diff --git a/SOURCES/ruby-2.4.6-Applied-security-patches-for-RubyGems.patch b/SOURCES/ruby-2.4.6-Applied-security-patches-for-RubyGems.patch new file mode 100644 index 0000000..aa13958 --- /dev/null +++ b/SOURCES/ruby-2.4.6-Applied-security-patches-for-RubyGems.patch @@ -0,0 +1,340 @@ +From f86e5daee790ee509cb17f4f51f95cc76ca89a4e Mon Sep 17 00:00:00 2001 +From: usa +Date: Mon, 18 Mar 2019 18:30:36 +0000 +Subject: [PATCH] Applied security patches for RubyGems + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67303 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + lib/rubygems/command_manager.rb | 10 ++- + lib/rubygems/commands/owner_command.rb | 5 +- + lib/rubygems/gemcutter_utilities.rb | 8 +- + lib/rubygems/installer.rb | 29 +++++-- + lib/rubygems/user_interaction.rb | 8 +- + test/rubygems/test_gem_installer.rb | 108 +++++++++++++++++++++++++ + test/rubygems/test_gem_text.rb | 5 ++ + 7 files changed, 159 insertions(+), 14 deletions(-) + +diff --git a/lib/rubygems/command_manager.rb b/lib/rubygems/command_manager.rb +index 451b719c4683..d3ff6614dc47 100644 +--- a/lib/rubygems/command_manager.rb ++++ b/lib/rubygems/command_manager.rb +@@ -6,6 +6,7 @@ + + require 'rubygems/command' + require 'rubygems/user_interaction' ++require 'rubygems/text' + + ## + # The command manager registers and installs all the individual sub-commands +@@ -31,6 +32,7 @@ + + class Gem::CommandManager + ++ include Gem::Text + include Gem::UserInteraction + + ## +@@ -129,7 +131,7 @@ def command_names + def run(args, build_args=nil) + process_args(args, build_args) + rescue StandardError, Timeout::Error => ex +- alert_error "While executing gem ... (#{ex.class})\n #{ex.to_s}" ++ alert_error clean_text("While executing gem ... (#{ex.class})\n #{ex}") + ui.backtrace ex + + if Gem.configuration.really_verbose and \ +@@ -142,7 +144,7 @@ def run(args, build_args=nil) + + terminate_interaction(1) + rescue Interrupt +- alert_error "Interrupted" ++ alert_error clean_text("Interrupted") + terminate_interaction(1) + end + +@@ -162,7 +164,7 @@ def process_args(args, build_args=nil) + say Gem::VERSION + terminate_interaction 0 + when /^-/ then +- alert_error "Invalid option: #{args.first}. See 'gem --help'." ++ alert_error clean_text("Invalid option: #{args.first}. See 'gem --help'.") + terminate_interaction 1 + else + cmd_name = args.shift.downcase +@@ -211,7 +213,7 @@ def load_and_instantiate(command_name) + rescue Exception => e + e = load_error if load_error + +- alert_error "Loading command: #{command_name} (#{e.class})\n\t#{e}" ++ alert_error clean_text("Loading command: #{command_name} (#{e.class})\n\t#{e}") + ui.backtrace e + end + end +diff --git a/lib/rubygems/commands/owner_command.rb b/lib/rubygems/commands/owner_command.rb +index 2ee7f84462c1..7842a322cfce 100644 +--- a/lib/rubygems/commands/owner_command.rb ++++ b/lib/rubygems/commands/owner_command.rb +@@ -1,8 +1,11 @@ + require 'rubygems/command' + require 'rubygems/local_remote_options' + require 'rubygems/gemcutter_utilities' ++require 'rubygems/text' + + class Gem::Commands::OwnerCommand < Gem::Command ++ ++ include Gem::Text + include Gem::LocalRemoteOptions + include Gem::GemcutterUtilities + +@@ -48,7 +51,7 @@ def show_owners name + end + + with_response response do |resp| +- owners = YAML.load resp.body ++ owners = Gem::SafeYAML.load clean_text(resp.body) + + say "Owners for gem: #{name}" + owners.each do |owner| +diff --git a/lib/rubygems/gemcutter_utilities.rb b/lib/rubygems/gemcutter_utilities.rb +index 7c6d6bb36404..623d9301b598 100644 +--- a/lib/rubygems/gemcutter_utilities.rb ++++ b/lib/rubygems/gemcutter_utilities.rb +@@ -1,6 +1,10 @@ + require 'rubygems/remote_fetcher' ++require 'rubygems/text' + + module Gem::GemcutterUtilities ++ ++ include Gem::Text ++ + # TODO: move to Gem::Command + OptionParser.accept Symbol do |value| + value.to_sym +@@ -93,13 +97,13 @@ def with_response response, error_prefix = nil + if block_given? then + yield resp + else +- say resp.body ++ say clean_text(resp.body) + end + else + message = resp.body + message = "#{error_prefix}: #{message}" if error_prefix + +- say message ++ say clean_text(message) + terminate_interaction 1 # TODO: question this + end + end +diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb +index 6fd3399dd44c..5818b94fb5f8 100644 +--- a/lib/rubygems/installer.rb ++++ b/lib/rubygems/installer.rb +@@ -596,9 +596,26 @@ def verify_gem_home(unpack = false) # :nodoc: + unpack or File.writable?(gem_home) + end + +- def verify_spec_name +- return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN +- raise Gem::InstallError, "#{spec} has an invalid name" ++ def verify_spec ++ unless spec.name =~ Gem::Specification::VALID_NAME_PATTERN ++ raise Gem::InstallError, "#{spec} has an invalid name" ++ end ++ ++ if spec.require_paths.any?{|path| path =~ /\r\n|\r|\n/ } ++ raise Gem::InstallError, "#{spec} has an invalid require_paths" ++ end ++ ++ if spec.extensions.any?{|ext| ext =~ /\r\n|\r|\n/ } ++ raise Gem::InstallError, "#{spec} has an invalid extensions" ++ end ++ ++ unless spec.specification_version.to_s =~ /\A\d+\z/ ++ raise Gem::InstallError, "#{spec} has an invalid specification_version" ++ end ++ ++ if spec.dependencies.any? {|dep| dep.type =~ /\r\n|\r|\n/ || dep.name =~ /\r\n|\r|\n/ } ++ raise Gem::InstallError, "#{spec} has an invalid dependencies" ++ end + end + + ## +@@ -770,9 +787,11 @@ def dir + @security_policy = nil if + @force and @security_policy and not @security_policy.only_signed + ++ # The name and require_paths must be verified first, since it could contain ++ # ruby code that would be eval'ed in #ensure_loadable_spec ++ verify_spec ++ + ensure_loadable_spec +- +- verify_spec_name + + Gem.ensure_gem_subdirectories gem_home + +diff --git a/lib/rubygems/user_interaction.rb b/lib/rubygems/user_interaction.rb +index 390d0f2aea72..237ae2bc71c2 100644 +--- a/lib/rubygems/user_interaction.rb ++++ b/lib/rubygems/user_interaction.rb +@@ -4,11 +4,15 @@ + # See LICENSE.txt for permissions. + #++ + ++require 'rubygems/text' ++ + ## + # Module that defines the default UserInteraction. Any class including this + # module will have access to the +ui+ method that returns the default UI. + + module Gem::DefaultUserInteraction ++ ++ include Gem::Text + + ## + # The default UI is a class variable of the singleton class for this +@@ -124,8 +128,8 @@ def terminate_interaction exit_code = 0 + # Calls +say+ with +msg+ or the results of the block if really_verbose + # is true. + +- def verbose msg = nil +- say(msg || yield) if Gem.configuration.really_verbose ++ def verbose(msg = nil) ++ say(clean_text(msg || yield)) if Gem.configuration.really_verbose + end + end + +diff --git a/test/rubygems/test_gem_installer.rb b/test/rubygems/test_gem_installer.rb +index dd049214fbb8..af4573cde8d2 100644 +--- a/test/rubygems/test_gem_installer.rb ++++ b/test/rubygems/test_gem_installer.rb +@@ -1222,6 +1222,114 @@ def spec.validate; end + end + end + ++ def test_pre_install_checks_malicious_name_before_eval ++ spec = util_spec "malicious\n::Object.const_set(:FROM_EVAL, true)#", '1' ++ def spec.full_name # so the spec is buildable ++ "malicious-1" ++ end ++ def spec.validate(*args); end ++ ++ util_build_gem spec ++ ++ gem = File.join(@gemhome, 'cache', spec.file_name) ++ ++ use_ui @ui do ++ @installer = Gem::Installer.new gem ++ e = assert_raises Gem::InstallError do ++ @installer.pre_install_checks ++ end ++ assert_equal "# has an invalid name", e.message ++ end ++ refute defined?(::Object::FROM_EVAL) ++ end ++ ++ def test_pre_install_checks_malicious_require_paths_before_eval ++ spec = util_spec "malicious", '1' ++ def spec.full_name # so the spec is buildable ++ "malicious-1" ++ end ++ def spec.validate(*args); end ++ spec.require_paths = ["malicious\n``"] ++ ++ util_build_gem spec ++ ++ gem = File.join(@gemhome, 'cache', spec.file_name) ++ ++ use_ui @ui do ++ @installer = Gem::Installer.new gem ++ e = assert_raises Gem::InstallError do ++ @installer.pre_install_checks ++ end ++ assert_equal "# has an invalid require_paths", e.message ++ end ++ end ++ ++ def test_pre_install_checks_malicious_extensions_before_eval ++ skip "mswin environment disallow to create file contained the carriage return code." if Gem.win_platform? ++ ++ spec = util_spec "malicious", '1' ++ def spec.full_name # so the spec is buildable ++ "malicious-1" ++ end ++ def spec.validate(*args); end ++ spec.extensions = ["malicious\n``"] ++ ++ util_build_gem spec ++ ++ gem = File.join(@gemhome, 'cache', spec.file_name) ++ ++ use_ui @ui do ++ @installer = Gem::Installer.new gem ++ e = assert_raises Gem::InstallError do ++ @installer.pre_install_checks ++ end ++ assert_equal "# has an invalid extensions", e.message ++ end ++ end ++ ++ def test_pre_install_checks_malicious_specification_version_before_eval ++ spec = util_spec "malicious", '1' ++ def spec.full_name # so the spec is buildable ++ "malicious-1" ++ end ++ def spec.validate(*args); end ++ spec.specification_version = "malicious\n``" ++ ++ util_build_gem spec ++ ++ gem = File.join(@gemhome, 'cache', spec.file_name) ++ ++ use_ui @ui do ++ @installer = Gem::Installer.new gem ++ e = assert_raises Gem::InstallError do ++ @installer.pre_install_checks ++ end ++ assert_equal "# has an invalid specification_version", e.message ++ end ++ end ++ ++ def test_pre_install_checks_malicious_dependencies_before_eval ++ spec = util_spec "malicious", '1' ++ def spec.full_name # so the spec is buildable ++ "malicious-1" ++ end ++ def spec.validate(*args); end ++ spec.add_dependency "b\nfoo", '> 5' ++ ++ util_build_gem spec ++ ++ gem = File.join(@gemhome, 'cache', spec.file_name) ++ ++ use_ui @ui do ++ @installer = Gem::Installer.new gem ++ @installer.ignore_dependencies = true ++ e = assert_raises Gem::InstallError do ++ @installer.pre_install_checks ++ end ++ assert_equal "# has an invalid dependencies", e.message ++ end ++ end ++ + def test_shebang + util_make_exec @spec, "#!/usr/bin/ruby" + +diff --git a/test/rubygems/test_gem_text.rb b/test/rubygems/test_gem_text.rb +index 04f3f605e8c0..8ce6df94bbc0 100644 +--- a/test/rubygems/test_gem_text.rb ++++ b/test/rubygems/test_gem_text.rb +@@ -66,4 +66,9 @@ def test_truncate_text + s = "ab" * 500_001 + assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000) + end ++ ++ def test_clean_text ++ assert_equal ".]2;nyan.", clean_text("\e]2;nyan\a") ++ end ++ + end diff --git a/SOURCES/ruby-2.6.0-Try-to-update-cert.patch b/SOURCES/ruby-2.6.0-Try-to-update-cert.patch new file mode 100644 index 0000000..a0bea8c --- /dev/null +++ b/SOURCES/ruby-2.6.0-Try-to-update-cert.patch @@ -0,0 +1,502 @@ +From f234e6c3d3170f37508e214cdaef78d4b2584e5a Mon Sep 17 00:00:00 2001 +From: kazu +Date: Wed, 2 Jan 2019 03:08:20 +0000 +Subject: [PATCH 1/2] Try to update cert + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/net/imap/cacert.pem | 86 +++++++------------------- + test/net/imap/server.crt | 113 +++++++++++++++++++++++------------ + test/net/imap/server.key | 43 ++++++++----- + 3 files changed, 124 insertions(+), 118 deletions(-) + +diff --git a/test/net/imap/cacert.pem b/test/net/imap/cacert.pem +index 7073387877..f623bd62ed 100644 +--- a/test/net/imap/cacert.pem ++++ b/test/net/imap/cacert.pem +@@ -1,66 +1,24 @@ +-Certificate: +- Data: +- Version: 3 (0x2) +- Serial Number: +- b9:90:a2:bf:62:69:17:9c +- Signature Algorithm: sha1WithRSAEncryption +- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org +- Validity +- Not Before: Jan 3 01:34:17 2014 GMT +- Not After : Jan 2 01:34:17 2019 GMT +- Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org +- Subject Public Key Info: +- Public Key Algorithm: rsaEncryption +- RSA Public Key: (1024 bit) +- Modulus (1024 bit): +- 00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6: +- bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be: +- 9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13: +- 9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5: +- b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40: +- 0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d: +- a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89: +- af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6: +- d0:fc:d6:eb:fc:06:82:10:fb +- Exponent: 65537 (0x10001) +- X509v3 extensions: +- X509v3 Subject Key Identifier: +- E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 +- X509v3 Authority Key Identifier: +- keyid:E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 +- DirName:/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org +- serial:B9:90:A2:BF:62:69:17:9C +- +- X509v3 Basic Constraints: +- CA:TRUE +- Signature Algorithm: sha1WithRSAEncryption +- 8f:77:06:4e:31:72:12:ee:68:09:70:27:d4:31:85:ef:10:95: +- f9:0f:2b:66:63:08:37:88:6e:b7:9b:40:3e:18:77:33:86:e8: +- 61:6a:b7:3c:cb:c7:a6:d6:d5:92:6a:1f:56:d0:9f:5c:32:56: +- d3:37:52:fe:0e:20:c2:7a:0d:fe:2d:3c:81:da:b8:7f:4d:6a: +- 08:01:d9:be:7a:a2:15:be:a6:ce:49:64:90:8c:9a:ca:6e:2e: +- 84:48:1d:94:19:56:94:46:aa:25:9b:68:c2:80:60:bf:cb:2e: +- 35:03:ea:0a:65:5a:33:38:c6:cc:81:46:c0:bc:36:86:96:39: +- 10:7d + -----BEGIN CERTIFICATE----- +-MIIDjTCCAvagAwIBAgIJALmQor9iaRecMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD +-VQQGEwJKUDEQMA4GA1UECBMHU2hpbWFuZTEUMBIGA1UEBxMLTWF0ei1lIGNpdHkx +-FzAVBgNVBAoTDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDEwxSdWJ5IFRlc3QgQ0Ex +-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTQwMTAz +-MDEzNDE3WhcNMTkwMTAyMDEzNDE3WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT +-B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv +-cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz +-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +-gQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv70BpBrLJE51+ +-66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl9Ny7XaVBYOep +-dLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQABo4H0MIHxMB0G +-A1UdDgQWBBToflisE3sDIo2erzILhImAgAwewjCBwQYDVR0jBIG5MIG2gBToflis +-E3sDIo2erzILhImAgAwewqGBkqSBjzCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT +-B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv +-cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz +-ZWN1cml0eUBydWJ5LWxhbmcub3JnggkAuZCiv2JpF5wwDAYDVR0TBAUwAwEB/zAN +-BgkqhkiG9w0BAQUFAAOBgQCPdwZOMXIS7mgJcCfUMYXvEJX5DytmYwg3iG63m0A+ +-GHczhuhharc8y8em1tWSah9W0J9cMlbTN1L+DiDCeg3+LTyB2rh/TWoIAdm+eqIV +-vqbOSWSQjJrKbi6ESB2UGVaURqolm2jCgGC/yy41A+oKZVozOMbMgUbAvDaGljkQ +-fQ== ++MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD ++VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx ++FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex ++JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy ++MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM ++B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv ++cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz ++ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB ++CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV ++SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI ++3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d ++BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L ++2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R ++WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9 ++I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw ++DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA ++of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q ++aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS ++2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee ++uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s ++K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+ ++mA== + -----END CERTIFICATE----- +diff --git a/test/net/imap/server.crt b/test/net/imap/server.crt +index fa4f99493a..817ecc222c 100644 +--- a/test/net/imap/server.crt ++++ b/test/net/imap/server.crt +@@ -1,48 +1,83 @@ + Certificate: + Data: +- Version: 1 (0x0) +- Serial Number: 0 (0x0) +- Signature Algorithm: sha1WithRSAEncryption ++ Version: 3 (0x2) ++ Serial Number: 1 (0x1) ++ Signature Algorithm: sha256WithRSAEncryption + Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org + Validity +- Not Before: Jan 3 01:34:17 2014 GMT +- Not After : Jan 2 01:34:17 2019 GMT +- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost ++ Not Before: Jan 2 03:06:53 2019 GMT ++ Not After : Jan 1 03:06:53 2024 GMT ++ Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- RSA Public Key: (1024 bit) +- Modulus (1024 bit): +- 00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6: +- bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be: +- 9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13: +- 9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5: +- b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40: +- 0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d: +- a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89: +- af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6: +- d0:fc:d6:eb:fc:06:82:10:fb ++ Public-Key: (2048 bit) ++ Modulus: ++ 00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86: ++ c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68: ++ 7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87: ++ e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71: ++ 3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be: ++ c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3: ++ 7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd: ++ 0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57: ++ d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc: ++ 90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84: ++ 0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0: ++ 7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f: ++ 72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1: ++ dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd: ++ fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e: ++ 14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de: ++ ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82: ++ 96:a9 + Exponent: 65537 (0x10001) +- Signature Algorithm: sha1WithRSAEncryption +- 85:f5:d3:05:8b:8c:f4:43:1c:88:f2:8f:b2:f2:93:77:b7:3d: +- 95:c6:a0:34:bc:33:6a:d8:85:5f:3e:86:08:10:c5:5c:c1:76: +- a3:53:3c:dc:38:98:23:97:e7:da:21:ac:e8:4d:3c:96:70:29: +- ff:ff:1e:4a:9a:17:2b:db:04:62:b9:ef:ab:ea:a7:a5:e8:7c: +- b1:d5:ed:30:a8:6c:78:de:51:7e:e3:8a:c2:a4:64:a8:63:a2: +- bc:fd:43:9c:f3:55:7d:54:c9:6a:d8:53:1c:4b:6b:03:aa:b6: +- 19:e6:a4:4f:47:00:96:c5:42:59:85:4e:c3:4e:cd:41:82:53: +- 10:f8 ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate ++ X509v3 Subject Key Identifier: ++ F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43 ++ X509v3 Authority Key Identifier: ++ keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53 ++ ++ Signature Algorithm: sha256WithRSAEncryption ++ 02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19: ++ 3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4: ++ 28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42: ++ 08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7: ++ fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea: ++ 86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75: ++ 26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45: ++ ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87: ++ 2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06: ++ 5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d: ++ bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27: ++ f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07: ++ fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5: ++ 8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87: ++ 9d:64:28:ce + -----BEGIN CERTIFICATE----- +-MIICXDCCAcUCAQAwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD +-VQQIEwdTaGltYW5lMRQwEgYDVQQHEwtNYXR6LWUgY2l0eTEXMBUGA1UEChMOUnVi +-eSBDb3JlIFRlYW0xFTATBgNVBAMTDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ +-ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0xNDAxMDMwMTM0MTdaFw0xOTAx +-MDIwMTM0MTdaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIEwdTaGltYW5lMRcwFQYD +-VQQKEw5SdWJ5IENvcmUgVGVhbTESMBAGA1UECxMJUnVieSBUZXN0MRIwEAYDVQQD +-Ewlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANt10EXesd+/ +-caAOsKXmvPQcneUlZ2TFe8vxr8a+mqrqfg/MBa/vQGkGsskTnX7rogbi6n0Hx8eZ +-x/vVuOtjd2IrGBLDU1jQ9cdADAHRJoI0Fgnj3GX03LtdpUFg56l0utdMtqOcxYyJ +-r8vonwX+6v5kJL/n7eP20PzW6/wGghD7AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEA +-hfXTBYuM9EMciPKPsvKTd7c9lcagNLwzatiFXz6GCBDFXMF2o1M83DiYI5fn2iGs +-6E08lnAp//8eSpoXK9sEYrnvq+qnpeh8sdXtMKhseN5RfuOKwqRkqGOivP1DnPNV +-fVTJathTHEtrA6q2GeakT0cAlsVCWYVOw07NQYJTEPg= ++MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx ++EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK ++DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI ++hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX ++DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx ++FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex ++JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG ++SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m ++u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W ++vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI ++Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT ++Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI ++BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5 ++MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl ++cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME ++GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK ++Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx ++DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2 ++Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN ++/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS ++SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm ++gJGByxo9tY6HnWQozg== + -----END CERTIFICATE----- +diff --git a/test/net/imap/server.key b/test/net/imap/server.key +index 7c57546ece..1e73232728 100644 +--- a/test/net/imap/server.key ++++ b/test/net/imap/server.key +@@ -1,15 +1,28 @@ +------BEGIN RSA PRIVATE KEY----- +-MIICXQIBAAKBgQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv +-70BpBrLJE51+66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl +-9Ny7XaVBYOepdLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQAB +-AoGAGtYHR+P5gFDaxiXFuCPFC1zMeg7e29XCU6gURIteQnQ2QhxCvcbV64HkLu51 +-HeYWhB0Pa4aeCWxmpgb2e+JH4MEoIjeJSGyZQeqwkQLgWJDdvkgWx5am58QzA60I +-ipkZ9QHcPffSs5RiGx4yfr58KqAmwFphGCY8W7v4LqaENdECQQD9H5VTW9g4gj1c +-j3uNYvSI/D7a9P7gfI+ziczuwMm5xsBx3D/t5TAr3SJKNne3sl1E6ZERCUbzxf+C +-k58EiHx1AkEA3fRLGqDOq7EcQhbjTcA/v/t5MwlGEUsS9+XrqOWn50YuoIwRZJ3v +-qHRQzfQfFNklGtfBvwQ4md3irXjMeGVprwJBAMEAuwiDiHuV+xm/ofKtmE13IKot +-ksYy1BOOp/8IawhHXueyi+BmF/PqOkIiA+jCjNGF0oIN89beizPSQbbgJx0CQG/K +-qL1bu1ys0y/SeWBi8XkP/0aeaCUzq/UiYCTsrzoEll2UzvnftqMhGsXxLGqCyHaR +-r2s3hA6zvIVlL4+AfM8CQQClq+WDrC5VKciLYakZNWJjV1m+H2Ut/0fXdUjKHajE +-FWLcsrOhADf6bkTb71GwPxnKRkkRmud5upP0ZYYTqM4X +------END RSA PRIVATE KEY----- ++-----BEGIN PRIVATE KEY----- ++MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k ++339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu ++cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l ++//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT ++XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP ++CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym ++WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM ++BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9 ++fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j ++hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T ++uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q ++8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB ++s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z ++AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl ++lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x ++u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm ++gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr ++45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN ++W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM ++spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3 ++bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW ++uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox ++kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+ ++XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE ++bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml ++uCiVeqoPl+JIg4m8Tz76XWo= ++-----END PRIVATE KEY----- +-- +2.20.1 + + +From 1e0b49a293d3792826c67b7e05c5fcbd09c9ea6e Mon Sep 17 00:00:00 2001 +From: kazu +Date: Wed, 2 Jan 2019 03:29:01 +0000 +Subject: [PATCH 2/2] Try to update cert (2nd try) + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/net/imap/server.crt | 115 +++++++++++++++++------------------ + test/net/imap/server.key | 52 ++++++++-------- + 2 files changed, 83 insertions(+), 84 deletions(-) + +diff --git a/test/net/imap/server.crt b/test/net/imap/server.crt +index 817ecc222c..5ca78a6d14 100644 +--- a/test/net/imap/server.crt ++++ b/test/net/imap/server.crt +@@ -1,35 +1,35 @@ + Certificate: + Data: + Version: 3 (0x2) +- Serial Number: 1 (0x1) ++ Serial Number: 2 (0x2) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org + Validity +- Not Before: Jan 2 03:06:53 2019 GMT +- Not After : Jan 1 03:06:53 2024 GMT +- Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org ++ Not Before: Jan 2 03:27:13 2019 GMT ++ Not After : Jan 1 03:27:13 2024 GMT ++ Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: +- 00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86: +- c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68: +- 7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87: +- e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71: +- 3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be: +- c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3: +- 7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd: +- 0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57: +- d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc: +- 90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84: +- 0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0: +- 7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f: +- 72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1: +- dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd: +- fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e: +- 14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de: +- ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82: +- 96:a9 ++ 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07: ++ 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48: ++ e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57: ++ 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67: ++ cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1: ++ 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7: ++ bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc: ++ 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1: ++ 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9: ++ 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19: ++ 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04: ++ 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3: ++ 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4: ++ de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d: ++ 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc: ++ e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d: ++ 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10: ++ 4f:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: +@@ -37,47 +37,46 @@ Certificate: + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: +- F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43 ++ ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36 + X509v3 Authority Key Identifier: + keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53 + + Signature Algorithm: sha256WithRSAEncryption +- 02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19: +- 3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4: +- 28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42: +- 08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7: +- fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea: +- 86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75: +- 26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45: +- ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87: +- 2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06: +- 5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d: +- bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27: +- f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07: +- fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5: +- 8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87: +- 9d:64:28:ce ++ 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c: ++ ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35: ++ 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51: ++ fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a: ++ 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a: ++ 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15: ++ 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64: ++ 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62: ++ d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab: ++ 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d: ++ 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2: ++ 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff: ++ 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf: ++ da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69: ++ fd:be:bd:6e + -----BEGIN CERTIFICATE----- +-MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx ++MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx + EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK + DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI +-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX +-DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx +-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex +-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG +-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m +-u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W +-vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI +-Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT +-Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI +-BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5 +-MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl +-cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME +-GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK +-Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx +-DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2 +-Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN +-/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS +-SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm +-gJGByxo9tY6HnWQozg== ++hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX ++DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx ++FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ ++BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ++AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ ++zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj ++VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ ++wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r ++sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d ++dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC ++AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o ++wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N +++J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ ++y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW ++EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL ++Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1 ++oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j ++28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u + -----END CERTIFICATE----- +diff --git a/test/net/imap/server.key b/test/net/imap/server.key +index 1e73232728..7f2380e71e 100644 +--- a/test/net/imap/server.key ++++ b/test/net/imap/server.key +@@ -1,28 +1,28 @@ + -----BEGIN PRIVATE KEY----- +-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k +-339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu +-cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l +-//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT +-XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP +-CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym +-WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM +-BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9 +-fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j +-hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T +-uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q +-8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB +-s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z +-AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl +-lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x +-u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm +-gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr +-45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN +-W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM +-spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3 +-bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW +-uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox +-kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+ +-XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE +-bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml +-uCiVeqoPl+JIg4m8Tz76XWo= ++MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN ++XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU ++Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC ++6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE ++cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ ++n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u ++/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ ++DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho ++LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX ++QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej ++hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ ++1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt ++liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd ++U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc ++pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC ++A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1 ++ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs ++oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD ++gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ ++xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn ++kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ ++uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ ++y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ ++g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8 ++wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7 ++2whRF0FEjKA8ehrNhAq+VFfFNw== + -----END PRIVATE KEY----- +-- +2.20.1 + diff --git a/SOURCES/rubygems-2.3.0-refactor-checking-really_verbose.patch b/SOURCES/rubygems-2.3.0-refactor-checking-really_verbose.patch new file mode 100644 index 0000000..5990f3e --- /dev/null +++ b/SOURCES/rubygems-2.3.0-refactor-checking-really_verbose.patch @@ -0,0 +1,219 @@ +From 75821c744f0bfda185eac35b91810254bf9e2367 Mon Sep 17 00:00:00 2001 +From: Aaron Patterson +Date: Wed, 5 Feb 2014 16:42:04 -0800 +Subject: [PATCH] refactor checking `really_verbose` + +This commit tries to reduce the number of places in RubyGems where we +test `really_verbose`. +--- + lib/rubygems/commands/cleanup_command.rb | 4 ++-- + lib/rubygems/dependency_installer.rb | 6 +++--- + lib/rubygems/installer.rb | 6 +++--- + lib/rubygems/package.rb | 2 +- + lib/rubygems/package/old.rb | 2 +- + lib/rubygems/rdoc.rb | 2 +- + lib/rubygems/remote_fetcher.rb | 23 ++++++++--------------- + lib/rubygems/user_interaction.rb | 8 ++++++++ + 8 files changed, 27 insertions(+), 26 deletions(-) + +diff --git a/lib/rubygems/commands/cleanup_command.rb b/lib/rubygems/commands/cleanup_command.rb +index c8f0082bfb..69975640fe 100644 +--- a/lib/rubygems/commands/cleanup_command.rb ++++ b/lib/rubygems/commands/cleanup_command.rb +@@ -66,10 +66,10 @@ def execute + + say "Clean Up Complete" + +- if Gem.configuration.really_verbose then ++ verbose do + skipped = @default_gems.map { |spec| spec.full_name } + +- say "Skipped default gems: #{skipped.join ', '}" ++ "Skipped default gems: #{skipped.join ', '}" + end + end + +diff --git a/lib/rubygems/dependency_installer.rb b/lib/rubygems/dependency_installer.rb +index 5644b5ce73..4ea3847b70 100644 +--- a/lib/rubygems/dependency_installer.rb ++++ b/lib/rubygems/dependency_installer.rb +@@ -165,9 +165,9 @@ def find_gems_with_sources dep, best_only=false # :nodoc: + # FIX if there is a problem talking to the network, we either need to always tell + # the user (no really_verbose) or fail hard, not silently tell them that we just + # couldn't find their requested gem. +- if Gem.configuration.really_verbose then +- say "Error fetching remote data:\t\t#{e.message}" +- say "Falling back to local-only install" ++ verbose do ++ "Error fetching remote data:\t\t#{e.message}\n" \ ++ "Falling back to local-only install" + end + @domain = :local + end +diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb +index cbae8234a1..548f1262a8 100644 +--- a/lib/rubygems/installer.rb ++++ b/lib/rubygems/installer.rb +@@ -357,7 +357,7 @@ def generate_windows_script(filename, bindir) + file.puts windows_stub_script(bindir, filename) + end + +- say script_path if Gem.configuration.really_verbose ++ verbose script_path + end + end + +@@ -408,7 +408,7 @@ def generate_bin_script(filename, bindir) + file.print app_script_text(filename) + end + +- say bin_script_path if Gem.configuration.really_verbose ++ verbose bin_script_path + + generate_windows_script filename, bindir + end +@@ -694,7 +694,7 @@ def build_extension extension, dest_path # :nodoc: + results = builder.build(extension, gem_dir, dest_path, + results, @build_args) + +- say results.join("\n") if Gem.configuration.really_verbose ++ verbose { results.join("\n") } + end + end + rescue +diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb +index ae20f22b94..417b34b79f 100644 +--- a/lib/rubygems/package.rb ++++ b/lib/rubygems/package.rb +@@ -338,7 +338,7 @@ def extract_tar_gz io, destination_dir, pattern = "*" # :nodoc: + out.write entry.read + end + +- say destination if Gem.configuration.really_verbose ++ verbose destination + end + end + end +diff --git a/lib/rubygems/package/old.rb b/lib/rubygems/package/old.rb +index 30c30c0201..c47210d2a0 100644 +--- a/lib/rubygems/package/old.rb ++++ b/lib/rubygems/package/old.rb +@@ -83,7 +83,7 @@ def extract_files destination_dir + out.write file_data + end + +- say destination if Gem.configuration.really_verbose ++ verbose destination + end + end + rescue Zlib::DataError +diff --git a/lib/rubygems/rdoc.rb b/lib/rubygems/rdoc.rb +index 633bd893a5..394e502051 100644 +--- a/lib/rubygems/rdoc.rb ++++ b/lib/rubygems/rdoc.rb +@@ -263,7 +263,7 @@ def legacy_rdoc *args + Gem::Requirement.new('>= 2.4.0') =~ self.class.rdoc_version + + r = new_rdoc +- say "rdoc #{args.join ' '}" if Gem.configuration.really_verbose ++ verbose { "rdoc #{args.join ' '}" } + + Dir.chdir @spec.full_gem_path do + begin +diff --git a/lib/rubygems/remote_fetcher.rb b/lib/rubygems/remote_fetcher.rb +index 2490c69556..9df48bf6f3 100644 +--- a/lib/rubygems/remote_fetcher.rb ++++ b/lib/rubygems/remote_fetcher.rb +@@ -168,8 +168,7 @@ def download(spec, source_uri, install_dir = Gem.dir) + when 'http', 'https' then + unless File.exist? local_gem_path then + begin +- say "Downloading gem #{gem_file_name}" if +- Gem.configuration.really_verbose ++ verbose "Downloading gem #{gem_file_name}" + + remote_gem_path = source_uri + "gems/#{gem_file_name}" + +@@ -179,8 +178,7 @@ def download(spec, source_uri, install_dir = Gem.dir) + + alternate_name = "#{spec.original_name}.gem" + +- say "Failed, downloading gem #{alternate_name}" if +- Gem.configuration.really_verbose ++ verbose "Failed, downloading gem #{alternate_name}" + + remote_gem_path = source_uri + "gems/#{alternate_name}" + +@@ -199,8 +197,7 @@ def download(spec, source_uri, install_dir = Gem.dir) + local_gem_path = source_uri.to_s + end + +- say "Using local gem #{local_gem_path}" if +- Gem.configuration.really_verbose ++ verbose "Using local gem #{local_gem_path}" + when nil then # TODO test for local overriding cache + source_path = if Gem.win_platform? && source_uri.scheme && + !source_uri.path.include?(':') then +@@ -218,8 +215,7 @@ def download(spec, source_uri, install_dir = Gem.dir) + local_gem_path = source_uri.to_s + end + +- say "Using local gem #{local_gem_path}" if +- Gem.configuration.really_verbose ++ verbose "Using local gem #{local_gem_path}" + else + raise ArgumentError, "unsupported URI scheme #{source_uri.scheme}" + end +@@ -506,8 +502,7 @@ def fetch + begin + @requests[connection.object_id] += 1 + +- say "#{request.method} #{uri}" if +- Gem.configuration.really_verbose ++ verbose "#{request.method} #{uri}" + + file_name = File.basename(uri.path) + # perform download progress reporter only for gems +@@ -536,11 +531,10 @@ def fetch + response = connection.request request + end + +- say "#{response.code} #{response.message}" if +- Gem.configuration.really_verbose ++ verbose "#{response.code} #{response.message}" + + rescue Net::HTTPBadResponse +- say "bad response" if Gem.configuration.really_verbose ++ verbose "bad response" + + reset connection + +@@ -555,8 +549,7 @@ def fetch + Errno::ECONNABORTED, Errno::ECONNRESET, Errno::EPIPE + + requests = @requests[connection.object_id] +- say "connection reset after #{requests} requests, retrying" if +- Gem.configuration.really_verbose ++ verbose "connection reset after #{requests} requests, retrying" + + raise FetchError.new('too many connection resets', uri) if retried + +diff --git a/lib/rubygems/user_interaction.rb b/lib/rubygems/user_interaction.rb +index f5e460f994..42ab6e2c24 100644 +--- a/lib/rubygems/user_interaction.rb ++++ b/lib/rubygems/user_interaction.rb +@@ -119,6 +119,14 @@ def say statement = '' + def terminate_interaction(*args) + ui.terminate_interaction(*args) + end ++ ++ ## ++ # Calls +say+ with +msg+ or the results of the block if really_verbose ++ # is true. ++ ++ def verbose msg = nil ++ say(msg || yield) if Gem.configuration.really_verbose ++ end + end + + ## diff --git a/SPECS/ruby.spec b/SPECS/ruby.spec index a81c588..194fd37 100644 --- a/SPECS/ruby.spec +++ b/SPECS/ruby.spec @@ -26,7 +26,7 @@ %endif -%global release 34 +%global release 35 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} %global rubygems_version 2.0.14.1 @@ -246,6 +246,25 @@ Patch49: ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch # https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5 # https://github.com/ruby/ruby/commit/93bc10272734cbbb9197470ca629cc4ea019f6f0 Patch50: ruby-2.5.3-fix-openssl-x509-name.patch +# Refresh expired certificates. +# https://bugs.ruby-lang.org/issues/15502 +Patch63: ruby-2.6.0-Try-to-update-cert.patch +# Introduce `Gem::UserInteraction#verbose` method as precondition +# to fix CVE-2019-8321. +# https://github.com/rubygems/rubygems/commit/75821c744f0bfda185eac35b91810254bf9e2367 +Patch66: rubygems-2.3.0-refactor-checking-really_verbose.patch +# CVE-2019-8321: Escape sequence injection vulnerability in verbose +# https://bugzilla.redhat.com/show_bug.cgi?id=1692514 +# CVE-2019-8322: Escape sequence injection vulnerability in gem owner +# https://bugzilla.redhat.com/show_bug.cgi?id=1692516 +# CVE-2019-8323: Escape sequence injection vulnerability in API response handling +# https://bugzilla.redhat.com/show_bug.cgi?id=1692519 +# CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution +# https://bugzilla.redhat.com/show_bug.cgi?id=1692520 +# CVE-2019-8325: Escape sequence injection vulnerability in errors +# https://bugzilla.redhat.com/show_bug.cgi?id=1692522 +# https://github.com/ruby/ruby/commit/f86e5daee790ee509cb17f4f51f95cc76ca89a4e +Patch67: ruby-2.4.6-Applied-security-patches-for-RubyGems.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: ruby(rubygems) >= %{rubygems_version} @@ -538,6 +557,9 @@ Tcl/Tk interface for the object-oriented scripting language Ruby. %patch48 -p1 %patch49 -p1 %patch50 -p1 +%patch63 -p1 +%patch66 -p1 +%patch67 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1030,6 +1052,21 @@ OPENSSL_ENABLE_MD5_VERIFY=1 make check TESTS="-v $DISABLE_TESTS" %{ruby_libdir}/tkextlib %changelog +* Thu Apr 04 2019 Vít Ondruch - 2.0.0.648-35 +- Introduce `Gem::UserInteraction#verbose` method as precondition to fix + CVE-2019-8321. + * rubygems-2.3.0-refactor-checking-really_verbose.patch +- Fix escape sequence injection vulnerability in verbose. +- Fix escape sequence injection vulnerability in gem owner. +- Fix escape sequence injection vulnerability in API response handling. +- Prohibit arbitrary code execution when installing a malicious gem. +- Fix escape sequence injection vulnerability in errors. + * ruby-2.4.6-Applied-security-patches-for-RubyGems.patch + Resolves: rhbz#1699283 + +* Mon Feb 04 2019 Jun Aruga - 2.0.0.648-35 +- Refresh expired certificates. + * Thu Nov 01 2018 Jun Aruga - 2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395