diff --git a/.gitignore b/.gitignore index 0ede7d6..de44b79 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/ruby-3.0.1.tar.xz +SOURCES/ruby-3.0.2.tar.xz diff --git a/.rh-ruby30-ruby.metadata b/.rh-ruby30-ruby.metadata index bcc7249..26f0479 100644 --- a/.rh-ruby30-ruby.metadata +++ b/.rh-ruby30-ruby.metadata @@ -1 +1 @@ -3c5443960fe860ff7055bc02a4793140b9fb9b28 SOURCES/ruby-3.0.1.tar.xz +cd04711ed3adecbe244c3b4391e67430d11fa9f8 SOURCES/ruby-3.0.2.tar.xz diff --git a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 9759776..32806da 100644 --- a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3211,6 +3211,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3240,6 +3240,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index 2e751cb..118203c 100644 --- a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -3852,7 +3852,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -3881,7 +3881,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/SOURCES/ruby-2.1.0-always-use-i386.patch b/SOURCES/ruby-2.1.0-always-use-i386.patch index c1b3942..de58295 100644 --- a/SOURCES/ruby-2.1.0-always-use-i386.patch +++ b/SOURCES/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -3916,6 +3916,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -3945,6 +3945,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch index 1646675..b7157ff 100644 --- a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch +++ b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -3888,6 +3888,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -3917,6 +3917,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -3912,6 +3916,7 @@ AC_SUBST(sitearchdir)dnl +@@ -3941,6 +3941,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl @@ -67,7 +67,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index e9110a17ca..76a1f0a315 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb -@@ -348,6 +348,7 @@ def CONFIG.[](name, mandatory = false) +@@ -349,6 +349,7 @@ def CONFIG.[](name, mandatory = false) vendorlibdir = CONFIG["vendorlibdir"] vendorarchlibdir = CONFIG["vendorarchdir"] end @@ -75,7 +75,7 @@ index e9110a17ca..76a1f0a315 100755 mandir = CONFIG["mandir", true] docdir = CONFIG["docdir", true] enable_shared = CONFIG["ENABLE_SHARED"] == 'yes' -@@ -580,7 +581,16 @@ def stub +@@ -581,7 +581,16 @@ def stub install?(:local, :comm, :lib) do prepare "library scripts", rubylibdir noinst = %w[*.txt *.rdoc *.gemspec] diff --git a/SOURCES/ruby-2.3.0-ruby_version.patch b/SOURCES/ruby-2.3.0-ruby_version.patch index f596602..4fd6530 100644 --- a/SOURCES/ruby-2.3.0-ruby_version.patch +++ b/SOURCES/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -3803,9 +3803,6 @@ AS_CASE(["$target_os"], +@@ -3832,9 +3832,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -3828,56 +3825,62 @@ AC_ARG_WITH(ridir, +@@ -3857,56 +3857,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -3894,6 +3897,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -3923,6 +3923,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl @@ -171,7 +171,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index d4c110e..d39c9a6 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb -@@ -438,7 +438,7 @@ def CONFIG.[](name, mandatory = false) +@@ -439,7 +439,7 @@ def CONFIG.[](name, mandatory = false) install?(:doc, :rdoc) do if $rdocdir @@ -274,7 +274,7 @@ diff --git a/configure.ac b/configure.ac index a00f2b6776..999e2d6d5d 100644 --- a/configure.ac +++ b/configure.ac -@@ -81,7 +81,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"` +@@ -107,7 +107,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"` RUBYW_BASE_NAME=`echo rubyw | sed "$program_transform_name"` AC_SUBST(RUBY_BASE_NAME) AC_SUBST(RUBYW_BASE_NAME) diff --git a/SOURCES/ruby-3.0.0-Skip-ssl-tests-for-offline.patch b/SOURCES/ruby-3.0.0-Skip-ssl-tests-for-offline.patch deleted file mode 100644 index 22ce112..0000000 --- a/SOURCES/ruby-3.0.0-Skip-ssl-tests-for-offline.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/test/rubygems/test_bundled_ca.rb b/test/rubygems/test_bundled_ca.rb -index 6973758c4c..71f61ca8f7 100644 ---- a/test/rubygems/test_bundled_ca.rb -+++ b/test/rubygems/test_bundled_ca.rb -@@ -32,7 +32,7 @@ def assert_https(host) - http.verify_mode = OpenSSL::SSL::VERIFY_PEER - http.cert_store = bundled_certificate_store - http.get('/') -- rescue Errno::ENOENT, Errno::ETIMEDOUT, SocketError -+ rescue Errno::ECONNREFUSED, Errno::ENETUNREACH, Errno::ENOENT, Errno::ETIMEDOUT, SocketError - skip "#{host} seems offline, I can't tell whether ssl would work." - rescue OpenSSL::SSL::SSLError => e - # Only fail for certificate verification errors --- -2.29.2 - diff --git a/SOURCES/rubygem-bundler-2.2.22-fix-tests-for-old-git.patch b/SOURCES/rubygem-bundler-2.2.22-fix-tests-for-old-git.patch new file mode 100644 index 0000000..778670d --- /dev/null +++ b/SOURCES/rubygem-bundler-2.2.22-fix-tests-for-old-git.patch @@ -0,0 +1,25 @@ +From eac5be7d065df09e4e9271cedfb7ddf148a29a15 Mon Sep 17 00:00:00 2001 +From: Jun Aruga +Date: Tue, 17 Aug 2021 18:21:06 +0200 +Subject: [PATCH] Fix some failing Bundler tests with old Git. + +Use the `git branch --list` rather than the `git branch -l` for better +compatibility. Because the `git branch -l` is used to create a new branch in +Git version < 2.20.0. +--- + bundler/spec/support/builders.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/spec/bundler/support/builders.rb b/spec/bundler/support/builders.rb +index 25377d2ac284..10beba1288dd 100644 +--- a/spec/bundler/support/builders.rb ++++ b/spec/bundler/support/builders.rb +@@ -554,7 +554,7 @@ def _build(options) + raise "You can't specify `master` as the branch" if branch == "master" + escaped_branch = Shellwords.shellescape(branch) + +- if @context.git("branch -l #{escaped_branch}", libpath).empty? ++ if @context.git("branch --list #{escaped_branch}", libpath).empty? + @context.git("branch #{escaped_branch}", libpath) + end + diff --git a/SPECS/ruby.spec b/SPECS/ruby.spec index c9b80b9..a5e6685 100644 --- a/SPECS/ruby.spec +++ b/SPECS/ruby.spec @@ -3,7 +3,7 @@ %global major_version 3 %global minor_version 0 -%global teeny_version 1 +%global teeny_version 2 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -16,11 +16,11 @@ %global rubygems_dir %{_datadir}/rubygems # Bundled libraries versions -%global rubygems_version 3.2.15 +%global rubygems_version 3.2.22 %global rubygems_molinillo_version 0.7.0 # Default gems. -%global bundler_version 2.2.15 +%global bundler_version 2.2.22 %global bundler_connection_pool_version 2.2.2 %global bundler_fileutils_version 1.4.1 %global bundler_molinillo_version 0.7.0 @@ -38,7 +38,7 @@ %global openssl_version 2.2.0 %global psych_version 3.3.0 %global racc_version 1.5.1 -%global rdoc_version 6.3.0 +%global rdoc_version 6.3.1 # Bundled gems. %global minitest_version 5.14.2 @@ -65,6 +65,8 @@ %bcond_without gmp %bcond_without hostname %bcond_without systemtap +# Enable the tests requiring internet when building on local. +%bcond_with bundler_tests %if 0%{?fedora} %bcond_without hardening_test @@ -79,7 +81,7 @@ Name: %{?scl_prefix}ruby Version: %{ruby_version} # Use release tag directly dropping the %%{release_string} entirely # as %%{?!foo: %%define foo bar} does not work for rpm < 4.14 on RHEL 7. -Release: 147%{?dist} +Release: 148%{?dist} Group: Development/Languages # Public Domain for example for: include/ruby/st.h, strftime.c, missing/*, ... # MIT and CCO: ccan/* @@ -153,12 +155,12 @@ Patch15: ruby-dwarf5-avoid_crash-r1.patch # Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. # https://bugs.ruby-lang.org/issues/16492 Patch19: ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch +# Fix some failing Bundler tests with old Git. +# https://github.com/rubygems/rubygems/pull/4851 +Patch20: rubygem-bundler-2.2.22-fix-tests-for-old-git.patch # Skip some clocks that are not available on Brew build environment. # https://projects.engineering.redhat.com/browse/BST-1017 Patch100: ruby-2.7.0-skip-some-clocks.patch -# Skip the ssl tests for offline on Brew build environment. -# https://github.com/ruby/ruby/pull/4112 -Patch101: ruby-3.0.0-Skip-ssl-tests-for-offline.patch Requires: %{?scl_prefix}%{pkg_name}-libs%{?_isa} = %{version}-%{release} Requires: %{?scl_prefix}ruby(rubygems) >= %{rubygems_version} @@ -593,8 +595,8 @@ rm -rf ext/fiddle/libffi* %patch9 -p1 %patch15 -p1 %patch19 -p1 +%patch20 -p1 %patch100 -p1 -%patch101 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -873,6 +875,10 @@ MSPECOPTS="" %{?test_timeout_scale:RUBY_TEST_TIMEOUT_SCALE="%{test_timeout_scale}"} \ make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" +%if %{with bundler_tests} +make test-bundler +%endif + %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig @@ -1159,7 +1165,7 @@ MSPECOPTS="" %{gem_dir}/specifications/default/logger-1.4.3.gemspec %{gem_dir}/specifications/default/matrix-0.3.1.gemspec %{gem_dir}/specifications/default/mutex_m-0.1.1.gemspec -%{gem_dir}/specifications/default/net-ftp-0.1.1.gemspec +%{gem_dir}/specifications/default/net-ftp-0.1.2.gemspec %{gem_dir}/specifications/default/net-http-0.1.1.gemspec %{gem_dir}/specifications/default/net-imap-0.1.1.gemspec %{gem_dir}/specifications/default/net-pop-0.1.1.gemspec @@ -1342,6 +1348,21 @@ MSPECOPTS="" %changelog +* Wed Jul 28 2021 Jarek Prokop - 3.0.2-148 +- Upgrade to Ruby 3.0.2. +- Fix command injection vulnerability in RDoc. (CVE-2021-31799) + Resolves: rhbz#1995172 +- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. + (CVE-2021-31810) + Resolves: rhbz#1995174 +- Fix StartTLS stripping vulnerability in Net::IMAP. (CVE-2021-32066) + Resolves: rhbz#1995173 +- Fix dependencies of gems with explicit source installed from a + different source. (CVE-2020-36327) + Resolves: rhbz#1968497 +- Re-enable SSL tests. +- Fix some failing Bundler tests with old Git. + * Fri Apr 23 2021 Jun Aruga - 3.0.1-147 - Upgrade to Ruby 3.0.1. Resolves: rhbz#1947933