- New upstream release.

- Security fixes. (#452295)
- CVE-2008-1891: WEBrick CGI source disclosure.
- CVE-2008-2662: Integer overflow in rb_str_buf_append().
- CVE-2008-2663: Integer overflow in rb_ary_store().
- CVE-2008-2664: Unsafe use of alloca in rb_str_format().
- CVE-2008-2725: Integer overflow in rb_ary_splice().
- CVE-2008-2726: Integer overflow in rb_ary_splice().
- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
- Build ruby-mode package for all archtectures.

.cvsignore

@@ -21,3 +21,4 @@ ruby-1.8.6-p111.tar.bz2
 rubyfaq-990927.tar.gz
 rubyfaq-jp-990927.tar.gz
 ruby-1.8.6-p114.tar.bz2
+ruby-1.8.6-p230.tar.bz2

ruby-1.8.6.111-CVE-2007-5162.patch

@@ -1,97 +0,0 @@
-diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb
---- ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb	2007-02-13 08:01:19.000000000 +0900
-+++ ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb	2007-10-29 21:10:24.000000000 +0900
-@@ -29,13 +29,23 @@ require 'net/ftp'
- 
- module Net
-   class FTPTLS < FTP
-+    def connect(host, port=FTP_PORT)
-+       @hostname = host
-+       super
-+    end
-+
-     def login(user = "anonymous", passwd = nil, acct = nil)
-+       store = OpenSSL::X509::Store.new
-+       store.set_default_paths
-        ctx = OpenSSL::SSL::SSLContext.new('SSLv23')
-+       ctx.cert_store = store
-+       ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        ctx.key = nil
-        ctx.cert = nil
-        voidcmd("AUTH TLS")
-        @sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx)
-        @sock.connect
-+       @sock.post_connection_check(@hostname)
-        super(user, passwd, acct)
-        voidcmd("PBSZ 0")
-     end
-diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb
---- ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb	2007-02-13 08:01:19.000000000 +0900
-+++ ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb	2007-10-29 21:13:03.000000000 +0900
-@@ -134,6 +134,9 @@ module Net
-             @sock.verify_callback = @options['VerifyCallback']
-             @sock.verify_depth    = @options['VerifyDepth']
-             @sock.connect
-+            if @options['VerifyMode'] != OpenSSL::SSL::VERIFY_NONE
-+              @sock.post_connection_check(@options['Host'])
-+            end
-             @ssl = true
-           end
-           ''
-diff -pruN ruby-1.8.6-p111.orig/lib/net/http.rb ruby-1.8.6-p111/lib/net/http.rb
---- ruby-1.8.6-p111.orig/lib/net/http.rb	2007-09-24 17:12:24.000000000 +0900
-+++ ruby-1.8.6-p111/lib/net/http.rb	2007-10-29 21:12:12.000000000 +0900
-@@ -470,7 +470,6 @@ module Net   #:nodoc:
-       @debug_output = nil
-       @use_ssl = false
-       @ssl_context = nil
--      @enable_post_connection_check = false
-     end
- 
-     def inspect
-@@ -527,9 +526,6 @@ module Net   #:nodoc:
-       false   # redefined in net/https
-     end
- 
--    # specify enabling SSL server certificate and hostname checking.
--    attr_accessor :enable_post_connection_check
--
-     # Opens TCP connection and HTTP session.
-     # 
-     # When this method is called with block, gives a HTTP object
-@@ -589,12 +585,7 @@ module Net   #:nodoc:
-         end
-         s.connect
-         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
--          begin
--            s.post_connection_check(@address)
--          rescue OpenSSL::SSL::SSLError => ex
--            raise ex if @enable_post_connection_check
--            warn ex.message
--          end
-+          s.post_connection_check(@address)
-         end
-       end
-       on_connect
-diff -pruN ruby-1.8.6-p111.orig/lib/net/imap.rb ruby-1.8.6-p111/lib/net/imap.rb
---- ruby-1.8.6-p111.orig/lib/net/imap.rb	2007-08-22 08:28:09.000000000 +0900
-+++ ruby-1.8.6-p111/lib/net/imap.rb	2007-10-29 21:14:38.000000000 +0900
-@@ -900,6 +900,7 @@ module Net
-         end
-         @sock = SSLSocket.new(@sock, context)
-         @sock.connect   # start ssl session.
-+        @sock.post_connection_check(@host) if verify
-       else
-         @usessl = false
-       end
-diff -pruN ruby-1.8.6-p111.orig/lib/open-uri.rb ruby-1.8.6-p111/lib/open-uri.rb
---- ruby-1.8.6-p111.orig/lib/open-uri.rb	2007-09-24 17:12:24.000000000 +0900
-+++ ruby-1.8.6-p111/lib/open-uri.rb	2007-10-29 21:16:03.000000000 +0900
-@@ -229,7 +229,6 @@ module OpenURI
-     if target.class == URI::HTTPS
-       require 'net/https'
-       http.use_ssl = true
--      http.enable_post_connection_check = true
-       http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-       store = OpenSSL::X509::Store.new
-       store.set_default_paths

ruby.spec

@@ -1,6 +1,6 @@
 %define	rubyxver	1.8
 %define	rubyver		1.8.6
-%define _patchlevel	114
+%define _patchlevel	230
 %define dotpatchlevel	%{?_patchlevel:.%{_patchlevel}}
 %define patchlevel	%{?_patchlevel:-p%{_patchlevel}}
 %define	arcver		%{rubyver}%{?patchlevel}
@@ -17,9 +17,7 @@ License:	Ruby or GPLv2
 URL:		http://www.ruby-lang.org/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	readline readline-devel ncurses ncurses-devel gdbm gdbm-devel glibc-devel tcl-devel tk-devel libX11-devel autoconf gcc unzip openssl-devel db4-devel byacc
-%ifnarch ppc64
 BuildRequires:	emacs
-%endif
 
 Source0:	ftp://ftp.ruby-lang.org/pub/%{name}/%{rubyxver}/%{name}-%{arcver}.tar.bz2
 ## Dead link
@@ -35,7 +33,6 @@ Patch20:	ruby-rubyprefix.patch
 Patch21:	ruby-deprecated-sitelib-search-path.patch
 Patch22:	ruby-deprecated-search-path.patch
 Patch23:	ruby-multilib.patch
-Patch24:	ruby-1.8.6.111-CVE-2007-5162.patch
 Patch25:	ruby-1.8.6.111-gcc43.patch
 
 Summary:	An interpreter of object-oriented scripting language
@@ -115,7 +112,6 @@ Group:		Documentation
 Manuals and FAQs for the object-oriented scripting language Ruby.
 
 
-%ifnarch ppc64
 %package mode
 Summary:	Emacs Lisp ruby-mode for the scripting language Ruby
 Group:		Applications/Editors
@@ -123,7 +119,6 @@ Requires:	emacs-common
 
 %description mode
 Emacs Lisp ruby-mode for the object-oriented scripting language Ruby.
-%endif
 
 
 %package ri
@@ -156,7 +151,6 @@ pushd %{name}-%{arcver}
 %patch22 -p1
 %patch23 -p1
 %endif
-%patch24 -p1
 %patch25 -p1
 popd
 
@@ -203,10 +197,8 @@ popd
 %install
 rm -rf $RPM_BUILD_ROOT
 
-%ifnarch ppc64
 mkdir -p $RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp/ruby-mode
 mkdir -p $RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp/site-start.d
-%endif
 
 # installing documents and exapmles...
 rm -rf tmp-ruby-docs
@@ -310,7 +302,6 @@ mkdir -p $RPM_BUILD_ROOT%{sitedir}/%{rubyxver}/%{_normalized_cpu}-%{_target_os}
 # XXX: installing irb
 install -p -m 0644 %{SOURCE4} $RPM_BUILD_ROOT%{_mandir}/man1/
 
-%ifnarch ppc64
 # installing ruby-mode
 cd %{name}-%{arcver}
 cp -p misc/*.el $RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp/ruby-mode
@@ -327,7 +318,6 @@ install -p -m 644 %{SOURCE10} \
 	$RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp/site-start.d
 
 cd ..
-%endif
 
 # remove shebang
 for i in $RPM_BUILD_ROOT%{_prefix}/lib/ruby/1.8/{abbrev,generator,irb/{cmd/subirb,ext/save-history},matrix,rdoc/{markup/sample/rdoc2latex,parsers/parse_rb},set,tsort}.rb; do
@@ -500,7 +490,6 @@ rm -rf tmp-ruby-docs
 %doc tmp-ruby-docs/ruby-docs/*
 %doc tmp-ruby-docs/ruby-libs/*
 
-%ifnarch ppc64
 %files mode
 %defattr(-, root, root, -)
 %doc %{name}-%{arcver}/COPYING*
@@ -511,9 +500,20 @@ rm -rf tmp-ruby-docs
 %doc %{name}-%{arcver}/misc/README
 %{_datadir}/emacs/site-lisp/ruby-mode
 %{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el
-%endif
 
 %changelog
+* Tue Jun 24 2008 Akira TAGOH <tagoh@redhat.com> - 1.8.6.230-1
+- New upstream release.
+- Security fixes. (#452295)
+  - CVE-2008-1891: WEBrick CGI source disclosure.
+  - CVE-2008-2662: Integer overflow in rb_str_buf_append().
+  - CVE-2008-2663: Integer overflow in rb_ary_store().
+  - CVE-2008-2664: Unsafe use of alloca in rb_str_format().
+  - CVE-2008-2725: Integer overflow in rb_ary_splice().
+  - CVE-2008-2726: Integer overflow in rb_ary_splice().
+- ruby-1.8.6.111-CVE-2007-5162.patch: removed.
+- Build ruby-mode package for all archtectures.
+
 * Tue Mar  4 2008 Akira TAGOH <tagoh@redhat.com> - 1.8.6.114-1
 - Security fix for CVE-2008-1145.
 - Improve a spec file. (#226381)

sources

@@ -2,4 +2,4 @@
 d65e3a216d6d345a2a6f1aa8758c2f75  ruby-refm-rdp-1.8.1-ja-html.tar.gz
 634c25b14e19925d10af3720d72e8741  rubyfaq-990927.tar.gz
 4fcec898f51d8371cc42d0a013940469  rubyfaq-jp-990927.tar.gz
-b4d0c74497f684814bcfbb41b7384a71  ruby-1.8.6-p114.tar.bz2
+3eceb42d4fc56398676c20a49ac7e044  ruby-1.8.6-p230.tar.bz2