(void); diff --git a/SOURCES/ruby-2.7.4-Revert-fix-2.7-build-for-jit.patch b/SOURCES/ruby-2.7.4-Revert-fix-2.7-build-for-jit.patch index feb7790..718ee69 100644 --- a/SOURCES/ruby-2.7.4-Revert-fix-2.7-build-for-jit.patch +++ b/SOURCES/ruby-2.7.4-Revert-fix-2.7-build-for-jit.patch @@ -719,7 +719,7 @@ index 826a688871..af170efecd 100644 AS_CASE(["`head -1 conftest$EXEEXT | tr -dc '\177ELF' | tr '\177' .`"], [.ELF*], [rb_cv_binary_elf=yes], [rb_cv_binary_elf=no])], rb_cv_binary_elf=no)]) -@@ -2849,7 +2842,7 @@ AC_CHECK_FUNCS(backtrace) +@@ -2868,7 +2861,7 @@ AC_CHECK_FUNCS(backtrace) AS_IF([test "x$ac_cv_func_backtrace" = xyes], [ AC_CACHE_CHECK(for broken backtrace, rb_cv_broken_backtrace, @@ -728,7 +728,7 @@ index 826a688871..af170efecd 100644 #include #include #include -@@ -2897,7 +2890,7 @@ main(void) +@@ -2916,7 +2909,7 @@ main(void) a[0] = 1; return EXIT_SUCCESS; } @@ -737,7 +737,7 @@ index 826a688871..af170efecd 100644 rb_cv_broken_backtrace=no, rb_cv_broken_backtrace=yes, rb_cv_broken_backtrace=no)]) -@@ -2917,10 +2910,11 @@ AS_IF([test "$ac_cv_header_a_out_h" = yes], [ +@@ -2936,10 +2929,11 @@ AS_IF([test "$ac_cv_header_a_out_h" = yes], [ AS_IF([test "$with_dln_a_out" = yes || test "$rb_cv_dlopen" = unknown], [ cat confdefs.h > config.h AC_CACHE_CHECK(whether matz's dln works, rb_cv_dln_a_out, @@ -751,7 +751,7 @@ index 826a688871..af170efecd 100644 rb_cv_dln_a_out=yes, rb_cv_dln_a_out=no)]) AS_IF([test "$rb_cv_dln_a_out" = yes], [ -@@ -2986,10 +2980,10 @@ AS_CASE(["$target_os"], +@@ -3005,10 +2999,10 @@ AS_CASE(["$target_os"], STRIP="$STRIP -A -n"]) AC_ARG_WITH(ext, @@ -764,7 +764,7 @@ index 826a688871..af170efecd 100644 [pass to --without-ext option of extmk.rb])) EXTSTATIC= AC_SUBST(EXTSTATIC)dnl -@@ -3453,7 +3447,7 @@ AS_IF([test "$rb_with_pthread" = "yes"], [ +@@ -3472,7 +3466,7 @@ AS_IF([test "$rb_with_pthread" = "yes"], [ THREAD_MODEL=pthread ]) AC_CACHE_CHECK([for prefix of external symbols], rb_cv_symbol_prefix, [ @@ -773,7 +773,7 @@ index 826a688871..af170efecd 100644 rb_cv_symbol_prefix=`$NM conftest.$ac_objext | sed -n ['/.*T[ ]\([^ ]*\)conftest_external.*/!d;s//\1/p;q']` ], -@@ -3464,7 +3458,7 @@ SYMBOL_PREFIX="$rb_cv_symbol_prefix" +@@ -3483,7 +3477,7 @@ SYMBOL_PREFIX="$rb_cv_symbol_prefix" test "x$SYMBOL_PREFIX" = xNONE && SYMBOL_PREFIX='' DLNOBJ=dln.o AC_ARG_ENABLE(dln, @@ -782,7 +782,7 @@ index 826a688871..af170efecd 100644 [test "$enableval" = yes || DLNOBJ=dmydln.o]) AC_SUBST(DLNOBJ) MINIDLNOBJ=dmydln.o -@@ -3596,12 +3590,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [ +@@ -3615,12 +3609,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [ AC_CACHE_CHECK([for architecture macros], rb_cv_architecture_macros, [ mv confdefs.h confdefs1.h : > confdefs.h @@ -798,7 +798,7 @@ index 826a688871..af170efecd 100644 rb_cv_architecture_macros=yes mv -f confdefs1.h confdefs.h ], [ -@@ -3614,17 +3609,16 @@ AS_IF([test "${universal_binary-no}" = yes ], [ +@@ -3633,17 +3628,16 @@ AS_IF([test "${universal_binary-no}" = yes ], [ CFLAGS="$new_cflags -arch $archs" archs="__${archs}__" AC_MSG_CHECKING([for macro ${archs} on ${cpu}]) @@ -820,7 +820,7 @@ index 826a688871..af170efecd 100644 [rb_cv_architecture_available=yes], [rb_cv_architecture_available=no])) ]) -@@ -4039,7 +4033,7 @@ AC_CONFIG_FILES(Makefile:template/Makefile.in, [ +@@ -4058,7 +4052,7 @@ AC_CONFIG_FILES(Makefile:template/Makefile.in, [ [EXEEXT='$EXEEXT' gnumake='$gnumake' GIT='$GIT']) AC_ARG_WITH([ruby-pc], diff --git a/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch b/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch index ddd70e6..83751aa 100644 --- a/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch +++ b/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch @@ -17,6 +17,6 @@ index 7c17cd54..f721f247 100644 spec.required_ruby_version = ">= 2.3.0" - spec.add_runtime_dependency "ipaddr" - spec.add_development_dependency "rake" + spec.add_development_dependency "rake", ">= 11.2.0" spec.add_development_dependency "rake-compiler" spec.add_development_dependency "test-unit", "~> 3.0" diff --git a/SOURCES/ruby-spec-Fix-tests-on-tzdata-2022b.patch b/SOURCES/ruby-spec-Fix-tests-on-tzdata-2022b.patch deleted file mode 100644 index 19386d9..0000000 --- a/SOURCES/ruby-spec-Fix-tests-on-tzdata-2022b.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 7e9ec8a20b0f7469b415283d2ec0c22087f8eb2b Mon Sep 17 00:00:00 2001 -From: Jun Aruga -Date: Wed, 24 Aug 2022 12:02:56 +0200 -Subject: [PATCH] Fix tests with Europe/Amsterdam pre-1970 time on tzdata - version 2022b. - -The Time Zone Database (tzdata) changed the pre-1970 timestamps in some zones -including Europe/Amsterdam on tzdata version 2022b or later. -See . - -The tzdata RPM package maintainer on Fedora project suggested changing the Ruby -test, because the change is intentional. -See . - -We use post-1970 time test data to simplify the test. ---- - core/time/shared/local.rb | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/spec/ruby/core/time/shared/local.rb b/spec/ruby/core/time/shared/local.rb -index 43f331c4c..c4aa7a7ea 100644 ---- a/spec/ruby/core/time/shared/local.rb -+++ b/spec/ruby/core/time/shared/local.rb -@@ -8,10 +8,10 @@ describe :time_local, shared: true do - - platform_is_not :windows do - describe "timezone changes" do -- it "correctly adjusts the timezone change to 'CEST' on 'Europe/Amsterdam'" do -+ it "correctly adjusts the timezone change to 'CET' on 'Europe/Amsterdam'" do - with_timezone("Europe/Amsterdam") do -- Time.send(@method, 1940, 5, 16).to_a.should == -- [0, 40, 1, 16, 5, 1940, 4, 137, true, "CEST"] -+ Time.send(@method, 1970, 5, 16).to_a.should == -+ [0, 0, 0, 16, 5, 1970, 6, 136, false, "CET"] - end - end - end --- -2.36.1 - diff --git a/SPECS/ruby.spec b/SPECS/ruby.spec index c85eb74..cf61aa4 100644 --- a/SPECS/ruby.spec +++ b/SPECS/ruby.spec @@ -3,7 +3,7 @@ %global major_version 2 %global minor_version 7 -%global teeny_version 6 +%global teeny_version 8 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -35,7 +35,7 @@ %global irb_version 1.2.6 %global json_version 2.3.0 %global net_telnet_version 0.2.0 -%global openssl_version 2.1.3 +%global openssl_version 2.1.4 %global psych_version 3.1.0 %global racc_version 1.4.16 %global rdoc_version 6.2.1.1 @@ -76,7 +76,7 @@ Name: %{?scl_prefix}ruby Version: %{ruby_version} # Use release tag directly dropping the %%{release_string} entirely # as %%{?!foo: %%define foo bar} does not work for rpm < 4.14 on RHEL 7. -Release: 131%{?dist} +Release: 132%{?dist} Group: Development/Languages # Public Domain for example for: include/ruby/st.h, strftime.c, missing/*, ... # MIT and CCO: ccan/* @@ -170,9 +170,6 @@ Patch23: rubygems-3.2.13-test-gem-message.patch # https://github.com/rubygems/rubygems/commit/d62539f23aa1624ae170008e47a5a3e15f0dc2ef # https://github.com/ruby/ruby/commit/c082c6eb7c786a432bea23cf78839f64585cb630 Patch24: rubygems-3.2.22-fix-requirement-equals.patch -# Fix tests with Europe/Amsterdam pre-1970 time on tzdata version 2022b. -# https://github.com/ruby/spec/pull/939 -Patch25: ruby-spec-Fix-tests-on-tzdata-2022b.patch # Skip some clocks that are not available on Brew build environment. # https://projects.engineering.redhat.com/browse/BST-1017 @@ -616,7 +613,6 @@ cp -a %{_builddir}/rubygems/bundler/tool/bundler tool/bundler %patch22 -p1 %patch23 -p1 %patch24 -p1 -%patch25 -p1 %patch100 -p1 # Provide an example of usage of the tapset: @@ -1164,7 +1160,7 @@ make test-bundler # TODO: Gemify these libraries %{gem_dir}/specifications/default/benchmark-0.1.0.gemspec -%{gem_dir}/specifications/default/cgi-0.1.0.1.gemspec +%{gem_dir}/specifications/default/cgi-0.1.0.2.gemspec %{gem_dir}/specifications/default/csv-3.1.2.gemspec %{gem_dir}/specifications/default/date-3.0.3.gemspec %{gem_dir}/specifications/default/dbm-1.1.0.gemspec @@ -1198,7 +1194,7 @@ make test-bundler %{gem_dir}/specifications/default/strscan-1.0.3.gemspec %{gem_dir}/specifications/default/timeout-0.1.0.gemspec %{gem_dir}/specifications/default/tracer-0.1.0.gemspec -%{gem_dir}/specifications/default/uri-0.10.0.gemspec +%{gem_dir}/specifications/default/uri-0.10.0.2.gemspec %{gem_dir}/specifications/default/webrick-1.6.1.gemspec %{gem_dir}/specifications/default/yaml-0.1.0.gemspec %{gem_dir}/specifications/default/zlib-1.1.0.gemspec @@ -1324,6 +1320,16 @@ make test-bundler %{gem_dir}/specifications/racc-%{racc_version}.gemspec %changelog +* Mon Apr 03 2023 Jarek Prokop - 2.7.8-132 +- Upgrade to Ruby 2.7.8. + Resolves: rhbz#2149267 +- Fix HTTP response splitting in CGI. + Resolves: CVE-2021-33621 +- Fix ReDoS vulnerability in URI. + Resolves: CVE-2023-28755 +- Fix ReDoS vulnerability in Time. + Resolves: CVE-2023-28756 + * Mon Sep 19 2022 Jarek Prokop - 2.7.6-131 - Upgrade to Ruby 2.7.6. Resolves: rhbz#2128631