diff --git a/ruby-1.9.3-mkmf-verbose.patch b/ruby-1.9.3-mkmf-verbose.patch index d94ef7f..f2a1408 100644 --- a/ruby-1.9.3-mkmf-verbose.patch +++ b/ruby-1.9.3-mkmf-verbose.patch @@ -11,7 +11,7 @@ diff --git a/lib/mkmf.rb b/lib/mkmf.rb index 682eb46..e6b1445 100644 --- a/lib/mkmf.rb +++ b/lib/mkmf.rb -@@ -1897,7 +1897,7 @@ def configuration(srcdir) +@@ -1899,7 +1899,7 @@ def configuration(srcdir) SHELL = /bin/sh # V=0 quiet, V=1 verbose. other values don't work. diff --git a/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch b/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch index 3e29d1b..da5eea6 100644 --- a/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch +++ b/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch @@ -6,14 +6,14 @@ Subject: [PATCH] Allow to specify addition preludes by configuration option. --- Makefile.in | 2 ++ common.mk | 2 +- - configure.in | 7 +++++++ + configure.ac | 7 +++++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 7e8ed82..7916993 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -116,6 +116,8 @@ XRUBY_RUBYLIBDIR = @XRUBY_RUBYLIBDIR@ +@@ -119,6 +119,8 @@ XRUBY_RUBYLIBDIR = @XRUBY_RUBYLIBDIR@ XRUBY_RUBYHDRDIR = @XRUBY_RUBYHDRDIR@ BOOTSTRAPRUBY = @BOOTSTRAPRUBY@ @@ -26,20 +26,20 @@ diff --git a/common.mk b/common.mk index 5cfbc3d..3f0a82e 100644 --- a/common.mk +++ b/common.mk -@@ -144,7 +144,7 @@ ALLOBJS = $(NORMALMAINOBJ) $(MINIOBJS) $(COMMONOBJS) $(INITOBJS) +@@ -147,7 +147,7 @@ ALLOBJS = $(NORMALMAINOBJ) $(MINIOBJS) $(COMMONOBJS) $(INITOBJS) GOLFOBJS = goruby.$(OBJEXT) golf_prelude.$(OBJEXT) DEFAULT_PRELUDES = $(GEM_PRELUDE) --PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(srcdir)/enc/prelude.rb $(DEFAULT_PRELUDES) -+PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(srcdir)/enc/prelude.rb $(DEFAULT_PRELUDES) $(OPTIONAL_PRELUDES) +-PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(DEFAULT_PRELUDES) ++PRELUDE_SCRIPTS = $(srcdir)/prelude.rb $(DEFAULT_PRELUDES) $(OPTIONAL_PRELUDES) GEM_PRELUDE = $(srcdir)/gem_prelude.rb PRELUDES = {$(srcdir)}prelude.c {$(srcdir)}miniprelude.c GOLFPRELUDES = {$(srcdir)}golf_prelude.c -diff --git a/configure.in b/configure.in -index 0e371e2..d4f1dcb 100644 ---- a/configure.in -+++ b/configure.in -@@ -4563,6 +4563,13 @@ AC_SUBST(rubyarchhdrdir)dnl +diff --git a/configure.ac b/configure.ac +index 028ef7ca3e..cdeff87871 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4387,6 +4387,13 @@ AC_SUBST(rubyarchhdrdir)dnl AC_SUBST(sitearchhdrdir)dnl AC_SUBST(vendorarchhdrdir)dnl diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index bc75f5e..09696d3 100644 --- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -4,15 +4,15 @@ Date: Tue, 1 Oct 2013 12:22:40 +0200 Subject: [PATCH] Allow to configure libruby.so placement. --- - configure.in | 5 +++++ + configure.ac | 5 +++++ 1 file changed, 5 insertions(+) -diff --git a/configure.in b/configure.in -index 37d9a62..553d4d0 100644 ---- a/configure.in -+++ b/configure.in -@@ -3823,6 +3823,11 @@ if test ${multiarch+set}; then - fi +diff --git a/configure.ac b/configure.ac +index 11fc237552..b77e88fc37 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -3632,6 +3632,11 @@ AS_IF([test ${multiarch+set}], [ + ]) archlibdir='${libdir}/${arch}' +AC_ARG_WITH(archlibdir, diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index 489a1b8..b306612 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -5,16 +5,16 @@ Subject: [PATCH] Prevent duplicated paths when empty version string is configured. --- - configure.in | 3 ++- + configure.ac | 3 ++- loadpath.c | 12 ++++++++++++ tool/mkconfig.rb | 2 +- 3 files changed, 15 insertions(+), 2 deletions(-) -diff --git a/configure.in b/configure.in -index db37cd6..ce8d149 100644 ---- a/configure.in -+++ b/configure.in -@@ -4417,7 +4417,8 @@ AS_CASE(["$ruby_version_dir_name"], +diff --git a/configure.ac b/configure.ac +index 999e2d6d5d..11fc237552 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4242,7 +4242,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then @@ -28,7 +28,7 @@ diff --git a/loadpath.c b/loadpath.c index 9160031..0d4d953 100644 --- a/loadpath.c +++ b/loadpath.c -@@ -65,22 +65,34 @@ const char ruby_initial_load_paths[] = +@@ -65,21 +65,33 @@ const char ruby_initial_load_paths[] = RUBY_SEARCH_PATH "\0" #endif #ifndef NO_RUBY_SITE_LIB @@ -58,16 +58,15 @@ index 9160031..0d4d953 100644 RUBY_VENDOR_ARCH_LIB_FOR(RUBY_SITEARCH) "\0" +#ifndef RUBY_LIB_VERSION_BLANK RUBY_VENDOR_LIB "\0" - #endif +#endif + #endif RUBY_LIB "\0" - #ifdef RUBY_THINARCH diff --git a/tool/mkconfig.rb b/tool/mkconfig.rb index 07076d4..35e6c3c 100755 --- a/tool/mkconfig.rb +++ b/tool/mkconfig.rb -@@ -113,7 +113,7 @@ +@@ -111,7 +111,7 @@ val = val.gsub(/\$(?:\$|\{?(\w+)\}?)/) {$1 ? "$(#{$1})" : $&}.dump case name when /^prefix$/ diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index 238cd66..1e51168 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -4,22 +4,22 @@ Date: Mon, 19 Nov 2012 14:37:28 +0100 Subject: [PATCH] Always use i386. --- - configure.in | 2 ++ + configure.ac | 2 ++ 1 file changed, 2 insertions(+) -diff --git a/configure.in b/configure.in -index 553d4d0..03a4152 100644 ---- a/configure.in -+++ b/configure.in -@@ -4481,6 +4481,8 @@ AC_SUBST(vendorarchdir)dnl +diff --git a/configure.ac b/configure.ac +index b77e88fc37..6bba453e3c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4306,6 +4306,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl +target_cpu=`echo $target_cpu | sed s/i.86/i386/` + - if test "${universal_binary-no}" = yes ; then + AS_IF([test "${universal_binary-no}" = yes ], [ arch="universal-${target_os}" - if test "${rb_cv_architecture_available}" = yes; then + AS_IF([test "${rb_cv_architecture_available}" = yes], [ -- 1.8.3.1 diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index 1905381..4ed79e6 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -5,17 +5,17 @@ Subject: [PATCH] Allow to install RubyGems into custom location, outside of Ruby tree. --- - configure.in | 5 +++++ + configure.ac | 5 +++++ loadpath.c | 4 ++++ template/verconf.h.tmpl | 3 +++ - tool/rbinstall.rb | 9 +++++++++ - 4 files changed, 21 insertions(+) + tool/rbinstall.rb | 7 +++++++ + 4 files changed, 19 insertions(+) -diff --git a/configure.in b/configure.in -index 03a4152..0e371e2 100644 ---- a/configure.in -+++ b/configure.in -@@ -4453,6 +4453,10 @@ AC_ARG_WITH(vendorarchdir, +diff --git a/configure.ac b/configure.ac +index 6bba453e3c..028ef7ca3e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4278,6 +4278,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -23,10 +23,10 @@ index 03a4152..0e371e2 100644 + AS_HELP_STRING([--with-rubygemsdir=DIR], [custom rubygems directory]), + [rubygemsdir=$withval]) + - if test "${LOAD_RELATIVE+set}"; then + AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4477,6 +4481,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4302,6 +4306,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl @@ -67,7 +67,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index b47b6e1..0b99408 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb -@@ -330,6 +330,7 @@ def CONFIG.[](name, mandatory = false) +@@ -331,6 +331,7 @@ def CONFIG.[](name, mandatory = false) sitearchlibdir = CONFIG["sitearchdir"] vendorlibdir = CONFIG["vendorlibdir"] vendorarchlibdir = CONFIG["vendorarchdir"] @@ -75,17 +75,15 @@ index b47b6e1..0b99408 100755 mandir = CONFIG["mandir", true] docdir = CONFIG["docdir", true] configure_args = Shellwords.shellwords(CONFIG["configure_args"]) -@@ -517,7 +518,15 @@ def CONFIG.[](name, mandatory = false) +@@ -537,7 +538,13 @@ def install(src, cmd) install?(:local, :comm, :lib) do prepare "library scripts", rubylibdir - noinst = %w[README* *.txt *.rdoc *.gemspec] -+ noinst += %w[*ubygems.rb rubygems/ datadir.rb] if rubygemsdir + noinst = %w[*.txt *.rdoc *.gemspec] ++ noinst += %w[rubygems.rb rubygems/ datadir.rb] if rubygemsdir install_recursive(File.join(srcdir, "lib"), rubylibdir, :no_install => noinst, :mode => $data_mode) + if rubygemsdir + noinst = %w[obsolete.rb] + install_recursive(File.join(srcdir, "lib", "rubygems"), File.join(rubygemsdir, "rubygems"), :mode => $data_mode) -+ install_recursive(File.join(srcdir, "lib", "rbconfig"), File.join(rubygemsdir, "rbconfig"), :no_install => noinst, :mode => $data_mode) -+ install(File.join(srcdir, "lib", "ubygems.rb"), File.join(rubygemsdir, "ubygems.rb"), :mode => $data_mode) + install(File.join(srcdir, "lib", "rubygems.rb"), File.join(rubygemsdir, "rubygems.rb"), :mode => $data_mode) + end end diff --git a/ruby-2.2.3-Generate-preludes-using-miniruby.patch b/ruby-2.2.3-Generate-preludes-using-miniruby.patch index 6e8adc4..05fbaa6 100644 --- a/ruby-2.2.3-Generate-preludes-using-miniruby.patch +++ b/ruby-2.2.3-Generate-preludes-using-miniruby.patch @@ -11,7 +11,7 @@ diff --git a/common.mk b/common.mk index 168dc52..20c218a 100644 --- a/common.mk +++ b/common.mk -@@ -873,9 +873,9 @@ $(MINIPRELUDE_C): $(COMPILE_PRELUDE) +@@ -956,9 +956,9 @@ $(MINIPRELUDE_C): $(COMPILE_PRELUDE) $(srcdir)/template/prelude.c.tmpl $(PRELUDE_C): $(COMPILE_PRELUDE) \ diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index 80be728..ee00a35 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -12,15 +12,15 @@ ruby_version_dir_name now specifies custom version string for versioned directories, e.g. instead of default X.Y.Z, you can specify whatever string. --- - configure.in | 64 ++++++++++++++++++++++++++++------------------------- + configure.ac | 64 ++++++++++++++++++++++++++++------------------------- template/ruby.pc.in | 1 + 2 files changed, 35 insertions(+), 30 deletions(-) -diff --git a/configure.in b/configure.in -index db37cd6..6e73fae 100644 ---- a/configure.in -+++ b/configure.in -@@ -4368,9 +4368,6 @@ AS_CASE(["$target_os"], +diff --git a/configure.ac b/configure.ac +index 8ea969412f..a00f2b6776 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4193,9 +4193,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index db37cd6..6e73fae 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -4393,56 +4390,62 @@ AC_ARG_WITH(ridir, +@@ -4218,56 +4215,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -43,7 +43,7 @@ index db37cd6..6e73fae 100644 -AS_CASE(["$ruby_version"], - [full], [RUBY_LIB_VERSION_STYLE='3 /* full */'], - [minor], [RUBY_LIB_VERSION_STYLE='2 /* minor */']) --if test ${RUBY_LIB_VERSION_STYLE+set}; then +-AS_IF([test ${RUBY_LIB_VERSION_STYLE+set}], [ - { - echo "#define RUBY_LIB_VERSION_STYLE $RUBY_LIB_VERSION_STYLE" - echo '#define STRINGIZE(x) x' @@ -53,11 +53,11 @@ index db37cd6..6e73fae 100644 - } > conftest.c - ruby_version="`$CPP -I. -I"${srcdir}" -I"${srcdir}/include" conftest.c | sed '/^ruby_version=/!d;s/ //g'`" - eval $ruby_version --elif test -z "${ruby_version}"; then +-], [test -z "${ruby_version}"], [ - AC_MSG_ERROR([No ruby version, No place for bundled libraries]) --else +-], [ - RUBY_LIB_VERSION="${ruby_version}" --fi +-]) +RUBY_LIB_VERSION_STYLE='3 /* full */' +{ +echo "#define RUBY_LIB_VERSION_STYLE $RUBY_LIB_VERSION_STYLE" @@ -118,9 +118,9 @@ index db37cd6..6e73fae 100644 - [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby/${ruby_version}'}${multiarch-'${vendorlibdir}/${sitearch}'}]) + [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) - if test "${LOAD_RELATIVE+set}"; then + AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -4459,6 +4462,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -4284,6 +4287,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl @@ -137,9 +137,9 @@ index 8a2c066..c81b211 100644 TEENY=@TEENY@ ruby_version=@ruby_version@ +ruby_version_dir_name=@ruby_version_dir_name@ + RUBY_API_VERSION=@RUBY_API_VERSION@ RUBY_PROGRAM_VERSION=@RUBY_PROGRAM_VERSION@ RUBY_BASE_NAME=@RUBY_BASE_NAME@ - RUBY_VERSION_NAME=@RUBY_VERSION_NAME@ -- 2.1.0 @@ -245,7 +245,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb index 0428bea..b6e090e 100644 --- a/test/rubygems/test_gem.rb +++ b/test/rubygems/test_gem.rb -@@ -1124,7 +1124,8 @@ def test_self_use_paths +@@ -1156,7 +1156,8 @@ def test_self_use_paths def test_self_user_dir parts = [@userhome, '.gem', Gem.ruby_engine] @@ -255,7 +255,7 @@ index 0428bea..b6e090e 100644 assert_equal File.join(parts), Gem.user_dir end -@@ -1251,7 +1252,7 @@ def test_self_user_home_user_drive_and_path +@@ -1283,7 +1284,7 @@ def test_self_user_home_user_drive_and_path def test_self_vendor_dir expected = File.join RbConfig::CONFIG['vendordir'], 'gems', @@ -275,14 +275,14 @@ Subject: [PATCH 4/4] Let headers directories follow the configured version name. --- - configure.in | 2 +- + configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/configure.in b/configure.in -index 6e73fae..c842725 100644 ---- a/configure.in -+++ b/configure.in -@@ -271,7 +271,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"` +diff --git a/configure.ac b/configure.ac +index a00f2b6776..999e2d6d5d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -164,7 +164,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"` RUBYW_BASE_NAME=`echo rubyw | sed "$program_transform_name"` AC_SUBST(RUBY_BASE_NAME) AC_SUBST(RUBYW_BASE_NAME) diff --git a/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch b/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch index 8765d2a..2dc17e3 100644 --- a/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch +++ b/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch @@ -15,7 +15,7 @@ diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb index 1da3d93..65148a1 100644 --- a/test/fiddle/helper.rb +++ b/test/fiddle/helper.rb -@@ -6,98 +6,6 @@ +@@ -6,95 +6,6 @@ libc_so = libm_so = nil @@ -23,9 +23,6 @@ index 1da3d93..65148a1 100644 -when /cygwin/ - libc_so = "cygwin1.dll" - libm_so = "cygwin1.dll" --when /x86_64-linux/ -- libc_so = "/lib64/libc.so.6" -- libm_so = "/lib64/libm.so.6" -when /linux/ - libdir = '/lib' - case [0].pack('L!').size diff --git a/ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch b/ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch deleted file mode 100644 index a7272f0..0000000 --- a/ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch +++ /dev/null @@ -1,156 +0,0 @@ -From 1281e56682692859e726e24fff30e44aac6f948b Mon Sep 17 00:00:00 2001 -From: nagachika -Date: Wed, 11 Oct 2017 13:48:14 +0000 -Subject: [PATCH] merge revision(s) 60149: [Backport #14003] - - Merge rubygems-2.6.14 changes. - - It fixed http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@60168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - lib/rubygems.rb | 5 +++-- - lib/rubygems/config_file.rb | 2 +- - lib/rubygems/package.rb | 2 +- - lib/rubygems/package/old.rb | 2 +- - lib/rubygems/safe_yaml.rb | 48 +++++++++++++++++++++++++++++++++++++++++++ - lib/rubygems/specification.rb | 2 +- - 6 files changed, 55 insertions(+), 6 deletions(-) - create mode 100644 lib/rubygems/safe_yaml.rb - -diff --git a/lib/rubygems.rb b/lib/rubygems.rb -index 55aa85b8b2bd..0685bcb3c629 100644 ---- a/lib/rubygems.rb -+++ b/lib/rubygems.rb -@@ -10,7 +10,7 @@ - require 'thread' - - module Gem -- VERSION = "2.6.13" -+ VERSION = "2.6.14" - end - - # Must be first since it unloads the prelude from 1.9.2 -@@ -675,7 +675,7 @@ def self.load_yaml - - unless test_syck - begin -- gem 'psych', '>= 1.2.1' -+ gem 'psych', '>= 2.0.0' - rescue Gem::LoadError - # It's OK if the user does not have the psych gem installed. We will - # attempt to require the stdlib version -@@ -699,6 +699,7 @@ def self.load_yaml - end - - require 'yaml' -+ require 'rubygems/safe_yaml' - - # If we're supposed to be using syck, then we may have to force - # activate it via the YAML::ENGINE API. -diff --git a/lib/rubygems/config_file.rb b/lib/rubygems/config_file.rb -index c95d7dd1f14e..63583b361615 100644 ---- a/lib/rubygems/config_file.rb -+++ b/lib/rubygems/config_file.rb -@@ -345,7 +345,7 @@ def load_file(filename) - return {} unless filename and File.exist? filename - - begin -- content = YAML.load(File.read(filename)) -+ content = Gem::SafeYAML.load(File.read(filename)) - unless content.kind_of? Hash - warn "Failed to load #{filename} because it doesn't contain valid YAML hash" - return {} -diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb -index c36e71d800a2..77811ed5ecaa 100644 ---- a/lib/rubygems/package.rb -+++ b/lib/rubygems/package.rb -@@ -468,7 +468,7 @@ def read_checksums gem - - @checksums = gem.seek 'checksums.yaml.gz' do |entry| - Zlib::GzipReader.wrap entry do |gz_io| -- YAML.load gz_io.read -+ Gem::SafeYAML.safe_load gz_io.read - end - end - end -diff --git a/lib/rubygems/package/old.rb b/lib/rubygems/package/old.rb -index 5e722baa3540..071f7141ab78 100644 ---- a/lib/rubygems/package/old.rb -+++ b/lib/rubygems/package/old.rb -@@ -101,7 +101,7 @@ def file_list io # :nodoc: - header << line - end - -- YAML.load header -+ Gem::SafeYAML.safe_load header - end - - ## -diff --git a/lib/rubygems/safe_yaml.rb b/lib/rubygems/safe_yaml.rb -new file mode 100644 -index 000000000000..b98cfaa5e60d ---- /dev/null -+++ b/lib/rubygems/safe_yaml.rb -@@ -0,0 +1,48 @@ -+module Gem -+ -+ ### -+ # This module is used for safely loading YAML specs from a gem. The -+ # `safe_load` method defined on this module is specifically designed for -+ # loading Gem specifications. For loading other YAML safely, please see -+ # Psych.safe_load -+ -+ module SafeYAML -+ WHITELISTED_CLASSES = %w( -+ Symbol -+ Time -+ Date -+ Gem::Dependency -+ Gem::Platform -+ Gem::Requirement -+ Gem::Specification -+ Gem::Version -+ Gem::Version::Requirement -+ YAML::Syck::DefaultKey -+ Syck::DefaultKey -+ ) -+ -+ WHITELISTED_SYMBOLS = %w( -+ development -+ runtime -+ ) -+ -+ if ::YAML.respond_to? :safe_load -+ def self.safe_load input -+ ::YAML.safe_load(input, WHITELISTED_CLASSES, WHITELISTED_SYMBOLS, true) -+ end -+ -+ def self.load input -+ ::YAML.safe_load(input, [::Symbol]) -+ end -+ else -+ warn "YAML safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)." -+ def self.safe_load input, *args -+ ::YAML.load input -+ end -+ -+ def self.load input -+ ::YAML.load input -+ end -+ end -+ end -+end -diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb -index 88e320c05ac9..40e3a70d476c 100644 ---- a/lib/rubygems/specification.rb -+++ b/lib/rubygems/specification.rb -@@ -1101,7 +1101,7 @@ def self.from_yaml(input) - Gem.load_yaml - - input = normalize_yaml_input input -- spec = YAML.load input -+ spec = Gem::SafeYAML.safe_load input - - if spec && spec.class == FalseClass then - raise Gem::EndOfYAMLException diff --git a/ruby.spec b/ruby.spec index 9c083d3..c418be0 100644 --- a/ruby.spec +++ b/ruby.spec @@ -2,8 +2,8 @@ %{?scl:%scl_package ruby} %global major_version 2 -%global minor_version 4 -%global teeny_version 2 +%global minor_version 5 +%global teeny_version 0 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -13,7 +13,7 @@ #%%global milestone rc1 # Keep the revision enabled for pre-releases from SVN. -#%%global revision 57159 +%global revision 61214 %global ruby_archive %{pkg_name}-%{ruby_version} @@ -24,7 +24,7 @@ %endif -%global release 86 +%global release 1 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory three, since the @@ -32,26 +32,27 @@ %global rubygems_dir %{_datadir}/rubygems # Bundled libraries versions -%global rubygems_version 2.6.14 +%global rubygems_version 2.7.3 %global molinillo_version 0.5.7 # TODO: The IRB has strange versioning. Keep the Ruby's versioning ATM. # http://redmine.ruby-lang.org/issues/5313 %global irb_version %{ruby_version} -%global bigdecimal_version 1.3.0 -%global did_you_mean_version 1.1.0 +%global bigdecimal_version 1.3.3 +%global bundler_version 1.16.1.pre1 +%global did_you_mean_version 1.1.2 %global io_console_version 0.4.6 -%global json_version 2.0.4 -%global minitest_version 5.10.1 +%global json_version 2.1.0 +%global minitest_version 5.10.3 %global net_telnet_version 0.1.1 -%global openssl_version 2.0.5 -%global power_assert_version 0.4.1 -%global psych_version 2.2.2 -%global rake_version 12.0.0 -%global rdoc_version 5.0.0 -%global test_unit_version 3.2.3 -%global xmlrpc_version 0.2.1 +%global openssl_version 2.1.0.beta2 +%global power_assert_version 1.1.1 +%global psych_version 3.0.0 +%global rake_version 12.3.0 +%global rdoc_version 6.0.0 +%global test_unit_version 3.2.7 +%global xmlrpc_version 0.3.0 # Might not be needed in the future, if we are lucky enough. # https://bugzilla.redhat.com/show_bug.cgi?id=888262 @@ -70,7 +71,7 @@ %bcond_without cmake %if 0%{?fedora} -%global with_checksec 1 +%bcond_without hardening_test %endif Summary: An interpreter of object-oriented scripting language @@ -93,10 +94,12 @@ Source4: macros.ruby Source5: macros.rubygems Source6: abrt_prelude.rb # This wrapper fixes https://bugzilla.redhat.com/show_bug.cgi?id=977941 -# Hopefully, it will get removed soon: +# It was fixed by multilib-rpm-config on Fedora. +# But multilib-rpm-config is not available on RHEL7. # https://fedorahosted.org/fpc/ticket/312 # https://bugzilla.redhat.com/show_bug.cgi?id=977941 Source7: config.h +# We do not provide RPM dependency generators on SCL that is on Fedora. # ABRT hoook test case. Source12: test_abrt.rb # SystemTap tests. @@ -140,21 +143,38 @@ Patch7: ruby-2.2.3-Generate-preludes-using-miniruby.patch # hardening features of glibc (rhbz#1361037). # https://bugs.ruby-lang.org/issues/12666 Patch9: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch -# CVE-2017-0903: Fix unsafe object deserialization through YAML formatted gem -# specifications. -# https://bugs.ruby-lang.org/issues/14003 -Patch10: ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization-vulnerability.patch Requires: %{?scl_prefix}%{pkg_name}-libs%{?_isa} = %{version}-%{release} Requires: %{?scl_prefix}ruby(rubygems) >= %{rubygems_version} +# We keep default installed gems that is sub pacakge as Requires. # Make the bigdecimal gem a runtime dependency of Ruby to avoid problems # with user-installed gems, that don't require it in gemspec/Gemfile # See https://bugzilla.redhat.com/show_bug.cgi?id=829209 # and http://bugs.ruby-lang.org/issues/6123 +# TODO: other gems required? Requires: %{?scl_prefix}rubygem(bigdecimal) >= %{bigdecimal_version} -Requires: %{?scl_prefix}rubygem(did_you_mean) >= %{did_you_mean_version} +# Requires: %%{?scl_prefix}rubygem(bundler) >= %%{bundler_version} +# Requires: %%{?scl_prefix}rubygem(cmath) >= %%{cmath_version} +# Requires: %%{?scl_prefix}rubygem(csv) >= %%{csv_version} +# Requires: %%{?scl_prefix}rubygem(date) >= %%{date_version} +# Requires: %%{?scl_prefix}rubygem(dbm) >= %%{dbm_version} +# Requires: %%{?scl_prefix}rubygem(digest) >= %%{digest_version} +# Requires: %%{?scl_prefix}rubygem(etc) >= %%{etc_version} +# Requires: %%{?scl_prefix}rubygem(fcntl) >= %%{fcntl_version} +# Requires: %%{?scl_prefix}rubygem(fileutils) >= %%{fileutils_version} +# Requires: %%{?scl_prefix}rubygem(gdbm) >= %%{gdbm_version} +Requires: %{?scl_prefix}rubygem(io-console) >= %{io_console_version} +# Requires: %%{?scl_prefix}rubygem(ipaddr) >= %%{ipaddr_version} +Requires: %{?scl_prefix}rubygem(json) >= %{json_version} Requires: %{?scl_prefix}rubygem(openssl) >= %{openssl_version} -%{?scl:BuildRequires: %{scl}-runtime} +Requires: %{?scl_prefix}rubygem(psych) >= %{psych_version} +Requires: %{?scl_prefix}rubygem(rdoc) >= %{rdoc_version} +# Requires: %%{?scl_prefix}rubygem(scanf) >= %%{scanf_version} +# Requires: %%{?scl_prefix}rubygem(sdbm) >= %%{sdbm_version} +# Requires: %%{?scl_prefix}rubygem(stringio) >= %%{stringio_version} +# Requires: %%{?scl_prefix}rubygem(strscan) >= %%{strscan_version} +# Requires: %%{?scl_prefix}rubygem(webrick) >= %%{webrick_version} +# Requires: %%{?scl_prefix}rubygem(zlib) >= %%{zlib_version} BuildRequires: autoconf BuildRequires: gdbm-devel BuildRequires: libffi-devel @@ -168,7 +188,7 @@ BuildRequires: procps %{?with_git:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/git} %{?with_cmake:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/cmake} # Required to test hardening. -%{?with_checksec:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/checksec} +%{?with_hardening_test:BuildRequires: %{?_root_bindir}%{!?_root_bindir:%{_bindir}}/checksec} # This package provides %%{_bindir}/ruby-mri therefore it is marked by this # virtual provide. It can be installed as dependency of rubypick. @@ -185,6 +205,9 @@ straight-forward, and extensible. Summary: A Ruby development environment Group: Development/Languages Requires: %{?scl_prefix}%{pkg_name}%{?_isa} = %{version}-%{release} +# This would not be needed if ~50 packages depending on -devel used +# --disable-gems +Requires: %{?scl_prefix}rubygems %description devel Header files and libraries for building an extension library for the @@ -194,8 +217,6 @@ Ruby or an application embedding Ruby. Summary: Libraries necessary to run Ruby Group: Development/Libraries License: Ruby or BSD -# This could be removed once rhbz#1054711 is resolved. -%{?scl:Requires: %{scl}-runtime} Provides: %{?scl_prefix}ruby(release) = %{ruby_release} # Virtual provides for CCAN copylibs. @@ -518,30 +539,6 @@ rm -rf ext/fiddle/libffi* %patch6 -p1 %patch7 -p1 %patch9 -p1 -%patch10 -p1 - -# Allow to use autoconf 2.63. -sed -i '/AC_PREREQ/ s/(.*)/(2.62)/' configure.in - -# AS_FOR is not supported on RHEL6, inject our own version. -cat >> acinclude.m4 <<\EOF -m4_ifndef([AS_FOR], [ - m4_define([AS_FOR], [ - m4_pushdef([$1], [$$2]) - for $2 in $3; do - $4 - done - m4_popdef([$1]) - ]) -]) -EOF - -# autoconf in RHEL6 does not support AS_FUNCTION_DESCRIBE, but it cannot be -# dropped on RHEL7, since the AS_REQUIRE_SHELL_FN changed signatures :/ -%if 0%{?rhel} == 6 -sed -i '/AS_FUNCTION_DESCRIBE/ s/^/#/' configure.in -sed -i '/AS_FUNCTION_DESCRIBE/ s/^/#/' acinclude.m4 -%endif # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -633,6 +630,9 @@ mkdir -p %{buildroot}%{_exec_prefix}/lib{,64}/gems/%{pkg_name} mkdir -p %{buildroot}%{gem_dir}/gems/rdoc-%{rdoc_version}/lib mv %{buildroot}%{ruby_libdir}/rdoc* %{buildroot}%{gem_dir}/gems/rdoc-%{rdoc_version}/lib mv %{buildroot}%{gem_dir}/specifications/default/rdoc-%{rdoc_version}.gemspec %{buildroot}%{gem_dir}/specifications +# Below rdoc symbolic links' change is only on SCL. Not on Fedora. +# http://pkgs.devel.redhat.com/cgit/rpms/ruby/commit/?id=369e65c +# https://src.fedoraproject.org/rpms/ruby/pull-request/9 ln -s %{gem_dir}/gems/rdoc-%{rdoc_version}/lib/rdoc.rb %{buildroot}%{ruby_libdir}/rdoc.rb ln -s %{gem_dir}/gems/rdoc-%{rdoc_version}/lib/rdoc %{buildroot}%{ruby_libdir}/rdoc @@ -666,7 +666,12 @@ mkdir -p %{buildroot}%{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version} mv %{buildroot}%{ruby_libdir}/openssl* %{buildroot}%{gem_dir}/gems/openssl-%{openssl_version}/lib mv %{buildroot}%{ruby_libarchdir}/openssl.so %{buildroot}%{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version}/ mv %{buildroot}%{gem_dir}/specifications/default/openssl-%{openssl_version}.gemspec %{buildroot}%{gem_dir}/specifications -ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl %{buildroot}%{ruby_libdir}/openssl +# This used to be directory when OpenSSL was integral part of StdLib => Keep +# it as directory and link everything in it to prevent directory => symlink +# conversion RPM issues. +mkdir -p %{buildroot}%{ruby_libdir}/openssl +find %{buildroot}%{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl -maxdepth 1 -type f -exec \ + sh -c 'ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl/`basename {}` %{buildroot}%{ruby_libdir}/openssl' \; ln -s %{gem_dir}/gems/openssl-%{openssl_version}/lib/openssl.rb %{buildroot}%{ruby_libdir}/openssl.rb ln -s %{_libdir}/gems/%{pkg_name}/openssl-%{openssl_version}/openssl.so %{buildroot}%{ruby_libarchdir}/openssl.so @@ -679,6 +684,18 @@ ln -s %{gem_dir}/gems/psych-%{psych_version}/lib/psych %{buildroot}%{ruby_libdir ln -s %{gem_dir}/gems/psych-%{psych_version}/lib/psych.rb %{buildroot}%{ruby_libdir}/psych.rb ln -s %{_libdir}/gems/%{pkg_name}/psych-%{psych_version}/psych.so %{buildroot}%{ruby_libarchdir}/psych.so +# Remove Bundler until it is really necessary. +rm -rf %{buildroot}%{ruby_libdir}/bundler +rm -rf %{buildroot}%{gem_dir}/gems/bundler-%{bundler_version} +rm -rf %{buildroot}%{gem_dir}/specifications/default/bundler-%{bundler_version}.gemspec +rm %{buildroot}%{_bindir}/bundle* + +# Move the binary extensions into proper place (if no gem has binary extension, +# the extensions directory might be empty). +find %{buildroot}%{gem_dir}/extensions/*-%{_target_os}/%{ruby_version}/* -maxdepth 0 \ + -exec mv '{}' %{buildroot}%{_libdir}/gems/%{name}/ \; \ + || echo "No gem binary extensions to move." + # Adjust the gemspec files so that the gems will load properly sed -i '/^end$/ i\ s.extensions = ["json/ext/parser.so", "json/ext/generator.so"]' %{buildroot}%{gem_dir}/specifications/json-%{json_version}.gemspec @@ -708,7 +725,7 @@ sed -i 's/^/%lang(ja) /' .ruby-doc.ja %check # Ruby software collection tests %{?scl:scl enable %scl - << \EOF -set -e +set -ex mkdir -p ./lib/rubygems/defaults cp %{SOURCE1} ./lib/rubygems/defaults sed 's/@SCL@/%{scl}/' %{SOURCE14} > ./%{basename:%{SOURCE14}} @@ -716,7 +733,7 @@ make test-all TESTS="%{basename:%{SOURCE14}}" rm -rf ./lib/rubygems/defaults ./%{basename:%{SOURCE14}} EOF} -%if 0%{?with_checksec} +%if 0%{?with_hardening_test} # Check Ruby hardening. checksec -f libruby.so.%{ruby_version} | \ grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*Yes.*\d*.*\d*.*libruby.so.%{ruby_version}" @@ -746,6 +763,11 @@ DISABLE_TESTS="" # Once seen: http://koji.fedoraproject.org/koji/taskinfo?taskID=12556650 DISABLE_TESTS="$DISABLE_TESTS -x test_fork.rb" +# Disable failing TestResolvMDNS#test_mdns_each_address test, +# which fails on Koji. +# https://bugs.ruby-lang.org/issues/14175 +sed -i '/def test_mdns_each_address$/,/^ end$/ s/^/#/' test/resolv/test_mdns.rb + make check TESTS="-v $DISABLE_TESTS" %post libs -p /sbin/ldconfig @@ -753,10 +775,6 @@ make check TESTS="-v $DISABLE_TESTS" %postun libs -p /sbin/ldconfig %files -# There is no %%license macro on RHEL6. -# https://bugzilla.redhat.com/show_bug.cgi?id=1386246 -%{!?_licensedir:%global license %%doc} - %license BSDL %license COPYING %lang(ja) %license COPYING.ja @@ -813,7 +831,6 @@ make check TESTS="-v $DISABLE_TESTS" %{ruby_libdir}/net %{ruby_libdir}/optparse %{ruby_libdir}/racc -%{ruby_libdir}/rbconfig %{ruby_libdir}/rexml %{ruby_libdir}/rinda %{ruby_libdir}/ripper @@ -910,9 +927,6 @@ make check TESTS="-v $DISABLE_TESTS" %dir %{ruby_libarchdir}/io %{ruby_libarchdir}/io/nonblock.so %{ruby_libarchdir}/io/wait.so -%dir %{ruby_libarchdir}/mathn -%{ruby_libarchdir}/mathn/complex.so -%{ruby_libarchdir}/mathn/rational.so %{ruby_libarchdir}/nkf.so %{ruby_libarchdir}/objspace.so %{ruby_libarchdir}/pathname.so @@ -936,10 +950,8 @@ make check TESTS="-v $DISABLE_TESTS" %files -n %{?scl_prefix}rubygems %{_bindir}/gem %dir %{rubygems_dir} -%{rubygems_dir}/rbconfig %{rubygems_dir}/rubygems %{rubygems_dir}/rubygems.rb -%{rubygems_dir}/ubygems.rb # Explicitly include only RubyGems directory strucure to avoid accidentally # packaged content. @@ -956,6 +968,25 @@ make check TESTS="-v $DISABLE_TESTS" %exclude %{gem_dir}/cache/* +# TODO: Gemify these libraries +%{gem_dir}/specifications/default/cmath-1.0.0.gemspec +%{gem_dir}/specifications/default/csv-1.0.0.gemspec +%{gem_dir}/specifications/default/date-1.0.0.gemspec +%{gem_dir}/specifications/default/dbm-1.0.0.gemspec +%{gem_dir}/specifications/default/digest-0.1.0.gemspec +%{gem_dir}/specifications/default/etc-1.0.0.gemspec +%{gem_dir}/specifications/default/fcntl-1.0.0.gemspec +%{gem_dir}/specifications/default/fiddle-1.0.0.gemspec +%{gem_dir}/specifications/default/fileutils-1.0.1.gemspec +%{gem_dir}/specifications/default/gdbm-2.0.0.gemspec +%{gem_dir}/specifications/default/ipaddr-1.2.0.gemspec +%{gem_dir}/specifications/default/scanf-1.0.0.gemspec +%{gem_dir}/specifications/default/sdbm-1.0.0.gemspec +%{gem_dir}/specifications/default/stringio-0.0.1.gemspec +%{gem_dir}/specifications/default/strscan-0.0.1.gemspec +%{gem_dir}/specifications/default/webrick-1.4.0.beta1.gemspec +%{gem_dir}/specifications/default/zlib-1.0.0.gemspec + %files -n %{?scl_prefix}rubygems-devel %config(noreplace) %{_root_sysconfdir}/rpm/macros.rubygems%{?scl:.%{scl}} @@ -1049,14 +1080,21 @@ make check TESTS="-v $DISABLE_TESTS" %files -n %{?scl_prefix}rubygem-xmlrpc %license %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/LICENSE.txt %dir %{gem_dir}/gems/xmlrpc-%{xmlrpc_version} +%exclude %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/.* %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/Gemfile %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/Rakefile %doc %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/README.md %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/bin %{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/lib +%{gem_dir}/gems/xmlrpc-%{xmlrpc_version}/xmlrpc.gemspec %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec %changelog +* Thu Dec 14 2017 Jun Aruga - 2.5.0-1.r61214 +- Upgrade to Ruby 2.5.0 (r61214). +- Remove Patch10 for CVE-2017-0903. +- Remove SCL runtime generated automatically by scl-utils on RHEL7. + * Mon Oct 30 2017 Vít Ondruch - 2.4.2-86 - Upgrade to Ruby 2.4.2. * Remove Patch10: ruby-2.4.0-vm_insnhelper.c-block-argument-at-tailcall.patch; diff --git a/sources b/sources index 573c343..55b020e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a991f06ea1a1d421f7888c75f80f12d6 ruby-2.4.2.tar.xz +6aed578e66e0e4eeeecfb8f07eb7ed2a ruby-2.5.0-r61214.tar.xz