Update to 1.9.3 p286

- Don't create files when NUL-containing path name is passed
  (bug 865940)

.gitignore

@@ -11,3 +11,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz
 /ruby-1.9.3-p0.tar.gz
 /ruby-1.9.3-p125.tar.gz
 /ruby-1.9.3-p194.tar.gz
+/ruby-1.9.3-p286.tar.gz

ruby-1.9.3-backport-from-trunk-rev37068.patch

@@ -1,103 +0,0 @@
-Patch from trunk for CVE-2012-4464, CVE-2012-4466
-Part for test/ruby/test_exception.rb was adjusted for ruby 1.9.3
-
-Mamoru Tasaka <mtasaka@fedoraproject.org>
-
-------------------------------------------------------------------------
-r37068 | shugo | 2012-10-03 02:25:10 +0900 (Wed, 03 Oct 2012) | 2 lines
-
-* error.c (exc_to_s, name_err_to_s, name_err_mesg_to_str): do not
-  taint messages.
-------------------------------------------------------------------------
-Index: error.c
-===================================================================
---- error.c	(revision 37067)
-+++ error.c	(revision 37068)
-@@ -635,7 +635,6 @@
- 
-     if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));
-     r = rb_String(mesg);
--    OBJ_INFECT(r, exc);
-     return r;
- }
- 
-@@ -996,11 +995,7 @@
- 
-     if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc));
-     StringValue(str);
--    if (str != mesg) {
--	rb_iv_set(exc, "mesg", mesg = str);
--    }
--    OBJ_INFECT(mesg, exc);
--    return mesg;
-+    return str;
- }
- 
- /*
-@@ -1131,7 +1126,6 @@
- 	args[2] = d;
- 	mesg = rb_f_sprintf(NAME_ERR_MESG_COUNT, args);
-     }
--    OBJ_INFECT(mesg, obj);
-     return mesg;
- }
- 
-Index: test/ruby/test_exception.rb
-===================================================================
---- test/ruby/test_exception.rb	(revision 37067)
-+++ test/ruby/test_exception.rb	(modified)
-@@ -333,4 +333,54 @@
-       load(t.path)
-     end
-   end
-+
-+  def test_to_s_taintness_propagation
-+    for exc in [Exception, NameError]
-+      m = "abcdefg"
-+      e = exc.new(m)
-+      e.taint
-+      s = e.to_s
-+      assert_equal(false, m.tainted?,
-+                   "#{exc}#to_s should not propagate taintness")
-+      assert_equal(false, s.tainted?,
-+                   "#{exc}#to_s should not propagate taintness")
-+    end
-+    
-+    o = Object.new
-+    def o.to_str
-+      "foo"
-+    end
-+    o.taint
-+    e = NameError.new(o)
-+    s = e.to_s
-+    assert_equal(false, s.tainted?)
-+  end
-+
-+  def test_exception_to_s_should_not_propagate_untrustedness
-+    favorite_lang = "Ruby"
-+
-+    for exc in [Exception, NameError]
-+      assert_raise(SecurityError) do
-+        lambda {
-+          $SAFE = 4
-+          exc.new(favorite_lang).to_s
-+          favorite_lang.replace("Python")
-+        }.call
-+      end
-+    end
-+
-+    assert_raise(SecurityError) do
-+      lambda {
-+        $SAFE = 4
-+        o = Object.new
-+        o.singleton_class.send(:define_method, :to_str) {
-+          favorite_lang
-+        }
-+        NameError.new(o).to_s
-+        favorite_lang.replace("Python")
-+      }.call
-+    end
-+
-+    assert_equal("Ruby", favorite_lang)
-+  end
- end

ruby-1.9.3-p286-open-devtty-on-koji.patch

@@ -0,0 +1,14 @@
+--- ruby-1.9.3-p286/test/ruby/test_io.rb.devtty	2012-10-12 17:37:54.000000000 +0900
++++ ruby-1.9.3-p286/test/ruby/test_io.rb	2012-10-13 14:00:24.000000000 +0900
+@@ -2068,6 +2068,11 @@
+     return if /linux/ !~ RUBY_PLATFORM
+     return if /^i.?86|^x86_64/ !~ RUBY_PLATFORM
+     return unless File.exist?('/dev/tty')
++    begin
++      File.open('/dev/tty') {|f|}
++    rescue Errno::ENXIO
++      return
++    end
+ 
+     File.open('/dev/tty') { |f|
+       tiocgwinsz=0x5413

ruby.spec

@@ -1,7 +1,7 @@
 %global major_version 1
 %global minor_version 9
 %global teeny_version 3
-%global patch_level 194
+%global patch_level 286
 
 %global major_minor_version %{major_version}.%{minor_version}
 
@@ -56,7 +56,7 @@ Version: %{ruby_version_patch_level}
 # we cannot reset the release number to 1 even when the main (ruby) version
 # is updated - because it may be that the versions of sub-components don't
 # change.
-Release: 18%{?dist}
+Release: 19%{?dist}
 Group: Development/Languages
 # Public Domain for example for: include/ruby/st.h, strftime.c, ...
 License: (Ruby or BSD) and Public Domain
@@ -79,7 +79,8 @@ Patch4: ruby-1.9.3-fix-s390x-build.patch
 # when it exists outside of the GEM_HOME (already fixed in the upstream)
 Patch5: ruby-1.9.3-rubygems-1.8.11-uninstaller.patch
 # http://redmine.ruby-lang.org/issues/5135 - see comment 29
-Patch6: ruby-1.9.3-webrick-test-fix.patch
+# Fixed in ruby 1.9.3p286
+#Patch6: ruby-1.9.3-webrick-test-fix.patch
 # Already fixed upstream:
 # https://github.com/ruby/ruby/commit/f212df564a4e1025f9fb019ce727022a97bfff53
 Patch7: ruby-1.9.3-bignum-test-fix.patch
@@ -91,7 +92,11 @@ Patch8: ruby-1.9.3-custom-rubygems-location.patch
 Patch9: rubygems-1.8.11-binary-extensions.patch
 # Patch from trunk for CVE-4464, CVE-4466
 # http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37068
-Patch10: ruby-1.9.3-backport-from-trunk-rev37068.patch
+# Fixed in ruby 1.9.3p286
+#Patch10: ruby-1.9.3-backport-from-trunk-rev37068.patch
+# Opening /dev/tty fails with ENXIO (ref: man 2 open) on koji.
+# Let's rescue this
+Patch10: ruby-1.9.3-p286-open-devtty-on-koji.patch
 # Make mkmf verbose by default
 Patch12: ruby-1.9.3-mkmf-verbose.patch
 
@@ -330,11 +335,11 @@ Tcl/Tk interface for the object-oriented scripting language Ruby.
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
-%patch6 -p1
+#%%patch6 -p1
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
-%patch10 -p0
+%patch10 -p1
 %patch12 -p1
 
 %build
@@ -741,6 +746,11 @@ make check TESTS="-v $DISABLE_TESTS"
 %{ruby_libdir}/tkextlib
 
 %changelog
+* Sat Oct 13 2012 Mamoru TASAKA <mtasaka@fedoraproject.org> - 1.9.3.286-19
+- Update to 1.9.3 p286
+- Don't create files when NUL-containing path name is passed
+  (bug 865940)
+
 * Thu Oct 04 2012 Mamoru Tasaka <mtasaka@fedoraproject.org> - 1.9.3.194-18
 - Patch from trunk for CVE-2012-4464, CVE-2012-4466
 

sources

@@ -1 +1 @@
-bc0c715c69da4d1d8bd57069c19f6c0e  ruby-1.9.3-p194.tar.gz
+e2469b55c2a3d0d643097d47fe4984bb  ruby-1.9.3-p286.tar.gz