diff --git a/.gitignore b/.gitignore index 1dfa940..752552f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/ruby-2.7.6.tar.xz +SOURCES/ruby-2.7.8.tar.xz SOURCES/ruby-rubygems-bundler-v2.2.24.txz diff --git a/.ruby.metadata b/.ruby.metadata index 72f3175..1c803fa 100644 --- a/.ruby.metadata +++ b/.ruby.metadata @@ -1,2 +1,2 @@ -068e3e11799250781ba4a68eb4f015bab35966e3 SOURCES/ruby-2.7.6.tar.xz +9e7c7b790652d6c81ce1157b18eab5f8b11b0a27 SOURCES/ruby-2.7.8.tar.xz da17623116cb189baeb3251f828d679e5570a938 SOURCES/ruby-rubygems-bundler-v2.2.24.txz diff --git a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 77b20ef..adff2e7 100644 --- a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3121,6 +3121,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3140,6 +3140,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index a79aa25..df5b642 100644 --- a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -3759,7 +3759,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -3778,7 +3778,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/SOURCES/ruby-2.1.0-always-use-i386.patch b/SOURCES/ruby-2.1.0-always-use-i386.patch index a5a4011..7010897 100644 --- a/SOURCES/ruby-2.1.0-always-use-i386.patch +++ b/SOURCES/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -3823,6 +3823,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -3842,6 +3842,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch index ddfe9a5..f7c4c13 100644 --- a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch +++ b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -3795,6 +3795,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -3814,6 +3814,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -3819,6 +3823,7 @@ AC_SUBST(sitearchdir)dnl +@@ -3838,6 +3842,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/SOURCES/ruby-2.3.0-ruby_version.patch b/SOURCES/ruby-2.3.0-ruby_version.patch index a5865ce..7ea4b76 100644 --- a/SOURCES/ruby-2.3.0-ruby_version.patch +++ b/SOURCES/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -3710,9 +3710,6 @@ AS_CASE(["$target_os"], +@@ -3729,9 +3729,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -3735,56 +3732,62 @@ AC_ARG_WITH(ridir, +@@ -3754,56 +3751,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -3801,6 +3804,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -3820,6 +3823,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch b/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch index 5dd2654..97bcbac 100644 --- a/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch +++ b/SOURCES/ruby-2.7.0-Initialize-ABRT-hook.patch @@ -57,7 +57,7 @@ diff --git a/ruby.c b/ruby.c index 60c57d6259..1eec16f2c8 100644 --- a/ruby.c +++ b/ruby.c -@@ -1451,10 +1451,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) +@@ -1463,10 +1463,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) void Init_builtin_features(void); diff --git a/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch b/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch index ddd70e6..83751aa 100644 --- a/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch +++ b/SOURCES/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch @@ -17,6 +17,6 @@ index 7c17cd54..f721f247 100644 spec.required_ruby_version = ">= 2.3.0" - spec.add_runtime_dependency "ipaddr" - spec.add_development_dependency "rake" + spec.add_development_dependency "rake", ">= 11.2.0" spec.add_development_dependency "rake-compiler" spec.add_development_dependency "test-unit", "~> 3.0" diff --git a/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch b/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch index 3fa0747..0594670 100644 --- a/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch +++ b/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch @@ -12,7 +12,7 @@ diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb index f38f903..a6e2019 100644 --- a/test/fiddle/helper.rb +++ b/test/fiddle/helper.rb -@@ -20,8 +20,8 @@ +@@ -36,8 +36,8 @@ # 64-bit ruby libdir = '/lib64' if File.directory? '/lib64' end diff --git a/SPECS/ruby.spec b/SPECS/ruby.spec index 509673d..8d617d8 100644 --- a/SPECS/ruby.spec +++ b/SPECS/ruby.spec @@ -1,6 +1,6 @@ %global major_version 2 %global minor_version 7 -%global teeny_version 6 +%global teeny_version 8 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -22,7 +22,7 @@ %endif -%global release 138 +%global release 139 %{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -49,7 +49,7 @@ %global irb_version 1.2.6 %global json_version 2.3.0 %global net_telnet_version 0.2.0 -%global openssl_version 2.1.3 +%global openssl_version 2.1.4 %global psych_version 3.1.0 %global racc_version 1.4.16 %global rdoc_version 6.2.1.1 @@ -1146,7 +1146,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %files default-gems %{gem_dir}/specifications/default/benchmark-0.1.0.gemspec -%{gem_dir}/specifications/default/cgi-0.1.0.1.gemspec +%{gem_dir}/specifications/default/cgi-0.1.0.2.gemspec %{gem_dir}/specifications/default/csv-3.1.2.gemspec %{gem_dir}/specifications/default/date-3.0.3.gemspec %{gem_dir}/specifications/default/dbm-1.1.0.gemspec @@ -1182,7 +1182,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %{gem_dir}/specifications/default/strscan-1.0.3.gemspec %{gem_dir}/specifications/default/timeout-0.1.0.gemspec %{gem_dir}/specifications/default/tracer-0.1.0.gemspec -%{gem_dir}/specifications/default/uri-0.10.0.gemspec +%{gem_dir}/specifications/default/uri-0.10.0.2.gemspec %{gem_dir}/specifications/default/webrick-1.6.1.gemspec %{gem_dir}/specifications/default/yaml-0.1.0.gemspec %{gem_dir}/specifications/default/zlib-1.1.0.gemspec @@ -1298,13 +1298,23 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %changelog +* Tue Apr 25 2023 Jarek Prokop - 2.7.8-139 +- Upgrade to Ruby 2.7.8. + Resolves: rhbz#2189465 +- Fix HTTP response splitting in CGI. + Resolves: CVE-2021-33621 +- Fix ReDoS vulnerability in URI. + Resolves: CVE-2023-28755 +- Fix ReDoS vulnerability in Time. + Resolves: CVE-2023-28756 + * Tue Jul 19 2022 Jarek Prokop - 2.7.6-138 - Upgrade to Ruby 2.7.6. - Resolves: rhbz#2109424 + Resolves: rhbz#2096345 - Fix FTBFS due to an incompatible load directive. - Related: rhbz#2109424 + Related: rhbz#2096345 - Fix a fiddle import test on an optimized glibc on Power 9. - Related: rhbz#2109424 + Related: rhbz#2096345 - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods. Resolves: CVE-2021-41817 - Fix cookie prefix spoofing in CGI::Cookie.parse.