Upgrade to Ruby 3.0.7.
* Upgrade to Ruby 3.0.7.
Resolves: RHEL-36189
The released Ruby 3.0.5 includes the following fix.
* Fix HTTP response splitting in CGI.
Resolves: RHEL-36193
The released Ruby 3.0.6 includes the following fixes.
* Fix ReDoS vulnerability in URI.
Resolves: RHEL-36196
* Fix ReDoS vulnerability in Time.
Resolves: RHEL-36205
The released Ruby 3.0.7 includes the following fixes.
* Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-36198
* Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-36200
* Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-36203
Added the following patch.
* Fix net-http test errors due to expired certificate.
The patch ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch was copied
from the part on the Fedora rawhide
<05a6c9c8f3>.
This commit is contained in:
Jun Aruga
parent
46666c437d
commit
9ad4115fe3
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index d261ea57b5..3c13076b82 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3240,6 +3240,11 @@ AS_IF([test ${multiarch+set}], [
|
||||
@@ -3267,6 +3267,11 @@ AS_IF([test ${multiarch+set}], [
|
||||
])
|
||||
|
||||
archlibdir='${libdir}/${arch}'
|
||||
|
||||
@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index c42436c23d..d261ea57b5 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3886,7 +3886,8 @@ AS_CASE(["$ruby_version_dir_name"],
|
||||
@@ -3913,7 +3913,8 @@ AS_CASE(["$ruby_version_dir_name"],
|
||||
ruby_version_dir=/'${ruby_version_dir_name}'
|
||||
|
||||
if test -z "${ruby_version_dir_name}"; then
|
||||
|
||||
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index 3c13076b82..93af30321d 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3950,6 +3950,8 @@ AC_SUBST(vendorarchdir)dnl
|
||||
@@ -3977,6 +3977,8 @@ AC_SUBST(vendorarchdir)dnl
|
||||
AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
|
||||
AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
|
||||
|
||||
|
||||
@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index 93af30321d..bc13397e0e 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3922,6 +3922,10 @@ AC_ARG_WITH(vendorarchdir,
|
||||
@@ -3949,6 +3949,10 @@ AC_ARG_WITH(vendorarchdir,
|
||||
[vendorarchdir=$withval],
|
||||
[vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
|
||||
|
||||
@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644
|
||||
AS_IF([test "${LOAD_RELATIVE+set}"], [
|
||||
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
|
||||
RUBY_EXEC_PREFIX=''
|
||||
@@ -3946,6 +3950,7 @@ AC_SUBST(sitearchdir)dnl
|
||||
@@ -3973,6 +3977,7 @@ AC_SUBST(sitearchdir)dnl
|
||||
AC_SUBST(vendordir)dnl
|
||||
AC_SUBST(vendorlibdir)dnl
|
||||
AC_SUBST(vendorarchdir)dnl
|
||||
|
||||
@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index 80b137e380..63cd3b4f8b 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3837,9 +3837,6 @@ AS_CASE(["$target_os"],
|
||||
@@ -3864,9 +3864,6 @@ AS_CASE(["$target_os"],
|
||||
rubyw_install_name='$(RUBYW_INSTALL_NAME)'
|
||||
])
|
||||
|
||||
@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644
|
||||
rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
|
||||
AC_ARG_WITH(rubyarchprefix,
|
||||
AS_HELP_STRING([--with-rubyarchprefix=DIR],
|
||||
@@ -3862,56 +3859,62 @@ AC_ARG_WITH(ridir,
|
||||
@@ -3889,56 +3886,62 @@ AC_ARG_WITH(ridir,
|
||||
AC_SUBST(ridir)
|
||||
AC_SUBST(RI_BASE_NAME)
|
||||
|
||||
@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644
|
||||
|
||||
AS_IF([test "${LOAD_RELATIVE+set}"], [
|
||||
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
|
||||
@@ -3928,6 +3931,7 @@ AC_SUBST(sitearchincludedir)dnl
|
||||
@@ -3955,6 +3958,7 @@ AC_SUBST(sitearchincludedir)dnl
|
||||
AC_SUBST(arch)dnl
|
||||
AC_SUBST(sitearch)dnl
|
||||
AC_SUBST(ruby_version)dnl
|
||||
|
||||
@ -1,30 +0,0 @@
|
||||
From 346e147ba6480839b87046e9a9efab0bf6ed3660 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
||||
Date: Wed, 10 Aug 2016 17:35:48 +0200
|
||||
Subject: [PATCH] Rely on ldd to detect glibc.
|
||||
|
||||
This is just workaround, since we know we are quite sure this will be successful
|
||||
on Red Hat platforms.
|
||||
|
||||
This workaround rhbz#1361037
|
||||
---
|
||||
test/fiddle/helper.rb | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb
|
||||
index 1da3d93..65148a1 100644
|
||||
--- a/test/fiddle/helper.rb
|
||||
+++ b/test/fiddle/helper.rb
|
||||
@@ -139,6 +139,9 @@
|
||||
libc_so = libm_so = "/usr/lib/libSystem.B.dylib"
|
||||
end
|
||||
|
||||
+# Just ignore the heuristic, because it is not reliable on all platforms.
|
||||
+libc_so = libm_so = nil
|
||||
+
|
||||
if !libc_so || !libm_so
|
||||
ruby = EnvUtil.rubybin
|
||||
# When the ruby binary is 32-bit and the host is 64-bit,
|
||||
--
|
||||
2.9.2
|
||||
|
||||
@ -57,7 +57,7 @@ diff --git a/ruby.c b/ruby.c
|
||||
index 60c57d6259..1eec16f2c8 100644
|
||||
--- a/ruby.c
|
||||
+++ b/ruby.c
|
||||
@@ -1489,10 +1489,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
|
||||
@@ -1501,10 +1501,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
|
||||
|
||||
void Init_builtin_features(void);
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@ diff --git a/configure.ac b/configure.ac
|
||||
index 2dcebdde9f..b1b190004d 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1944,6 +1944,7 @@ AC_CHECK_FUNCS(memmem)
|
||||
@@ -1952,6 +1952,7 @@ AC_CHECK_FUNCS(memmem)
|
||||
AC_CHECK_FUNCS(mkfifo)
|
||||
AC_CHECK_FUNCS(mknod)
|
||||
AC_CHECK_FUNCS(mktime)
|
||||
@ -21,7 +21,7 @@ index 2dcebdde9f..b1b190004d 100644
|
||||
AC_CHECK_FUNCS(openat)
|
||||
AC_CHECK_FUNCS(pipe2)
|
||||
AC_CHECK_FUNCS(poll)
|
||||
@@ -2666,6 +2667,21 @@ main(int argc, char *argv[])
|
||||
@@ -2674,6 +2675,21 @@ main(int argc, char *argv[])
|
||||
rb_cv_fork_with_pthread=yes)])
|
||||
test x$rb_cv_fork_with_pthread = xyes || AC_DEFINE(CANNOT_FORK_WITH_PTHREAD)
|
||||
])
|
||||
|
||||
256
ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
Normal file
256
ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
Normal file
@ -0,0 +1,256 @@
|
||||
From d3933fc753187a055a4904af82f5f3794c88c416 Mon Sep 17 00:00:00 2001
|
||||
From: Sorah Fukumori <her@sorah.jp>
|
||||
Date: Mon, 1 Jan 2024 20:45:54 +0900
|
||||
Subject: [PATCH] [ruby/net-http] Renew test certificates
|
||||
|
||||
The private key is replaced with a public known test key published at
|
||||
[RFC 9500].
|
||||
|
||||
Also lifetime has been extended to 10 years from 4 years.
|
||||
|
||||
[RFC 9500]: https://www.rfc-editor.org/rfc/rfc9500.html
|
||||
|
||||
https://github.com/ruby/net-http/commit/4ab6c4a500
|
||||
---
|
||||
test/net/fixtures/Makefile | 6 +--
|
||||
test/net/fixtures/cacert.pem | 44 ++++++++--------
|
||||
test/net/fixtures/server.crt | 99 +++++++-----------------------------
|
||||
test/net/fixtures/server.key | 55 ++++++++++----------
|
||||
4 files changed, 71 insertions(+), 133 deletions(-)
|
||||
|
||||
diff --git a/test/net/fixtures/Makefile b/test/net/fixtures/Makefile
|
||||
index b2bc9c7368ee2..88c232e3b6c16 100644
|
||||
--- a/test/net/fixtures/Makefile
|
||||
+++ b/test/net/fixtures/Makefile
|
||||
@@ -5,11 +5,11 @@ regen_certs:
|
||||
make server.crt
|
||||
|
||||
cacert.pem: server.key
|
||||
- openssl req -new -x509 -days 1825 -key server.key -out cacert.pem -text -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
|
||||
+ openssl req -new -x509 -days 3650 -key server.key -out cacert.pem -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
|
||||
|
||||
server.csr:
|
||||
- openssl req -new -key server.key -out server.csr -text -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
|
||||
+ openssl req -new -key server.key -out server.csr -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
|
||||
|
||||
server.crt: server.csr cacert.pem
|
||||
- openssl x509 -days 1825 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -text -out server.crt
|
||||
+ openssl x509 -days 3650 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -out server.crt
|
||||
rm server.csr
|
||||
diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
|
||||
index f623bd62ed375..24c83f1c65225 100644
|
||||
--- a/test/net/fixtures/cacert.pem
|
||||
+++ b/test/net/fixtures/cacert.pem
|
||||
@@ -1,24 +1,24 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
|
||||
-VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
|
||||
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
|
||||
-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
|
||||
-MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
|
||||
-B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
|
||||
-cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
|
||||
-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||
-CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
|
||||
-SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
|
||||
-3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
|
||||
-BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
|
||||
-2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
|
||||
-WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
|
||||
-I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
|
||||
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
|
||||
-of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
|
||||
-aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
|
||||
-2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
|
||||
-uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
|
||||
-K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
|
||||
-mA==
|
||||
+MIID+zCCAuOgAwIBAgIUGMvHl3EhtKPKcgc3NQSAYfFuC+8wDQYJKoZIhvcNAQEL
|
||||
+BQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRQwEgYDVQQHDAtN
|
||||
+YXR6LWUgY2l0eTEXMBUGA1UECgwOUnVieSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1
|
||||
+YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJARYWc2VjdXJpdHlAcnVieS1sYW5nLm9y
|
||||
+ZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEyMjkxMTQ3MjNaMIGMMQswCQYDVQQGEwJK
|
||||
+UDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkxFzAVBgNV
|
||||
+BAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0ExJTAjBgkq
|
||||
+hkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqGSIb3DQEB
|
||||
+AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI
|
||||
++1GSqyi1bFBgsRjM0THllIdMbKmJtWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0f
|
||||
+qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0
|
||||
+yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe
|
||||
+NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1
|
||||
+JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjUzBRMB0GA1Ud
|
||||
+DgQWBBSJGVleDvFp9cu9R+E0/OKYzGkwkTAfBgNVHSMEGDAWgBSJGVleDvFp9cu9
|
||||
+R+E0/OKYzGkwkTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBl
|
||||
+8GLB8skAWlkSw/FwbUmEV3zyqu+p7PNP5YIYoZs0D74e7yVulGQ6PKMZH5hrZmHo
|
||||
+orFSQU+VUUirG8nDGj7Rzce8WeWBxsaDGC8CE2dq6nC6LuUwtbdMnBrH0LRWAz48
|
||||
+jGFF3jHtVz8VsGfoZTZCjukWqNXvU6hETT9GsfU+PZqbqcTVRPH52+XgYayKdIbD
|
||||
+r97RM4X3+aXBHcUW0b76eyyi65RR/Xtvn8ioZt2AdX7T2tZzJyXJN3Hupp77s6Ui
|
||||
+AZR35SToHCZeTZD12YBvLBdaTPLZN7O/Q/aAO9ZiJaZ7SbFOjz813B2hxXab4Fob
|
||||
+2uJX6eMWTVxYK5D4M9lm
|
||||
-----END CERTIFICATE-----
|
||||
diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
|
||||
index 5ca78a6d146a0..5d2923795dabc 100644
|
||||
--- a/test/net/fixtures/server.crt
|
||||
+++ b/test/net/fixtures/server.crt
|
||||
@@ -1,82 +1,21 @@
|
||||
-Certificate:
|
||||
- Data:
|
||||
- Version: 3 (0x2)
|
||||
- Serial Number: 2 (0x2)
|
||||
- Signature Algorithm: sha256WithRSAEncryption
|
||||
- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
|
||||
- Validity
|
||||
- Not Before: Jan 2 03:27:13 2019 GMT
|
||||
- Not After : Jan 1 03:27:13 2024 GMT
|
||||
- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
|
||||
- Subject Public Key Info:
|
||||
- Public Key Algorithm: rsaEncryption
|
||||
- Public-Key: (2048 bit)
|
||||
- Modulus:
|
||||
- 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
|
||||
- 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
|
||||
- e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
|
||||
- 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
|
||||
- cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
|
||||
- 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
|
||||
- bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
|
||||
- 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
|
||||
- 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
|
||||
- 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
|
||||
- 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
|
||||
- 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
|
||||
- 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
|
||||
- de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
|
||||
- 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
|
||||
- e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
|
||||
- 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
|
||||
- 4f:41
|
||||
- Exponent: 65537 (0x10001)
|
||||
- X509v3 extensions:
|
||||
- X509v3 Basic Constraints:
|
||||
- CA:FALSE
|
||||
- Netscape Comment:
|
||||
- OpenSSL Generated Certificate
|
||||
- X509v3 Subject Key Identifier:
|
||||
- ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
|
||||
- X509v3 Authority Key Identifier:
|
||||
- keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
|
||||
-
|
||||
- Signature Algorithm: sha256WithRSAEncryption
|
||||
- 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
|
||||
- ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
|
||||
- 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
|
||||
- fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
|
||||
- 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
|
||||
- 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
|
||||
- 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
|
||||
- 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
|
||||
- d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
|
||||
- 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
|
||||
- 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
|
||||
- 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
|
||||
- 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
|
||||
- da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
|
||||
- fd:be:bd:6e
|
||||
-----BEGIN CERTIFICATE-----
|
||||
-MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
|
||||
-EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
|
||||
-DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
|
||||
-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
|
||||
-DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
|
||||
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
|
||||
-BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||
-AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
|
||||
-zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
|
||||
-VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
|
||||
-wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
|
||||
-sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
|
||||
-dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
|
||||
-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
|
||||
-wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
|
||||
-+J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
|
||||
-y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
|
||||
-EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
|
||||
-Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
|
||||
-oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
|
||||
-28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
|
||||
+MIIDYTCCAkkCAQAwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
|
||||
+VQQIDAdTaGltYW5lMRQwEgYDVQQHDAtNYXR6LWUgY2l0eTEXMBUGA1UECgwOUnVi
|
||||
+eSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
|
||||
+ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEy
|
||||
+MjkxMTQ3MjNaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRcwFQYD
|
||||
+VQQKDA5SdWJ5IENvcmUgVGVhbTESMBAGA1UECwwJUnVieSBUZXN0MRIwEAYDVQQD
|
||||
+DAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+egZ
|
||||
+Q6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI+1GSqyi1bFBgsRjM0THllIdMbKmJ
|
||||
+tWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0fqXmG8UTz0VTWdlAXXmhUs6lSADvA
|
||||
+aIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0yg+801SXzoFTTa+UGIRLE66jH51a
|
||||
+a5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIeNWMF32wHqIOOPvQcWV3M5D2vxJEj
|
||||
+702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1JNPc/n3dVUm+fM6NoDXPoLP7j55G
|
||||
+9zKyqGtGAWXAj1MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACtGNdj5TEtnJBYp
|
||||
+M+LhBeU3oNteldfycEm993gJp6ghWZFg23oX8fVmyEeJr/3Ca9bAgDqg0t9a0npN
|
||||
+oWKEY6wVKqcHgu3gSvThF5c9KhGbeDDmlTSVVNQmXWX0K2d4lS2cwZHH8mCm2mrY
|
||||
+PDqlEkSc7k4qSiqigdS8i80Yk+lDXWsm8CjsiC93qaRM7DnS0WPQR0c16S95oM6G
|
||||
+VklFKUSDAuFjw9aVWA/nahOucjn0w5fVW6lyIlkBslC1ChlaDgJmvhz+Ol3iMsE0
|
||||
+kAmFNu2KKPVrpMWaBID49QwQTDyhetNLaVVFM88iUdA9JDoVMEuP1mm39JqyzHTu
|
||||
+uBrdP4Q=
|
||||
-----END CERTIFICATE-----
|
||||
diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
|
||||
index 7f2380e71e637..6a83d5bcf4a52 100644
|
||||
--- a/test/net/fixtures/server.key
|
||||
+++ b/test/net/fixtures/server.key
|
||||
@@ -1,28 +1,27 @@
|
||||
------BEGIN PRIVATE KEY-----
|
||||
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
|
||||
-XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
|
||||
-Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
|
||||
-6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
|
||||
-cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
|
||||
-n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
|
||||
-/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
|
||||
-DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
|
||||
-LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
|
||||
-QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
|
||||
-hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
|
||||
-1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
|
||||
-liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
|
||||
-U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
|
||||
-pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
|
||||
-A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
|
||||
-ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
|
||||
-oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
|
||||
-gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
|
||||
-xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
|
||||
-kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
|
||||
-uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
|
||||
-y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
|
||||
-g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
|
||||
-wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
|
||||
-2whRF0FEjKA8ehrNhAq+VFfFNw==
|
||||
------END PRIVATE KEY-----
|
||||
+-----BEGIN RSA PRIVATE KEY-----
|
||||
+MIIEowIBAAKCAQEAsPnoGUOnrpiSqt4XynxA+HRP7S+BSObI6qJ7fQAVSPtRkqso
|
||||
+tWxQYLEYzNEx5ZSHTGypibVsJylvCfuToDTfMul8b/CZjP2Ob0LdpYrNH6l5hvFE
|
||||
+89FU1nZQF15oVLOpUgA7wGiHuEVawrGfey92UE68mOyUVXGweJIVDdxqdMoPvNNU
|
||||
+l86BU02vlBiESxOuox+dWmuVV7vfYZ79Toh/LUK43YvJh+rhv4nKuF7iHjVjBd9s
|
||||
+B6iDjj70HFldzOQ9r8SRI+9NirupPTkF5AKNe6kUhKJ1luB7S27ZkvB3tSTT3P59
|
||||
+3VVJvnzOjaA1z6Cz+4+eRvcysqhrRgFlwI9TEwIDAQABAoIBAEEYiyDP29vCzx/+
|
||||
+dS3LqnI5BjUuJhXUnc6AWX/PCgVAO+8A+gZRgvct7PtZb0sM6P9ZcLrweomlGezI
|
||||
+FrL0/6xQaa8bBr/ve/a8155OgcjFo6fZEw3Dz7ra5fbSiPmu4/b/kvrg+Br1l77J
|
||||
+aun6uUAs1f5B9wW+vbR7tzbT/mxaUeDiBzKpe15GwcvbJtdIVMa2YErtRjc1/5B2
|
||||
+BGVXyvlJv0SIlcIEMsHgnAFOp1ZgQ08aDzvilLq8XVMOahAhP1O2A3X8hKdXPyrx
|
||||
+IVWE9bS9ptTo+eF6eNl+d7htpKGEZHUxinoQpWEBTv+iOoHsVunkEJ3vjLP3lyI/
|
||||
+fY0NQ1ECgYEA3RBXAjgvIys2gfU3keImF8e/TprLge1I2vbWmV2j6rZCg5r/AS0u
|
||||
+pii5CvJ5/T5vfJPNgPBy8B/yRDs+6PJO1GmnlhOkG9JAIPkv0RBZvR0PMBtbp6nT
|
||||
+Y3yo1lwamBVBfY6rc0sLTzosZh2aGoLzrHNMQFMGaauORzBFpY5lU50CgYEAzPHl
|
||||
+u5DI6Xgep1vr8QvCUuEesCOgJg8Yh1UqVoY/SmQh6MYAv1I9bLGwrb3WW/7kqIoD
|
||||
+fj0aQV5buVZI2loMomtU9KY5SFIsPV+JuUpy7/+VE01ZQM5FdY8wiYCQiVZYju9X
|
||||
+Wz5LxMNoz+gT7pwlLCsC4N+R8aoBk404aF1gum8CgYAJ7VTq7Zj4TFV7Soa/T1eE
|
||||
+k9y8a+kdoYk3BASpCHJ29M5R2KEA7YV9wrBklHTz8VzSTFTbKHEQ5W5csAhoL5Fo
|
||||
+qoHzFFi3Qx7MHESQb9qHyolHEMNx6QdsHUn7rlEnaTTyrXh3ifQtD6C0yTmFXUIS
|
||||
+CW9wKApOrnyKJ9nI0HcuZQKBgQCMtoV6e9VGX4AEfpuHvAAnMYQFgeBiYTkBKltQ
|
||||
+XwozhH63uMMomUmtSG87Sz1TmrXadjAhy8gsG6I0pWaN7QgBuFnzQ/HOkwTm+qKw
|
||||
+AsrZt4zeXNwsH7QXHEJCFnCmqw9QzEoZTrNtHJHpNboBuVnYcoueZEJrP8OnUG3r
|
||||
+UjmopwKBgAqB2KYYMUqAOvYcBnEfLDmyZv9BTVNHbR2lKkMYqv5LlvDaBxVfilE0
|
||||
+2riO4p6BaAdvzXjKeRrGNEKoHNBpOSfYCOM16NjL8hIZB1CaV3WbT5oY+jp7Mzd5
|
||||
+7d56RZOE+ERK2uz/7JX9VSsM/LbH9pJibd4e8mikDS9ntciqOH/3
|
||||
+-----END RSA PRIVATE KEY-----
|
||||
42
ruby.spec
42
ruby.spec
@ -1,6 +1,6 @@
|
||||
%global major_version 3
|
||||
%global minor_version 0
|
||||
%global teeny_version 4
|
||||
%global teeny_version 7
|
||||
%global major_minor_version %{major_version}.%{minor_version}
|
||||
|
||||
%global ruby_version %{major_minor_version}.%{teeny_version}
|
||||
@ -22,7 +22,7 @@
|
||||
%endif
|
||||
|
||||
|
||||
%global release 141
|
||||
%global release 142
|
||||
%{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||
|
||||
# The RubyGems library has to stay out of Ruby directory tree, since the
|
||||
@ -41,7 +41,7 @@
|
||||
%global bundler_net_http_persistent_version 4.0.0
|
||||
%global bundler_thor_version 1.1.0
|
||||
%global bundler_tmpdir_version 0.1.0
|
||||
%global bundler_uri_version 0.10.0
|
||||
%global bundler_uri_version 0.10.0.3
|
||||
|
||||
%global bigdecimal_version 3.0.0
|
||||
%global did_you_mean_version 1.5.0
|
||||
@ -49,14 +49,14 @@
|
||||
%global io_console_version 0.5.7
|
||||
%global irb_version 1.3.5
|
||||
%global json_version 2.5.1
|
||||
%global openssl_version 2.2.1
|
||||
%global openssl_version 2.2.2
|
||||
%global psych_version 3.3.2
|
||||
%global racc_version 1.5.2
|
||||
%global rdoc_version 6.3.3
|
||||
%global rdoc_version 6.3.4.1
|
||||
|
||||
# Bundled gems.
|
||||
%global minitest_version 5.14.2
|
||||
%global power_assert_version 1.2.0
|
||||
%global power_assert_version 1.2.1
|
||||
%global rake_version 13.0.3
|
||||
%global rbs_version 1.4.0
|
||||
%global test_unit_version 3.3.7
|
||||
@ -170,6 +170,11 @@ Patch21: ruby-3.1.0-Properly-exclude-test-cases.patch
|
||||
# https://github.com/rubygems/rubygems/pull/5154
|
||||
Patch22: rubygems-3.2.33-Fix-loading-operating_system-rb-customizations-too-late.patch
|
||||
|
||||
# Fix net-http test errors due to expired certificate
|
||||
# https://github.com/ruby/ruby/commit/d3933fc753187a055a4904af82f5f3794c88c416
|
||||
# https://bugs.ruby-lang.org/issues/20106
|
||||
Patch23: ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
|
||||
|
||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||
Suggests: rubypick
|
||||
Recommends: ruby(rubygems) >= %{rubygems_version}
|
||||
@ -608,6 +613,7 @@ rm -rf ext/fiddle/libffi*
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch22 -p1
|
||||
%patch23 -p1
|
||||
|
||||
# Provide an example of usage of the tapset:
|
||||
cp -a %{SOURCE3} .
|
||||
@ -1146,7 +1152,7 @@ MSPECOPTS=""
|
||||
%{gem_dir}/specifications/default/abbrev-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/base64-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/benchmark-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/cgi-0.2.1.gemspec
|
||||
%{gem_dir}/specifications/default/cgi-0.2.2.gemspec
|
||||
%{gem_dir}/specifications/default/csv-3.1.9.gemspec
|
||||
%{gem_dir}/specifications/default/date-3.1.3.gemspec
|
||||
%{gem_dir}/specifications/default/dbm-1.1.0.gemspec
|
||||
@ -1200,17 +1206,17 @@ MSPECOPTS=""
|
||||
%{gem_dir}/specifications/default/set-1.0.1.gemspec
|
||||
%{gem_dir}/specifications/default/shellwords-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/singleton-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/stringio-3.0.1.gemspec
|
||||
%{gem_dir}/specifications/default/stringio-3.0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/strscan-3.0.1.gemspec
|
||||
%{gem_dir}/specifications/default/syslog-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/tempfile-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/time-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/time-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/timeout-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/tmpdir-0.1.2.gemspec
|
||||
%{gem_dir}/specifications/default/tsort-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/tracer-0.1.1.gemspec
|
||||
%{gem_dir}/specifications/default/un-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/uri-0.10.1.gemspec
|
||||
%{gem_dir}/specifications/default/uri-0.10.3.gemspec
|
||||
%{gem_dir}/specifications/default/weakref-0.1.1.gemspec
|
||||
#%%{gem_dir}/specifications/default/win32ole-1.8.8.gemspec
|
||||
%{gem_dir}/specifications/default/yaml-0.1.1.gemspec
|
||||
@ -1363,6 +1369,22 @@ MSPECOPTS=""
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon May 13 2024 Jun Aruga <jaruga@redhat.com> - 3.0.7-142
|
||||
- Upgrade to Ruby 3.0.7.
|
||||
Resolves: RHEL-36189
|
||||
- Fix HTTP response splitting in CGI.
|
||||
Resolves: RHEL-36193
|
||||
- Fix ReDoS vulnerability in URI.
|
||||
Resolves: RHEL-36196
|
||||
- Fix ReDoS vulnerability in Time.
|
||||
Resolves: RHEL-36205
|
||||
- Fix buffer overread vulnerability in StringIO.
|
||||
Resolves: RHEL-36198
|
||||
- Fix RCE vulnerability with .rdoc_options in RDoc.
|
||||
Resolves: RHEL-36200
|
||||
- Fix arbitrary memory address read vulnerability with Regex search.
|
||||
Resolves: RHEL-36203
|
||||
|
||||
* Tue Jul 26 2022 Jarek Prokop <jprokop@redhat.com> - 3.0.4-141
|
||||
- Upgrade to Ruby 3.0.4.
|
||||
Resolves: rhbz#2096346
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (ruby-3.0.4.tar.xz) = 53bf7dd403b0c68af9691882ad8ed7422c8d1f496627428fb4c3caf0b0313715524b744c5f453aced2d49e16e55f3f45b46b9a77aa3097dbfcae7caa0208194b
|
||||
SHA512 (ruby-3.0.7.tar.xz) = 4760dc7d1345279b53cff30f3dd015b67f6a505e5028357f046dbf23b15a52d09f7d91fcfe5cb75d6c3222e7283aad12b97b36f5de0ff959f824bd42073f9c48
|
||||
|
||||
Loading…
Reference in New Issue
Block a user