rpms
/
ruby
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Upgrade to Ruby 2.5.0 (r61214).

This commit is contained in:
Jun Aruga 2017-12-14 18:27:33 +01:00
parent 31265d7a88
commit 9474e3d4fe
12 changed files with 176 additions and 300 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ruby-1.9.3-mkmf-verbose.patch
View File

@ -11,7 +11,7 @@ diff --git a/lib/mkmf.rb b/lib/mkmf.rb
index 682eb46..e6b1445 100644
--- a/lib/mkmf.rb
+++ b/lib/mkmf.rb
@@ -1897,7 +1897,7 @@ def configuration(srcdir)
@@ -1899,7 +1899,7 @@ def configuration(srcdir)
SHELL = /bin/sh
# V=0 quiet, V=1 verbose. other values don't work.

20
ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch
View File

@ -6,14 +6,14 @@ Subject: [PATCH] Allow to specify addition preludes by configuration option.
---
Makefile.in | 2 ++
common.mk | 2 +-
configure.in | 7 +++++++
configure.ac | 7 +++++++
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/Makefile.in b/Makefile.in
index 7e8ed82..7916993 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -116,6 +116,8 @@ XRUBY_RUBYLIBDIR = @XRUBY_RUBYLIBDIR@
@@ -119,6 +119,8 @@ XRUBY_RUBYLIBDIR = @XRUBY_RUBYLIBDIR@
XRUBY_RUBYHDRDIR = @XRUBY_RUBYHDRDIR@
BOOTSTRAPRUBY = @BOOTSTRAPRUBY@
@ -26,20 +26,20 @@ diff --git a/common.mk b/common.mk
index 5cfbc3d..3f0a82e 100644
--- a/common.mk
+++ b/common.mk
@@ -144,7 +144,7 @@ ALLOBJS = $(NORMALMAINOBJ) $(MINIOBJS) $(COMMONOBJS) $(INITOBJS)
@@ -147,7 +147,7 @@ ALLOBJS = $(NORMALMAINOBJ) $(MINIOBJS) $(COMMONOBJS) $(INITOBJS)
GOLFOBJS = goruby.$(OBJEXT) golf_prelude.$(OBJEXT)
DEFAULT_PRELUDES = $(GEM_PRELUDE)
-PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(srcdir)/enc/prelude.rb $(DEFAULT_PRELUDES)
+PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(srcdir)/enc/prelude.rb $(DEFAULT_PRELUDES) $(OPTIONAL_PRELUDES)
-PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(DEFAULT_PRELUDES)
+PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(DEFAULT_PRELUDES) $(OPTIONAL_PRELUDES)
GEM_PRELUDE = $(srcdir)/gem_prelude.rb
PRELUDES = {$(srcdir)}prelude.c {$(srcdir)}miniprelude.c
GOLFPRELUDES = {$(srcdir)}golf_prelude.c
diff --git a/configure.in b/configure.in
index 0e371e2..d4f1dcb 100644
--- a/configure.in
+++ b/configure.in
@@ -4563,6 +4563,13 @@ AC_SUBST(rubyarchhdrdir)dnl
diff --git a/configure.ac b/configure.ac
index 028ef7ca3e..cdeff87871 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4387,6 +4387,13 @@ AC_SUBST(rubyarchhdrdir)dnl
AC_SUBST(sitearchhdrdir)dnl
AC_SUBST(vendorarchhdrdir)dnl

14
ruby-2.1.0-Enable-configuration-of-archlibdir.patch
View File

@ -4,15 +4,15 @@ Date: Tue, 1 Oct 2013 12:22:40 +0200
Subject: [PATCH] Allow to configure libruby.so placement.
---
configure.in | 5 +++++
configure.ac | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/configure.in b/configure.in
index 37d9a62..553d4d0 100644
--- a/configure.in
+++ b/configure.in
@@ -3823,6 +3823,11 @@ if test ${multiarch+set}; then
fi
diff --git a/configure.ac b/configure.ac
index 11fc237552..b77e88fc37 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3632,6 +3632,11 @@ AS_IF([test ${multiarch+set}], [
])
archlibdir='${libdir}/${arch}'
+AC_ARG_WITH(archlibdir,

19
ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
View File

@ -5,16 +5,16 @@ Subject: [PATCH] Prevent duplicated paths when empty version string is
configured.
---
configure.in | 3 ++-
configure.ac | 3 ++-
loadpath.c | 12 ++++++++++++
tool/mkconfig.rb | 2 +-
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/configure.in b/configure.in
index db37cd6..ce8d149 100644
--- a/configure.in
+++ b/configure.in
@@ -4417,7 +4417,8 @@ AS_CASE(["$ruby_version_dir_name"],
diff --git a/configure.ac b/configure.ac
index 999e2d6d5d..11fc237552 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4242,7 +4242,8 @@ AS_CASE(["$ruby_version_dir_name"],
ruby_version_dir=/'${ruby_version_dir_name}'
if test -z "${ruby_version_dir_name}"; then
@ -28,7 +28,7 @@ diff --git a/loadpath.c b/loadpath.c
index 9160031..0d4d953 100644
--- a/loadpath.c
+++ b/loadpath.c
@@ -65,22 +65,34 @@ const char ruby_initial_load_paths[] =
@@ -65,21 +65,33 @@ const char ruby_initial_load_paths[] =
RUBY_SEARCH_PATH "\0"
#endif
#ifndef NO_RUBY_SITE_LIB
@ -58,16 +58,15 @@ index 9160031..0d4d953 100644
RUBY_VENDOR_ARCH_LIB_FOR(RUBY_SITEARCH) "\0"
+#ifndef RUBY_LIB_VERSION_BLANK
RUBY_VENDOR_LIB "\0"
#endif
+#endif
#endif
RUBY_LIB "\0"
#ifdef RUBY_THINARCH
diff --git a/tool/mkconfig.rb b/tool/mkconfig.rb
index 07076d4..35e6c3c 100755
--- a/tool/mkconfig.rb
+++ b/tool/mkconfig.rb
@@ -113,7 +113,7 @@
@@ -111,7 +111,7 @@
val = val.gsub(/\$(?:\$|\{?(\w+)\}?)/) {$1 ? "$(#{$1})" : $&}.dump
case name
when /^prefix$/

16
ruby-2.1.0-always-use-i386.patch
View File

@ -4,22 +4,22 @@ Date: Mon, 19 Nov 2012 14:37:28 +0100
Subject: [PATCH] Always use i386.
---
configure.in | 2 ++
configure.ac | 2 ++
1 file changed, 2 insertions(+)
diff --git a/configure.in b/configure.in
index 553d4d0..03a4152 100644
--- a/configure.in
+++ b/configure.in
@@ -4481,6 +4481,8 @@ AC_SUBST(vendorarchdir)dnl
diff --git a/configure.ac b/configure.ac
index b77e88fc37..6bba453e3c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4306,6 +4306,8 @@ AC_SUBST(vendorarchdir)dnl
AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
+target_cpu=`echo $target_cpu | sed s/i.86/i386/`
+
if test "${universal_binary-no}" = yes ; then
AS_IF([test "${universal_binary-no}" = yes ], [
arch="universal-${target_os}"
if test "${rb_cv_architecture_available}" = yes; then
AS_IF([test "${rb_cv_architecture_available}" = yes], [
--
1.8.3.1

30
ruby-2.1.0-custom-rubygems-location.patch
View File

@ -5,17 +5,17 @@ Subject: [PATCH] Allow to install RubyGems into custom location, outside of
Ruby tree.
---
configure.in | 5 +++++
configure.ac | 5 +++++
loadpath.c | 4 ++++
template/verconf.h.tmpl | 3 +++
tool/rbinstall.rb | 9 +++++++++
4 files changed, 21 insertions(+)
tool/rbinstall.rb | 7 +++++++
4 files changed, 19 insertions(+)
diff --git a/configure.in b/configure.in
index 03a4152..0e371e2 100644
--- a/configure.in
+++ b/configure.in
@@ -4453,6 +4453,10 @@ AC_ARG_WITH(vendorarchdir,
diff --git a/configure.ac b/configure.ac
index 6bba453e3c..028ef7ca3e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4278,6 +4278,10 @@ AC_ARG_WITH(vendorarchdir,
[vendorarchdir=$withval],
[vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
@ -23,10 +23,10 @@ index 03a4152..0e371e2 100644
+ AS_HELP_STRING([--with-rubygemsdir=DIR], [custom rubygems directory]),
+ [rubygemsdir=$withval])
+
if test "${LOAD_RELATIVE+set}"; then
AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
RUBY_EXEC_PREFIX=''
@@ -4477,6 +4481,7 @@ AC_SUBST(sitearchdir)dnl
@@ -4302,6 +4306,7 @@ AC_SUBST(sitearchdir)dnl
AC_SUBST(vendordir)dnl
AC_SUBST(vendorlibdir)dnl
AC_SUBST(vendorarchdir)dnl
@ -67,7 +67,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb
index b47b6e1..0b99408 100755
--- a/tool/rbinstall.rb
+++ b/tool/rbinstall.rb
@@ -330,6 +330,7 @@ def CONFIG.[](name, mandatory = false)
@@ -331,6 +331,7 @@ def CONFIG.[](name, mandatory = false)
sitearchlibdir = CONFIG["sitearchdir"]
vendorlibdir = CONFIG["vendorlibdir"]
vendorarchlibdir = CONFIG["vendorarchdir"]
@ -75,17 +75,15 @@ index b47b6e1..0b99408 100755
mandir = CONFIG["mandir", true]
docdir = CONFIG["docdir", true]
configure_args = Shellwords.shellwords(CONFIG["configure_args"])
@@ -517,7 +518,15 @@ def CONFIG.[](name, mandatory = false)
@@ -537,7 +538,13 @@ def install(src, cmd)
install?(:local, :comm, :lib) do
prepare "library scripts", rubylibdir
noinst = %w[README* *.txt *.rdoc *.gemspec]
+ noinst += %w[*ubygems.rb rubygems/ datadir.rb] if rubygemsdir
noinst = %w[*.txt *.rdoc *.gemspec]
+ noinst += %w[rubygems.rb rubygems/ datadir.rb] if rubygemsdir
install_recursive(File.join(srcdir, "lib"), rubylibdir, :no_install => noinst, :mode => $data_mode)
+ if rubygemsdir
+ noinst = %w[obsolete.rb]
+ install_recursive(File.join(srcdir, "lib", "rubygems"), File.join(rubygemsdir, "rubygems"), :mode => $data_mode)
+ install_recursive(File.join(srcdir, "lib", "rbconfig"), File.join(rubygemsdir, "rbconfig"), :no_install => noinst, :mode => $data_mode)
+ install(File.join(srcdir, "lib", "ubygems.rb"), File.join(rubygemsdir, "ubygems.rb"), :mode => $data_mode)
+ install(File.join(srcdir, "lib", "rubygems.rb"), File.join(rubygemsdir, "rubygems.rb"), :mode => $data_mode)
+ end
end

2
ruby-2.2.3-Generate-preludes-using-miniruby.patch
View File

@ -11,7 +11,7 @@ diff --git a/common.mk b/common.mk
index 168dc52..20c218a 100644
--- a/common.mk
+++ b/common.mk
@@ -873,9 +873,9 @@ $(MINIPRELUDE_C): $(COMPILE_PRELUDE)
@@ -956,9 +956,9 @@ $(MINIPRELUDE_C): $(COMPILE_PRELUDE)
$(srcdir)/template/prelude.c.tmpl
$(PRELUDE_C): $(COMPILE_PRELUDE) \

44
ruby-2.3.0-ruby_version.patch
View File

@ -12,15 +12,15 @@ ruby_version_dir_name now specifies custom version string for versioned
directories, e.g. instead of default X.Y.Z, you can specify whatever
string.
---
configure.in | 64 ++++++++++++++++++++++++++++-------------------------
configure.ac | 64 ++++++++++++++++++++++++++++-------------------------
template/ruby.pc.in | 1 +
2 files changed, 35 insertions(+), 30 deletions(-)
diff --git a/configure.in b/configure.in
index db37cd6..6e73fae 100644
--- a/configure.in
+++ b/configure.in
@@ -4368,9 +4368,6 @@ AS_CASE(["$target_os"],
diff --git a/configure.ac b/configure.ac
index 8ea969412f..a00f2b6776 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4193,9 +4193,6 @@ AS_CASE(["$target_os"],
rubyw_install_name='$(RUBYW_INSTALL_NAME)'
])
@ -30,7 +30,7 @@ index db37cd6..6e73fae 100644
rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
AC_ARG_WITH(rubyarchprefix,
AS_HELP_STRING([--with-rubyarchprefix=DIR],
@@ -4393,56 +4390,62 @@ AC_ARG_WITH(ridir,
@@ -4218,56 +4215,62 @@ AC_ARG_WITH(ridir,
AC_SUBST(ridir)
AC_SUBST(RI_BASE_NAME)
@ -43,7 +43,7 @@ index db37cd6..6e73fae 100644
-AS_CASE(["$ruby_version"],
- [full], [RUBY_LIB_VERSION_STYLE='3 /* full */'],
- [minor], [RUBY_LIB_VERSION_STYLE='2 /* minor */'])
-if test ${RUBY_LIB_VERSION_STYLE+set}; then
-AS_IF([test ${RUBY_LIB_VERSION_STYLE+set}], [
- {
- echo "#define RUBY_LIB_VERSION_STYLE $RUBY_LIB_VERSION_STYLE"
- echo '#define STRINGIZE(x) x'
@ -53,11 +53,11 @@ index db37cd6..6e73fae 100644
- } > conftest.c
- ruby_version="`$CPP -I. -I"${srcdir}" -I"${srcdir}/include" conftest.c | sed '/^ruby_version=/!d;s/ //g'`"
- eval $ruby_version
-elif test -z "${ruby_version}"; then
-], [test -z "${ruby_version}"], [
- AC_MSG_ERROR([No ruby version, No place for bundled libraries])
-else
-], [
- RUBY_LIB_VERSION="${ruby_version}"
-fi
-])
+RUBY_LIB_VERSION_STYLE='3 /* full */'
+{
+echo "#define RUBY_LIB_VERSION_STYLE $RUBY_LIB_VERSION_STYLE"
@ -118,9 +118,9 @@ index db37cd6..6e73fae 100644
- [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby/${ruby_version}'}${multiarch-'${vendorlibdir}/${sitearch}'}])
+ [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
if test "${LOAD_RELATIVE+set}"; then
AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
@@ -4459,6 +4462,7 @@ AC_SUBST(sitearchincludedir)dnl
@@ -4284,6 +4287,7 @@ AC_SUBST(sitearchincludedir)dnl
AC_SUBST(arch)dnl
AC_SUBST(sitearch)dnl
AC_SUBST(ruby_version)dnl
@ -137,9 +137,9 @@ index 8a2c066..c81b211 100644
TEENY=@TEENY@
ruby_version=@ruby_version@
+ruby_version_dir_name=@ruby_version_dir_name@
RUBY_API_VERSION=@RUBY_API_VERSION@
RUBY_PROGRAM_VERSION=@RUBY_PROGRAM_VERSION@
RUBY_BASE_NAME=@RUBY_BASE_NAME@
RUBY_VERSION_NAME=@RUBY_VERSION_NAME@
--
2.1.0
@ -245,7 +245,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
index 0428bea..b6e090e 100644
--- a/test/rubygems/test_gem.rb
+++ b/test/rubygems/test_gem.rb
@@ -1124,7 +1124,8 @@ def test_self_use_paths
@@ -1156,7 +1156,8 @@ def test_self_use_paths
def test_self_user_dir
parts = [@userhome, '.gem', Gem.ruby_engine]
@ -255,7 +255,7 @@ index 0428bea..b6e090e 100644
assert_equal File.join(parts), Gem.user_dir
end
@@ -1251,7 +1252,7 @@ def test_self_user_home_user_drive_and_path
@@ -1283,7 +1284,7 @@ def test_self_user_home_user_drive_and_path
def test_self_vendor_dir
expected =
File.join RbConfig::CONFIG['vendordir'], 'gems',
@ -275,14 +275,14 @@ Subject: [PATCH 4/4] Let headers directories follow the configured version
name.
---
configure.in | 2 +-
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.in b/configure.in
index 6e73fae..c842725 100644
--- a/configure.in
+++ b/configure.in
@@ -271,7 +271,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"`
diff --git a/configure.ac b/configure.ac
index a00f2b6776..999e2d6d5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -164,7 +164,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"`
RUBYW_BASE_NAME=`echo rubyw | sed "$program_transform_name"`
AC_SUBST(RUBY_BASE_NAME)
AC_SUBST(RUBYW_BASE_NAME)

5
ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
View File

@ -15,7 +15,7 @@ diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb
index 1da3d93..65148a1 100644
--- a/test/fiddle/helper.rb
+++ b/test/fiddle/helper.rb
@@ -6,98 +6,6 @@
@@ -6,95 +6,6 @@
libc_so = libm_so = nil
@ -23,9 +23,6 @@ index 1da3d93..65148a1 100644
-when /cygwin/
- libc_so = "cygwin1.dll"
- libm_so = "cygwin1.dll"
-when /x86_64-linux/
- libc_so = "/lib64/libc.so.6"
- libm_so = "/lib64/libm.so.6"
-when /linux/
- libdir = '/lib'
- case [0].pack('L!').size

156
ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch
View File

@ -1,156 +0,0 @@
From 1281e56682692859e726e24fff30e44aac6f948b Mon Sep 17 00:00:00 2001
From: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 11 Oct 2017 13:48:14 +0000
Subject: [PATCH] merge revision(s) 60149: [Backport #14003]
Merge rubygems-2.6.14 changes.
It fixed http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@60168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
lib/rubygems.rb | 5 +++--
lib/rubygems/config_file.rb | 2 +-
lib/rubygems/package.rb | 2 +-
lib/rubygems/package/old.rb | 2 +-
lib/rubygems/safe_yaml.rb | 48 +++++++++++++++++++++++++++++++++++++++++++
lib/rubygems/specification.rb | 2 +-
6 files changed, 55 insertions(+), 6 deletions(-)
create mode 100644 lib/rubygems/safe_yaml.rb
diff --git a/lib/rubygems.rb b/lib/rubygems.rb
index 55aa85b8b2bd..0685bcb3c629 100644
--- a/lib/rubygems.rb
+++ b/lib/rubygems.rb
@@ -10,7 +10,7 @@
require 'thread'
module Gem
- VERSION = "2.6.13"
+ VERSION = "2.6.14"
end
# Must be first since it unloads the prelude from 1.9.2
@@ -675,7 +675,7 @@ def self.load_yaml
unless test_syck
begin
- gem 'psych', '>= 1.2.1'
+ gem 'psych', '>= 2.0.0'
rescue Gem::LoadError
# It's OK if the user does not have the psych gem installed. We will
# attempt to require the stdlib version
@@ -699,6 +699,7 @@ def self.load_yaml
end
require 'yaml'
+ require 'rubygems/safe_yaml'
# If we're supposed to be using syck, then we may have to force
# activate it via the YAML::ENGINE API.
diff --git a/lib/rubygems/config_file.rb b/lib/rubygems/config_file.rb
index c95d7dd1f14e..63583b361615 100644
--- a/lib/rubygems/config_file.rb
+++ b/lib/rubygems/config_file.rb
@@ -345,7 +345,7 @@ def load_file(filename)
return {} unless filename and File.exist? filename
begin
- content = YAML.load(File.read(filename))
+ content = Gem::SafeYAML.load(File.read(filename))
unless content.kind_of? Hash
warn "Failed to load #{filename} because it doesn't contain valid YAML hash"
return {}
diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb
index c36e71d800a2..77811ed5ecaa 100644
--- a/lib/rubygems/package.rb
+++ b/lib/rubygems/package.rb
@@ -468,7 +468,7 @@ def read_checksums gem
@checksums = gem.seek 'checksums.yaml.gz' do |entry|
Zlib::GzipReader.wrap entry do |gz_io|
- YAML.load gz_io.read
+ Gem::SafeYAML.safe_load gz_io.read
end
end
end
diff --git a/lib/rubygems/package/old.rb b/lib/rubygems/package/old.rb
index 5e722baa3540..071f7141ab78 100644
--- a/lib/rubygems/package/old.rb
+++ b/lib/rubygems/package/old.rb
@@ -101,7 +101,7 @@ def file_list io # :nodoc:
header << line
end
- YAML.load header
+ Gem::SafeYAML.safe_load header
end
##
diff --git a/lib/rubygems/safe_yaml.rb b/lib/rubygems/safe_yaml.rb
new file mode 100644
index 000000000000..b98cfaa5e60d
--- /dev/null
+++ b/lib/rubygems/safe_yaml.rb
@@ -0,0 +1,48 @@
+module Gem
+
+ ###
+ # This module is used for safely loading YAML specs from a gem. The
+ # `safe_load` method defined on this module is specifically designed for
+ # loading Gem specifications. For loading other YAML safely, please see
+ # Psych.safe_load
+
+ module SafeYAML
+ WHITELISTED_CLASSES = %w(
+ Symbol
+ Time
+ Date
+ Gem::Dependency
+ Gem::Platform
+ Gem::Requirement
+ Gem::Specification
+ Gem::Version
+ Gem::Version::Requirement
+ YAML::Syck::DefaultKey
+ Syck::DefaultKey
+ )
+
+ WHITELISTED_SYMBOLS = %w(
+ development
+ runtime
+ )
+
+ if ::YAML.respond_to? :safe_load
+ def self.safe_load input
+ ::YAML.safe_load(input, WHITELISTED_CLASSES, WHITELISTED_SYMBOLS, true)
+ end
+
+ def self.load input
+ ::YAML.safe_load(input, [::Symbol])
+ end
+ else
+ warn "YAML safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)."
+ def self.safe_load input, *args
+ ::YAML.load input
+ end
+
+ def self.load input
+ ::YAML.load input
+ end
+ end
+ end
+end
diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb
index 88e320c05ac9..40e3a70d476c 100644
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
@@ -1101,7 +1101,7 @@ def self.from_yaml(input)
Gem.load_yaml
input = normalize_yaml_input input
- spec = YAML.load input
+ spec = Gem::SafeYAML.safe_load input
if spec && spec.class == FalseClass then
raise Gem::EndOfYAMLException

166
ruby.spec
View File

@ -2,8 +2,8 @@
%{?scl:%scl_package ruby}
%global major_version 2
%global minor_version 4
%global teeny_version 2
%global minor_version 5
%global teeny_version 0
%global major_minor_version %{major_version}.%{minor_version}
%global ruby_version %{major_minor_version}.%{teeny_version}
@ -13,7 +13,7 @@
#%%global milestone rc1
# Keep the revision enabled for pre-releases from SVN.
#%%global revision 57159
%global revision 61214
%global ruby_archive %{pkg_name}-%{ruby_version}
@ -24,7 +24,7 @@
%endif
%global release 86
%global release 1
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
# The RubyGems library has to stay out of Ruby directory three, since the
@ -32,26 +32,27 @@
%global rubygems_dir %{_datadir}/rubygems
# Bundled libraries versions
%global rubygems_version 2.6.14
%global rubygems_version 2.7.3
%global molinillo_version 0.5.7
# TODO: The IRB has strange versioning. Keep the Ruby's versioning ATM.
# http://redmine.ruby-lang.org/issues/5313
%global irb_version %{ruby_version}
%global bigdecimal_version 1.3.0
%global did_you_mean_version 1.1.0
%global bigdecimal_version 1.3.3
%global bundler_version 1.16.1.pre1
%global did_you_mean_version 1.1.2
%global io_console_version 0.4.6
%global json_version 2.0.4
%global minitest_version 5.10.1
%global json_version 2.1.0
%global minitest_version 5.10.3
%global net_telnet_version 0.1.1
%global openssl_version 2.0.5
%global power_assert_version 0.4.1
%global psych_version 2.2.2
%global rake_version 12.0.0
%global rdoc_version 5.0.0
%global test_unit_version 3.2.3
%global xmlrpc_version 0.2.1
%global openssl_version 2.1.0.beta2
%global power_assert_version 1.1.1
%global psych_version 3.0.0
%global rake_version 12.3.0
%global rdoc_version 6.0.0
%global test_unit_version 3.2.7
%global xmlrpc_version 0.3.0
# Might not be needed in the future, if we are lucky enough.
# https://bugzilla.redhat.com/show_bug.cgi?id=888262
@ -70,7 +71,7 @@
%bcond_without cmake
%if 0%{?fedora}
%global with_checksec 1
%bcond_without hardening_test
%endif
Summary: An interpreter of object-oriented scripting language
@ -93,10 +94,12 @@ Source4: macros.ruby
Source5: macros.rubygems
Source6: abrt_prelude.rb
# This wrapper fixes https://bugzilla.redhat.com/show_bug.cgi?id=977941
# Hopefully, it will get removed soon:
# It was fixed by multilib-rpm-config on Fedora.
# But multilib-rpm-config is not available on RHEL7.
# https://fedorahosted.org/fpc/ticket/312
# https://bugzilla.redhat.com/show_bug.cgi?id=977941
Source7: config.h
# We do not provide RPM dependency generators on SCL that is on Fedora.
# ABRT hoook test case.
Source12: test_abrt.rb
# SystemTap tests.
@ -140,21 +143,38 @@ Patch7: ruby-2.2.3-Generate-preludes-using-miniruby.patch
# hardening features of glibc (rhbz#1361037).
# https://bugs.ruby-lang.org/issues/12666
Patch9: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
# CVE-2017-0903: Fix unsafe object deserialization through YAML formatted gem
# specifications.
# https://bugs.ruby-lang.org/issues/14003
Patch10: ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch
Requires: %{?scl_prefix}%{pkg_name}-libs%{?_isa} = %{version}-%{release}
Requires: %{?scl_prefix}ruby(rubygems) >= %{rubygems_version}
# We keep default installed gems that is sub pacakge as Requires.
# Make the bigdecimal gem a runtime dependency of Ruby to avoid problems
# with user-installed gems, that don't require it in gemspec/Gemfile
# See https://bugzilla.redhat.com/show_bug.cgi?id=829209
# and http://bugs.ruby-lang.org/issues/6123
# TODO: other gems required?
Requires: %{?scl_prefix}rubygem(bigdecimal) >= %{bigdecimal_version}
Requires: %{?scl_prefix}rubygem(did_you_mean) >= %{did_you_mean_version}
# Requires: %%{?scl_prefix}rubygem(bundler) >= %%{bundler_version}
# Requires: %%{?scl_prefix}rubygem(cmath) >= %%{cmath_version}
# Requires: %%{?scl_prefix}rubygem(csv) >= %%{csv_version}
# Requires: %%{?scl_prefix}rubygem(date) >= %%{date_version}
# Requires: %%{?scl_prefix}rubygem(dbm) >= %%{dbm_version}
# Requires: %%{?scl_prefix}rubygem(digest) >= %%{digest_version}
# Requires: %%{?scl_prefix}rubygem(etc) >= %%{etc_version}
# Requires: %%{?scl_prefix}rubygem(fcntl) >= %%{fcntl_version}
# Requires: %%{?scl_prefix}rubygem(fileutils) >= %%{fileutils_version}
# Requires: %%{?scl_prefix}rubygem(gdbm) >= %%{gdbm_version}
Requires: %{?scl_prefix}rubygem(io-console) >= %{io_console_version}
# Requires: %%{?scl_prefix}rubygem(ipaddr) >= %%{ipaddr_version}
Requires: %{?scl_prefix}rubygem(json) >= %{json_version}
Requires: %{?scl_prefix}rubygem(openssl) >= %{openssl_version}
%{?scl:BuildRequires: %{scl}-runtime}
Requires: %{?scl_prefix}rubygem(psych) >= %{psych_version}
Requires: %{?scl_prefix}rubygem(rdoc) >= %{rdoc_version}
# Requires: %%{?scl_prefix}rubygem(scanf) >= %%{scanf_version}
# Requires: %%{?scl_prefix}rubygem(sdbm) >= %%{sdbm_version}
# Requires: %%{?scl_prefix}rubygem(stringio) >= %%{stringio_version}
# Requires: %%{?scl_prefix}rubygem(strscan) >= %%{strscan_version}
# Requires: %%{?scl_prefix}rubygem(webrick) >= %%{webrick_version}
# Requires: %%{?scl_prefix}rubygem(zlib) >= %%{zlib_version}
BuildRequires: autoconf
BuildRequires: gdbm-devel
BuildRequires: libffi-devel
@ -168,7 +188,7 @@ BuildRequires: procps
%{?with_git:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/git}
%{?with_cmake:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/cmake}
# Required to test hardening.
%{?with_checksec:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/checksec}
%{?with_hardening_test:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/checksec}
# This package provides %%{_bindir}/ruby-mri therefore it is marked by this
# virtual provide. It can be installed as dependency of rubypick.
@ -185,6 +205,9 @@ straight-forward, and extensible.
Summary: A Ruby development environment
Group: Development/Languages
Requires: %{?scl_prefix}%{pkg_name}%{?_isa} = %{version}-%{release}
# This would not be needed if ~50 packages depending on -devel used
# --disable-gems
Requires: %{?scl_prefix}rubygems
%description devel
Header files and libraries for building an extension library for the
@ -194,8 +217,6 @@ Ruby or an application embedding Ruby.
Summary: Libraries necessary to run Ruby
Group: Development/Libraries
License: Ruby or BSD
# This could be removed once rhbz#1054711 is resolved.
%{?scl:Requires: %{scl}-runtime}
Provides: %{?scl_prefix}ruby(release) = %{ruby_release}
# Virtual provides for CCAN copylibs.
@ -518,30 +539,6 @@ rm -rf ext/fiddle/libffi*
%patch6 -p1
%patch7 -p1
%patch9 -p1
%patch10 -p1
# Allow to use autoconf 2.63.
sed -i '/AC_PREREQ/ s/(.*)/(2.62)/' configure.in
# AS_FOR is not supported on RHEL6, inject our own version.
cat >> acinclude.m4 <<\EOF
m4_ifndef([AS_FOR], [
m4_define([AS_FOR], [
m4_pushdef([$1], [$$2])
for $2 in $3; do
$4
done
m4_popdef([$1])
])
])
EOF
# autoconf in RHEL6 does not support AS_FUNCTION_DESCRIBE, but it cannot be
# dropped on RHEL7, since the AS_REQUIRE_SHELL_FN changed signatures :/
%if 0%{?rhel} == 6
sed -i '/AS_FUNCTION_DESCRIBE/ s/^/#/' configure.in
sed -i '/AS_FUNCTION_DESCRIBE/ s/^/#/' acinclude.m4
%endif
# Provide an example of usage of the tapset:
cp -a %{SOURCE3} .
@ -633,6 +630,9 @@ mkdir -p %{buildroot}%{_exec_prefix}/lib{,64}/gems/%{pkg_name}
mkdir -p %{buildroot}%{gem_dir}/gems/rdoc-%{rdoc_version}/lib
mv %{buildroot}%{ruby_libdir}/rdoc* %{buildroot}%{gem_dir}/gems/rdoc-%{rdoc_version}/lib
mv %{buildroot}%{gem_dir}/specifications/default/rdoc-%{rdoc_version}.gemspec %{buildroot}%{gem_dir}/specifications
# Below rdoc symbolic links' change is only on SCL. Not on Fedora.
# http://pkgs.devel.redhat.com/cgit/rpms/ruby/commit/?id=369e65c
# https://src.fedoraproject.org/rpms/ruby/pull-request/9
ln -s %{gem_dir}/gems/rdoc-%{rdoc_version}/lib/rdoc.rb %{buildroot}%{ruby_libdir}/rdoc.rb
ln -s %{gem_dir}/gems/rdoc-%{rdoc_version}/lib/rdoc %{buildroot}%{ruby_libdir}/rdoc
@ -666,7 +666,12 @@ mkdir -p %{buildroot}%{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version}
mv %{buildroot}%{ruby_libdir}/openssl* %{buildroot}%{gem_dir}/gems/openssl-%{openssl_version}/lib
mv %{buildroot}%{ruby_libarchdir}/openssl.so %{buildroot}%{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version}/
mv %{buildroot}%{gem_dir}/specifications/default/openssl-%{openssl_version}.gemspec %{buildroot}%{gem_dir}/specifications
ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl %{buildroot}%{ruby_libdir}/openssl
# This used to be directory when OpenSSL was integral part of StdLib => Keep
# it as directory and link everything in it to prevent directory => symlink
# conversion RPM issues.
mkdir -p %{buildroot}%{ruby_libdir}/openssl
find %{buildroot}%{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl -maxdepth 1 -type f -exec \
sh -c 'ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl/`basename {}` %{buildroot}%{ruby_libdir}/openssl' \;
ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl.rb %{buildroot}%{ruby_libdir}/openssl.rb
ln -s %{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version}/openssl.so %{buildroot}%{ruby_libarchdir}/openssl.so
@ -679,6 +684,18 @@ ln -s %{gem_dir}/gems/psych-%{psych_version}/lib/psych %{buildroot}%{ruby_libdir
ln -s %{gem_dir}/gems/psych-%{psych_version}/lib/psych.rb %{buildroot}%{ruby_libdir}/psych.rb
ln -s %{_libdir}/gems/%{pkg_name}/psych-%{psych_version}/psych.so %{buildroot}%{ruby_libarchdir}/psych.so
# Remove Bundler until it is really necessary.
rm -rf %{buildroot}%{ruby_libdir}/bundler
rm -rf %{buildroot}%{gem_dir}/gems/bundler-%{bundler_version}
rm -rf %{buildroot}%{gem_dir}/specifications/default/bundler-%{bundler_version}.gemspec
rm %{buildroot}%{_bindir}/bundle*
# Move the binary extensions into proper place (if no gem has binary extension,
# the extensions directory might be empty).
find %{buildroot}%{gem_dir}/extensions/*-%{_target_os}/%{ruby_version}/* -maxdepth 0 \
-exec mv '{}' %{buildroot}%{_libdir}/gems/%{name}/ \; \
|| echo "No gem binary extensions to move."
# Adjust the gemspec files so that the gems will load properly
sed -i '/^end$/ i\
s.extensions = ["json/ext/parser.so", "json/ext/generator.so"]' %{buildroot}%{gem_dir}/specifications/json-%{json_version}.gemspec
@ -708,7 +725,7 @@ sed -i 's/^/%lang(ja) /' .ruby-doc.ja
%check
# Ruby software collection tests
%{?scl:scl enable %scl - << \EOF
set -e
set -ex
mkdir -p ./lib/rubygems/defaults
cp %{SOURCE1} ./lib/rubygems/defaults
sed 's/@SCL@/%{scl}/' %{SOURCE14} > ./%{basename:%{SOURCE14}}
@ -716,7 +733,7 @@ make test-all TESTS="%{basename:%{SOURCE14}}"
rm -rf ./lib/rubygems/defaults ./%{basename:%{SOURCE14}}
EOF}
%if 0%{?with_checksec}
%if 0%{?with_hardening_test}
# Check Ruby hardening.
checksec -f libruby.so.%{ruby_version} | \
grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*Yes.*\d*.*\d*.*libruby.so.%{ruby_version}"
@ -746,6 +763,11 @@ DISABLE_TESTS=""
# Once seen: http://koji.fedoraproject.org/koji/taskinfo?taskID=12556650
DISABLE_TESTS="$DISABLE_TESTS -x test_fork.rb"
# Disable failing TestResolvMDNS#test_mdns_each_address test,
# which fails on Koji.
# https://bugs.ruby-lang.org/issues/14175
sed -i '/def test_mdns_each_address$/,/^ end$/ s/^/#/' test/resolv/test_mdns.rb
make check TESTS="-v $DISABLE_TESTS"
%post libs -p /sbin/ldconfig
@ -753,10 +775,6 @@ make check TESTS="-v $DISABLE_TESTS"
%postun libs -p /sbin/ldconfig
%files
# There is no %%license macro on RHEL6.
# https://bugzilla.redhat.com/show_bug.cgi?id=1386246
%{!?_licensedir:%global license %%doc}
%license BSDL
%license COPYING
%lang(ja) %license COPYING.ja
@ -813,7 +831,6 @@ make check TESTS="-v $DISABLE_TESTS"
%{ruby_libdir}/net
%{ruby_libdir}/optparse
%{ruby_libdir}/racc
%{ruby_libdir}/rbconfig
%{ruby_libdir}/rexml
%{ruby_libdir}/rinda
%{ruby_libdir}/ripper
@ -910,9 +927,6 @@ make check TESTS="-v $DISABLE_TESTS"
%dir %{ruby_libarchdir}/io
%{ruby_libarchdir}/io/nonblock.so
%{ruby_libarchdir}/io/wait.so
%dir %{ruby_libarchdir}/mathn
%{ruby_libarchdir}/mathn/complex.so
%{ruby_libarchdir}/mathn/rational.so
%{ruby_libarchdir}/nkf.so
%{ruby_libarchdir}/objspace.so
%{ruby_libarchdir}/pathname.so
@ -936,10 +950,8 @@ make check TESTS="-v $DISABLE_TESTS"
%files -n %{?scl_prefix}rubygems
%{_bindir}/gem
%dir %{rubygems_dir}
%{rubygems_dir}/rbconfig
%{rubygems_dir}/rubygems
%{rubygems_dir}/rubygems.rb
%{rubygems_dir}/ubygems.rb
# Explicitly include only RubyGems directory strucure to avoid accidentally
# packaged content.
@ -956,6 +968,25 @@ make check TESTS="-v $DISABLE_TESTS"
%exclude %{gem_dir}/cache/*
# TODO: Gemify these libraries
%{gem_dir}/specifications/default/cmath-1.0.0.gemspec
%{gem_dir}/specifications/default/csv-1.0.0.gemspec
%{gem_dir}/specifications/default/date-1.0.0.gemspec
%{gem_dir}/specifications/default/dbm-1.0.0.gemspec
%{gem_dir}/specifications/default/digest-0.1.0.gemspec
%{gem_dir}/specifications/default/etc-1.0.0.gemspec
%{gem_dir}/specifications/default/fcntl-1.0.0.gemspec
%{gem_dir}/specifications/default/fiddle-1.0.0.gemspec
%{gem_dir}/specifications/default/fileutils-1.0.1.gemspec
%{gem_dir}/specifications/default/gdbm-2.0.0.gemspec
%{gem_dir}/specifications/default/ipaddr-1.2.0.gemspec
%{gem_dir}/specifications/default/scanf-1.0.0.gemspec
%{gem_dir}/specifications/default/sdbm-1.0.0.gemspec
%{gem_dir}/specifications/default/stringio-0.0.1.gemspec
%{gem_dir}/specifications/default/strscan-0.0.1.gemspec
%{gem_dir}/specifications/default/webrick-1.4.0.beta1.gemspec
%{gem_dir}/specifications/default/zlib-1.0.0.gemspec
%files -n %{?scl_prefix}rubygems-devel
%config(noreplace) %{_root_sysconfdir}/rpm/macros.rubygems%{?scl:.%{scl}}
@ -1049,14 +1080,21 @@ make check TESTS="-v $DISABLE_TESTS"
%files -n %{?scl_prefix}rubygem-xmlrpc
%license %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/LICENSE.txt
%dir %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}
%exclude %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/.*
%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/Gemfile
%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/Rakefile
%doc %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/README.md
%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/bin
%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/lib
%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/xmlrpc.gemspec
%{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
%changelog
* Thu Dec 14 2017 Jun Aruga <jaruga@redhat.com> - 2.5.0-1.r61214
- Upgrade to Ruby 2.5.0 (r61214).
- Remove Patch10 for CVE-2017-0903.
- Remove SCL runtime generated automatically by scl-utils on RHEL7.
* Mon Oct 30 2017 Vít Ondruch <vondruch@redhat.com> - 2.4.2-86
- Upgrade to Ruby 2.4.2.
* Remove Patch10: ruby-2.4.0-vm_insnhelper.c-block-argument-at-tailcall.patch;

2
sources
View File

@ -1 +1 @@
a991f06ea1a1d421f7888c75f80f12d6 ruby-2.4.2.tar.xz
6aed578e66e0e4eeeecfb8f07eb7ed2a ruby-2.5.0-r61214.tar.xz