From ae8660b8896bb53c72a03cf7e538de898afabfb2 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Tue, 30 Apr 2024 14:41:23 +0200 Subject: [PATCH] Upgrade to Ruby 3.1.5. * Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 * Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 * Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-34121 * Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-33871 --- ...0-Enable-configuration-of-archlibdir.patch | 2 +- ...ed-paths-when-empty-version-string-i.patch | 2 +- ruby-2.1.0-always-use-i386.patch | 2 +- ruby-2.1.0-custom-rubygems-location.patch | 4 +- ruby-2.3.0-ruby_version.patch | 6 +- ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch | 135 --------- ...ct-compaction-support-during-runtime.patch | 20 +- ...paction-methods-as-rb_f_notimplement.patch | 32 +-- ...uby-net-http-Renew-test-certificates.patch | 256 ------------------ ruby.spec | 73 ++--- ...sue-of-Bundler-not-falling-back-test.patch | 72 ----- ...er-issue-of-Bundler-not-falling-back.patch | 54 ---- ...bundler-Gemfile-resolving-regression.patch | 144 ---------- ...er-2.3.26-Tests-from-bundler-PR-6225.patch | 60 ---- sources | 2 +- 15 files changed, 60 insertions(+), 804 deletions(-) delete mode 100644 ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch delete mode 100644 ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch delete mode 100644 rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch delete mode 100644 rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch delete mode 100644 rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch delete mode 100644 rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 81261f1..3bbb974 100644 --- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3381,6 +3381,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3388,6 +3388,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index aacd076..7319f59 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -4039,7 +4039,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -4046,7 +4046,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index 0e788dc..5c298ed 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -4103,6 +4103,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -4110,6 +4110,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index b3cb639..230da6f 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -4075,6 +4075,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -4082,6 +4082,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4099,6 +4104,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4106,6 +4110,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index cb2871e..35854d2 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -3990,9 +3990,6 @@ AS_CASE(["$target_os"], +@@ -3997,9 +3997,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -4015,56 +4015,62 @@ AC_ARG_WITH(ridir, +@@ -4022,56 +4019,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -4081,6 +4081,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -4088,6 +4091,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch b/ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch deleted file mode 100644 index 253ba89..0000000 --- a/ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch +++ /dev/null @@ -1,135 +0,0 @@ -From 7af748ba924ba6119251ff959231c126784621e2 Mon Sep 17 00:00:00 2001 -From: Hiroshi SHIBATA -Date: Wed, 21 Jun 2023 13:26:37 +0900 -Subject: [PATCH 1/2] Bump up v0.12.2 - ---- - lib/uri/rfc2396_parser.rb | 4 ++-- - lib/uri/rfc3986_parser.rb | 2 +- - lib/uri/version.rb | 2 +- - test/uri/test_parser.rb | 22 ++++++++++++++++++++++ - 4 files changed, 26 insertions(+), 4 deletions(-) - -diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb -index 76a8f99fd48ccd..00c66cf0422213 100644 ---- a/lib/uri/rfc2396_parser.rb -+++ b/lib/uri/rfc2396_parser.rb -@@ -497,8 +497,8 @@ def initialize_regexp(pattern) - ret = {} - - # for URI::split -- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) -- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) -+ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) -+ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) - - # for URI::extract - ret[:URI_REF] = Regexp.new(pattern[:URI_REF]) -diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb -index dd24a409ea174e..9b1663dbb6efe3 100644 ---- a/lib/uri/rfc3986_parser.rb -+++ b/lib/uri/rfc3986_parser.rb -@@ -100,7 +100,7 @@ def default_regexp # :nodoc: - QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, - FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, - OPAQUE: /\A(?:[^\/].*)?\z/, -- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/, -+ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/, - } - end - -diff --git a/lib/uri/version.rb b/lib/uri/version.rb -index 7497a7d31a5df7..f0aca586acab4f 100644 ---- a/lib/uri/version.rb -+++ b/lib/uri/version.rb -@@ -1,6 +1,6 @@ - module URI - # :stopdoc: -- VERSION_CODE = '001201'.freeze -+ VERSION_CODE = '001202'.freeze - VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze - # :startdoc: - end -diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb -index 72fb5901d963f6..cee0acb4b57c87 100644 ---- a/test/uri/test_parser.rb -+++ b/test/uri/test_parser.rb -@@ -79,4 +79,26 @@ def test_split - assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com")) - assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]")) - end -+ -+ def test_rfc2822_parse_relative_uri -+ pre = ->(length) { -+ " " * length + "\0" -+ } -+ parser = URI::RFC2396_Parser.new -+ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri| -+ assert_raise(URI::InvalidURIError) do -+ parser.split(uri) -+ end -+ end -+ end -+ -+ def test_rfc3986_port_check -+ pre = ->(length) {"\t" * length + "a"} -+ uri = URI.parse("http://my.example.com") -+ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port| -+ assert_raise(URI::InvalidComponentError) do -+ uri.port = port -+ end -+ end -+ end - end - -From b2deea8a2e71ab880370080a9ddf243747abc8fd Mon Sep 17 00:00:00 2001 -From: Hiroshi SHIBATA -Date: Wed, 21 Jun 2023 14:15:26 +0900 -Subject: [PATCH 2/2] Merge URI-0.10.3 for Bundler - ---- - lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb | 4 ++-- - lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb | 2 +- - lib/bundler/vendor/uri/lib/uri/version.rb | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb -index e48e164f4c13e7..09ed40754d5bfe 100644 ---- a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb -+++ b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb -@@ -491,8 +491,8 @@ def initialize_regexp(pattern) - ret = {} - - # for Bundler::URI::split -- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) -- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) -+ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) -+ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) - - # for Bundler::URI::extract - ret[:URI_REF] = Regexp.new(pattern[:URI_REF]) -diff --git a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb -index cd4dd0c7526630..870720e5b3e8d0 100644 ---- a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb -+++ b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb -@@ -95,7 +95,7 @@ def default_regexp # :nodoc: - QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, - FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, - OPAQUE: /\A(?:[^\/].*)?\z/, -- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/, -+ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/, - } - end - -diff --git a/lib/bundler/vendor/uri/lib/uri/version.rb b/lib/bundler/vendor/uri/lib/uri/version.rb -index 3895df0de5c53a..d65b7e5b7574d8 100644 ---- a/lib/bundler/vendor/uri/lib/uri/version.rb -+++ b/lib/bundler/vendor/uri/lib/uri/version.rb -@@ -1,6 +1,6 @@ - module Bundler::URI - # :stopdoc: -- VERSION_CODE = '001002'.freeze -+ VERSION_CODE = '001003'.freeze - VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze - # :startdoc: - end diff --git a/ruby-3.2.0-Detect-compaction-support-during-runtime.patch b/ruby-3.2.0-Detect-compaction-support-during-runtime.patch index aecfb2a..ccafdfe 100644 --- a/ruby-3.2.0-Detect-compaction-support-during-runtime.patch +++ b/ruby-3.2.0-Detect-compaction-support-during-runtime.patch @@ -171,7 +171,7 @@ index 1c35856c44..bff0666a17 100644 #if defined(_WIN32) static LPTOP_LEVEL_EXCEPTION_FILTER old_handler; -@@ -9268,13 +9286,7 @@ gc_start_internal(rb_execution_context_t *ec, VALUE self, VALUE full_mark, VALUE +@@ -9271,13 +9289,7 @@ gc_start_internal(rb_execution_context_t *ec, VALUE self, VALUE full_mark, VALUE /* For now, compact implies full mark / sweep, so ignore other flags */ if (RTEST(compact)) { @@ -186,7 +186,7 @@ index 1c35856c44..bff0666a17 100644 reason |= GPR_FLAG_COMPACT; } -@@ -9439,7 +9451,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) +@@ -9442,7 +9454,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) return (VALUE)src; } @@ -195,7 +195,7 @@ index 1c35856c44..bff0666a17 100644 static int compare_free_slots(const void *left, const void *right, void *dummy) { -@@ -10167,7 +10179,7 @@ gc_update_references(rb_objspace_t *objspace) +@@ -10197,7 +10209,7 @@ gc_update_references(rb_objspace_t *objspace) gc_update_table_refs(objspace, finalizer_table); } @@ -204,7 +204,7 @@ index 1c35856c44..bff0666a17 100644 /* * call-seq: * GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}} -@@ -10208,7 +10220,7 @@ gc_compact_stats(VALUE self) +@@ -10238,7 +10250,7 @@ gc_compact_stats(VALUE self) # define gc_compact_stats rb_f_notimplement #endif @@ -213,7 +213,7 @@ index 1c35856c44..bff0666a17 100644 static void root_obj_check_moved_i(const char *category, VALUE obj, void *data) { -@@ -10287,7 +10299,7 @@ gc_compact(VALUE self) +@@ -10317,7 +10329,7 @@ gc_compact(VALUE self) # define gc_compact rb_f_notimplement #endif @@ -222,7 +222,7 @@ index 1c35856c44..bff0666a17 100644 /* * call-seq: * GC.verify_compaction_references(toward: nil, double_heap: false) -> hash -@@ -10818,7 +10830,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) +@@ -10848,7 +10860,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) return rb_gc_disable(); } @@ -231,7 +231,7 @@ index 1c35856c44..bff0666a17 100644 /* * call-seq: * GC.auto_compact = flag -@@ -10832,8 +10844,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) +@@ -10862,8 +10874,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) static VALUE gc_set_auto_compact(VALUE _, VALUE v) { @@ -241,7 +241,7 @@ index 1c35856c44..bff0666a17 100644 ruby_enable_autocompact = RTEST(v); return v; -@@ -10842,7 +10853,8 @@ gc_set_auto_compact(VALUE _, VALUE v) +@@ -10872,7 +10883,8 @@ gc_set_auto_compact(VALUE _, VALUE v) # define gc_set_auto_compact rb_f_notimplement #endif @@ -251,7 +251,7 @@ index 1c35856c44..bff0666a17 100644 /* * call-seq: * GC.auto_compact -> true or false -@@ -13753,11 +13776,21 @@ Init_GC(void) +@@ -13791,11 +13803,21 @@ Init_GC(void) rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0); rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0); #endif @@ -278,7 +278,7 @@ index 1c35856c44..bff0666a17 100644 #if GC_DEBUG_STRESS_TO_CLASS rb_define_singleton_method(rb_mGC, "add_stress_to_class", rb_gcdebug_add_stress_to_class, -1); -@@ -13781,6 +13803,7 @@ Init_GC(void) +@@ -13819,6 +13841,7 @@ Init_GC(void) OPT(MALLOC_ALLOCATED_SIZE); OPT(MALLOC_ALLOCATED_SIZE_CHECK); OPT(GC_PROFILE_DETAIL_MEMORY); diff --git a/ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch b/ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch index 89842ea..1deddbc 100644 --- a/ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch +++ b/ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch @@ -22,7 +22,7 @@ diff --git a/gc.c b/gc.c index ef9327df1f..1c35856c44 100644 --- a/gc.c +++ b/gc.c -@@ -10165,8 +10165,20 @@ gc_update_references(rb_objspace_t *objspace) +@@ -10195,8 +10195,20 @@ gc_update_references(rb_objspace_t *objspace) gc_update_table_refs(objspace, finalizer_table); } @@ -44,7 +44,7 @@ index ef9327df1f..1c35856c44 100644 { size_t i; rb_objspace_t *objspace = &rb_objspace; -@@ -10239,22 +10251,70 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) +@@ -10269,22 +10281,70 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) return 0; } @@ -120,7 +120,7 @@ index ef9327df1f..1c35856c44 100644 RB_VM_LOCK_ENTER(); { -@@ -10274,12 +10334,12 @@ gc_verify_compaction_references(rb_execution_context_t *ec, VALUE self, VALUE do +@@ -10304,12 +10364,12 @@ gc_verify_compaction_references(rb_execution_context_t *ec, VALUE self, VALUE do } RB_VM_LOCK_LEAVE(); @@ -135,7 +135,7 @@ index ef9327df1f..1c35856c44 100644 } VALUE -@@ -10740,8 +10800,18 @@ gc_disable(rb_execution_context_t *ec, VALUE _) +@@ -10770,8 +10830,18 @@ gc_disable(rb_execution_context_t *ec, VALUE _) return rb_gc_disable(); } @@ -155,7 +155,7 @@ index ef9327df1f..1c35856c44 100644 { /* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for * the read barrier, so we must disable automatic compaction. */ -@@ -10755,8 +10825,14 @@ gc_set_auto_compact(rb_execution_context_t *ec, VALUE _, VALUE v) +@@ -10785,8 +10855,14 @@ gc_set_auto_compact(rb_execution_context_t *ec, VALUE _, VALUE v) return v; } @@ -171,7 +171,7 @@ index ef9327df1f..1c35856c44 100644 { return RBOOL(ruby_enable_autocompact); } -@@ -13656,6 +13732,11 @@ Init_GC(void) +@@ -13694,6 +13770,11 @@ Init_GC(void) rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0); rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0); #endif @@ -305,7 +305,7 @@ diff --git a/gc.c b/gc.c index 92ed76cf96..d71924846a 100644 --- a/gc.c +++ b/gc.c -@@ -9439,6 +9439,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) +@@ -9442,6 +9442,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) return (VALUE)src; } @@ -313,7 +313,7 @@ index 92ed76cf96..d71924846a 100644 static int compare_free_slots(const void *left, const void *right, void *dummy) { -@@ -9486,6 +9487,7 @@ gc_sort_heap_by_empty_slots(rb_objspace_t *objspace) +@@ -9489,6 +9490,7 @@ gc_sort_heap_by_empty_slots(rb_objspace_t *objspace) free(page_list); } } @@ -321,7 +321,7 @@ index 92ed76cf96..d71924846a 100644 static void gc_ref_update_array(rb_objspace_t * objspace, VALUE v) -@@ -10165,6 +10167,7 @@ gc_update_references(rb_objspace_t *objspace) +@@ -10195,6 +10197,7 @@ gc_update_references(rb_objspace_t *objspace) gc_update_table_refs(objspace, finalizer_table); } @@ -329,7 +329,7 @@ index 92ed76cf96..d71924846a 100644 /* * call-seq: * GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}} -@@ -10201,7 +10204,11 @@ gc_compact_stats(VALUE self) +@@ -10231,7 +10234,11 @@ gc_compact_stats(VALUE self) return h; } @@ -341,7 +341,7 @@ index 92ed76cf96..d71924846a 100644 static void root_obj_check_moved_i(const char *category, VALUE obj, void *data) { -@@ -10263,6 +10270,10 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) +@@ -10293,6 +10300,10 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) * * This method is implementation specific and not expected to be implemented * in any implementation besides MRI. @@ -352,7 +352,7 @@ index 92ed76cf96..d71924846a 100644 */ static VALUE gc_compact(VALUE self) -@@ -10272,7 +10283,11 @@ gc_compact(VALUE self) +@@ -10302,7 +10313,11 @@ gc_compact(VALUE self) return gc_compact_stats(self); } @@ -364,7 +364,7 @@ index 92ed76cf96..d71924846a 100644 /* * call-seq: * GC.verify_compaction_references(toward: nil, double_heap: false) -> hash -@@ -10341,6 +10356,9 @@ gc_verify_compaction_references(int argc, VALUE *argv, VALUE self) +@@ -10371,6 +10386,9 @@ gc_verify_compaction_references(int argc, VALUE *argv, VALUE self) return gc_compact_stats(self); } @@ -374,7 +374,7 @@ index 92ed76cf96..d71924846a 100644 VALUE rb_gc_start(void) -@@ -10800,6 +10818,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) +@@ -10830,6 +10848,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) return rb_gc_disable(); } @@ -382,7 +382,7 @@ index 92ed76cf96..d71924846a 100644 /* * call-seq: * GC.auto_compact = flag -@@ -10815,16 +10834,15 @@ gc_set_auto_compact(VALUE _, VALUE v) +@@ -10845,16 +10864,15 @@ gc_set_auto_compact(VALUE _, VALUE v) { /* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for * the read barrier, so we must disable automatic compaction. */ @@ -403,7 +403,7 @@ index 92ed76cf96..d71924846a 100644 /* * call-seq: * GC.auto_compact -> true or false -@@ -10836,6 +10854,9 @@ gc_get_auto_compact(VALUE _) +@@ -10866,6 +10884,9 @@ gc_get_auto_compact(VALUE _) { return RBOOL(ruby_enable_autocompact); } diff --git a/ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch b/ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch deleted file mode 100644 index 34a18e0..0000000 --- a/ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch +++ /dev/null @@ -1,256 +0,0 @@ -From d3933fc753187a055a4904af82f5f3794c88c416 Mon Sep 17 00:00:00 2001 -From: Sorah Fukumori -Date: Mon, 1 Jan 2024 20:45:54 +0900 -Subject: [PATCH] [ruby/net-http] Renew test certificates - -The private key is replaced with a public known test key published at -[RFC 9500]. - -Also lifetime has been extended to 10 years from 4 years. - -[RFC 9500]: https://www.rfc-editor.org/rfc/rfc9500.html - -https://github.com/ruby/net-http/commit/4ab6c4a500 ---- - test/net/fixtures/Makefile | 6 +-- - test/net/fixtures/cacert.pem | 44 ++++++++-------- - test/net/fixtures/server.crt | 99 +++++++----------------------------- - test/net/fixtures/server.key | 55 ++++++++++---------- - 4 files changed, 71 insertions(+), 133 deletions(-) - -diff --git a/test/net/fixtures/Makefile b/test/net/fixtures/Makefile -index b2bc9c7368ee2..88c232e3b6c16 100644 ---- a/test/net/fixtures/Makefile -+++ b/test/net/fixtures/Makefile -@@ -5,11 +5,11 @@ regen_certs: - make server.crt - - cacert.pem: server.key -- openssl req -new -x509 -days 1825 -key server.key -out cacert.pem -text -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org" -+ openssl req -new -x509 -days 3650 -key server.key -out cacert.pem -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org" - - server.csr: -- openssl req -new -key server.key -out server.csr -text -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost" -+ openssl req -new -key server.key -out server.csr -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost" - - server.crt: server.csr cacert.pem -- openssl x509 -days 1825 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -text -out server.crt -+ openssl x509 -days 3650 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -out server.crt - rm server.csr -diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem -index f623bd62ed375..24c83f1c65225 100644 ---- a/test/net/fixtures/cacert.pem -+++ b/test/net/fixtures/cacert.pem -@@ -1,24 +1,24 @@ - -----BEGIN CERTIFICATE----- --MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD --VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx --FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex --JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy --MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM --B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv --cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz --ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB --CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV --SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI --3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d --BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L --2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R --WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9 --I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw --DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA --of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q --aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS --2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee --uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s --K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+ --mA== -+MIID+zCCAuOgAwIBAgIUGMvHl3EhtKPKcgc3NQSAYfFuC+8wDQYJKoZIhvcNAQEL -+BQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRQwEgYDVQQHDAtN -+YXR6LWUgY2l0eTEXMBUGA1UECgwOUnVieSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1 -+YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJARYWc2VjdXJpdHlAcnVieS1sYW5nLm9y -+ZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEyMjkxMTQ3MjNaMIGMMQswCQYDVQQGEwJK -+UDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkxFzAVBgNV -+BAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0ExJTAjBgkq -+hkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqGSIb3DQEB -+AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI -++1GSqyi1bFBgsRjM0THllIdMbKmJtWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0f -+qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0 -+yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe -+NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1 -+JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjUzBRMB0GA1Ud -+DgQWBBSJGVleDvFp9cu9R+E0/OKYzGkwkTAfBgNVHSMEGDAWgBSJGVleDvFp9cu9 -+R+E0/OKYzGkwkTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBl -+8GLB8skAWlkSw/FwbUmEV3zyqu+p7PNP5YIYoZs0D74e7yVulGQ6PKMZH5hrZmHo -+orFSQU+VUUirG8nDGj7Rzce8WeWBxsaDGC8CE2dq6nC6LuUwtbdMnBrH0LRWAz48 -+jGFF3jHtVz8VsGfoZTZCjukWqNXvU6hETT9GsfU+PZqbqcTVRPH52+XgYayKdIbD -+r97RM4X3+aXBHcUW0b76eyyi65RR/Xtvn8ioZt2AdX7T2tZzJyXJN3Hupp77s6Ui -+AZR35SToHCZeTZD12YBvLBdaTPLZN7O/Q/aAO9ZiJaZ7SbFOjz813B2hxXab4Fob -+2uJX6eMWTVxYK5D4M9lm - -----END CERTIFICATE----- -diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt -index 5ca78a6d146a0..5d2923795dabc 100644 ---- a/test/net/fixtures/server.crt -+++ b/test/net/fixtures/server.crt -@@ -1,82 +1,21 @@ --Certificate: -- Data: -- Version: 3 (0x2) -- Serial Number: 2 (0x2) -- Signature Algorithm: sha256WithRSAEncryption -- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org -- Validity -- Not Before: Jan 2 03:27:13 2019 GMT -- Not After : Jan 1 03:27:13 2024 GMT -- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost -- Subject Public Key Info: -- Public Key Algorithm: rsaEncryption -- Public-Key: (2048 bit) -- Modulus: -- 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07: -- 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48: -- e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57: -- 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67: -- cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1: -- 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7: -- bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc: -- 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1: -- 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9: -- 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19: -- 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04: -- 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3: -- 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4: -- de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d: -- 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc: -- e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d: -- 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10: -- 4f:41 -- Exponent: 65537 (0x10001) -- X509v3 extensions: -- X509v3 Basic Constraints: -- CA:FALSE -- Netscape Comment: -- OpenSSL Generated Certificate -- X509v3 Subject Key Identifier: -- ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36 -- X509v3 Authority Key Identifier: -- keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53 -- -- Signature Algorithm: sha256WithRSAEncryption -- 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c: -- ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35: -- 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51: -- fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a: -- 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a: -- 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15: -- 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64: -- 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62: -- d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab: -- 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d: -- 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2: -- 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff: -- 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf: -- da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69: -- fd:be:bd:6e - -----BEGIN CERTIFICATE----- --MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx --EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK --DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI --hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX --DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx --FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ --BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB --AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ --zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj --VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ --wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r --sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d --dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC --AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o --wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N --+J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ --y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW --EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL --Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1 --oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j --28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u -+MIIDYTCCAkkCAQAwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD -+VQQIDAdTaGltYW5lMRQwEgYDVQQHDAtNYXR6LWUgY2l0eTEXMBUGA1UECgwOUnVi -+eSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ -+ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEy -+MjkxMTQ3MjNaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRcwFQYD -+VQQKDA5SdWJ5IENvcmUgVGVhbTESMBAGA1UECwwJUnVieSBUZXN0MRIwEAYDVQQD -+DAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+egZ -+Q6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI+1GSqyi1bFBgsRjM0THllIdMbKmJ -+tWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0fqXmG8UTz0VTWdlAXXmhUs6lSADvA -+aIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0yg+801SXzoFTTa+UGIRLE66jH51a -+a5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIeNWMF32wHqIOOPvQcWV3M5D2vxJEj -+702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1JNPc/n3dVUm+fM6NoDXPoLP7j55G -+9zKyqGtGAWXAj1MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACtGNdj5TEtnJBYp -+M+LhBeU3oNteldfycEm993gJp6ghWZFg23oX8fVmyEeJr/3Ca9bAgDqg0t9a0npN -+oWKEY6wVKqcHgu3gSvThF5c9KhGbeDDmlTSVVNQmXWX0K2d4lS2cwZHH8mCm2mrY -+PDqlEkSc7k4qSiqigdS8i80Yk+lDXWsm8CjsiC93qaRM7DnS0WPQR0c16S95oM6G -+VklFKUSDAuFjw9aVWA/nahOucjn0w5fVW6lyIlkBslC1ChlaDgJmvhz+Ol3iMsE0 -+kAmFNu2KKPVrpMWaBID49QwQTDyhetNLaVVFM88iUdA9JDoVMEuP1mm39JqyzHTu -+uBrdP4Q= - -----END CERTIFICATE----- -diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key -index 7f2380e71e637..6a83d5bcf4a52 100644 ---- a/test/net/fixtures/server.key -+++ b/test/net/fixtures/server.key -@@ -1,28 +1,27 @@ -------BEGIN PRIVATE KEY----- --MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN --XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU --Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC --6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE --cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ --n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u --/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ --DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho --LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX --QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej --hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ --1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt --liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd --U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc --pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC --A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1 --ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs --oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD --gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ --xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn --kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ --uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ --y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ --g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8 --wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7 --2whRF0FEjKA8ehrNhAq+VFfFNw== -------END PRIVATE KEY----- -+-----BEGIN RSA PRIVATE KEY----- -+MIIEowIBAAKCAQEAsPnoGUOnrpiSqt4XynxA+HRP7S+BSObI6qJ7fQAVSPtRkqso -+tWxQYLEYzNEx5ZSHTGypibVsJylvCfuToDTfMul8b/CZjP2Ob0LdpYrNH6l5hvFE -+89FU1nZQF15oVLOpUgA7wGiHuEVawrGfey92UE68mOyUVXGweJIVDdxqdMoPvNNU -+l86BU02vlBiESxOuox+dWmuVV7vfYZ79Toh/LUK43YvJh+rhv4nKuF7iHjVjBd9s -+B6iDjj70HFldzOQ9r8SRI+9NirupPTkF5AKNe6kUhKJ1luB7S27ZkvB3tSTT3P59 -+3VVJvnzOjaA1z6Cz+4+eRvcysqhrRgFlwI9TEwIDAQABAoIBAEEYiyDP29vCzx/+ -+dS3LqnI5BjUuJhXUnc6AWX/PCgVAO+8A+gZRgvct7PtZb0sM6P9ZcLrweomlGezI -+FrL0/6xQaa8bBr/ve/a8155OgcjFo6fZEw3Dz7ra5fbSiPmu4/b/kvrg+Br1l77J -+aun6uUAs1f5B9wW+vbR7tzbT/mxaUeDiBzKpe15GwcvbJtdIVMa2YErtRjc1/5B2 -+BGVXyvlJv0SIlcIEMsHgnAFOp1ZgQ08aDzvilLq8XVMOahAhP1O2A3X8hKdXPyrx -+IVWE9bS9ptTo+eF6eNl+d7htpKGEZHUxinoQpWEBTv+iOoHsVunkEJ3vjLP3lyI/ -+fY0NQ1ECgYEA3RBXAjgvIys2gfU3keImF8e/TprLge1I2vbWmV2j6rZCg5r/AS0u -+pii5CvJ5/T5vfJPNgPBy8B/yRDs+6PJO1GmnlhOkG9JAIPkv0RBZvR0PMBtbp6nT -+Y3yo1lwamBVBfY6rc0sLTzosZh2aGoLzrHNMQFMGaauORzBFpY5lU50CgYEAzPHl -+u5DI6Xgep1vr8QvCUuEesCOgJg8Yh1UqVoY/SmQh6MYAv1I9bLGwrb3WW/7kqIoD -+fj0aQV5buVZI2loMomtU9KY5SFIsPV+JuUpy7/+VE01ZQM5FdY8wiYCQiVZYju9X -+Wz5LxMNoz+gT7pwlLCsC4N+R8aoBk404aF1gum8CgYAJ7VTq7Zj4TFV7Soa/T1eE -+k9y8a+kdoYk3BASpCHJ29M5R2KEA7YV9wrBklHTz8VzSTFTbKHEQ5W5csAhoL5Fo -+qoHzFFi3Qx7MHESQb9qHyolHEMNx6QdsHUn7rlEnaTTyrXh3ifQtD6C0yTmFXUIS -+CW9wKApOrnyKJ9nI0HcuZQKBgQCMtoV6e9VGX4AEfpuHvAAnMYQFgeBiYTkBKltQ -+XwozhH63uMMomUmtSG87Sz1TmrXadjAhy8gsG6I0pWaN7QgBuFnzQ/HOkwTm+qKw -+AsrZt4zeXNwsH7QXHEJCFnCmqw9QzEoZTrNtHJHpNboBuVnYcoueZEJrP8OnUG3r -+UjmopwKBgAqB2KYYMUqAOvYcBnEfLDmyZv9BTVNHbR2lKkMYqv5LlvDaBxVfilE0 -+2riO4p6BaAdvzXjKeRrGNEKoHNBpOSfYCOM16NjL8hIZB1CaV3WbT5oY+jp7Mzd5 -+7d56RZOE+ERK2uz/7JX9VSsM/LbH9pJibd4e8mikDS9ntciqOH/3 -+-----END RSA PRIVATE KEY----- diff --git a/ruby.spec b/ruby.spec index 69a9fb8..1ed64c1 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 3 %global minor_version 1 -%global teeny_version 4 +%global teeny_version 5 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -22,7 +22,7 @@ %endif -%global release 143 +%global release 144 %{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -30,13 +30,13 @@ %global rubygems_dir %{_datadir}/rubygems # Bundled libraries versions -%global rubygems_version 3.3.26 +%global rubygems_version 3.3.27 %global rubygems_molinillo_version 0.7.0 %global rubygems_optparse_version 0.2.0 %global rubygems_tsort_version 0.1.0 # Default gems. -%global bundler_version 2.3.26 +%global bundler_version 2.3.27 %global bundler_connection_pool_version 2.3.0 %global bundler_fileutils_version 1.4.1 %global bundler_molinillo_version 0.8.0 @@ -45,7 +45,7 @@ %global bundler_tmpdir_version 0.1.0 # TODO: Check the version if/when available in library. %global bundler_tsort_version 0.1.1 -%global bundler_uri_version 0.10.3 +%global bundler_uri_version 0.10.1 %global bigdecimal_version 3.1.1 %global did_you_mean_version 1.6.1 @@ -56,8 +56,8 @@ %global openssl_version 3.0.1 %global psych_version 4.0.4 %global racc_version 1.6.0 -%global rdoc_version 6.4.0 -%global stringio_version 3.0.1 +%global rdoc_version 6.4.1.1 +%global stringio_version 3.0.1.2 # Bundled gems. %global minitest_version 5.15.0 @@ -66,10 +66,10 @@ %global test_unit_version 3.5.3 %global rexml_version 3.2.5 %global rss_version 0.2.9 -%global net_ftp_version 0.1.3 -%global net_imap_version 0.2.3 +%global net_ftp_version 0.1.4 +%global net_imap_version 0.2.4 %global net_pop_version 0.1.1 -%global net_smtp_version 0.3.1 +%global net_smtp_version 0.3.1.1 %global matrix_version 0.4.2 %global prime_version 0.1.2 %global rbs_version 2.7.0 @@ -175,15 +175,15 @@ Patch23: ruby-3.1.2-ossl-tests-replace-sha1.patch # https://github.com/ruby/ruby/pull/5934 Patch24: ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch # To regenerate the patch you need to have ruby, autoconf, xz, tar and make installed: -# tar -Jxvf ./ruby-3.1.4.tar.xz +# tar -Jxvf ./ruby-3.1.5.tar.xz # git clone https://github.com/ruby/ruby.git -# cd ruby && git checkout v3_1_4 +# cd ruby && git checkout v3_1_5 # patch -p1 < ../ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch # ./autogen.sh && ./configure # make gc.rbinc miniprelude.c # cd .. -# diff -u {ruby-3.1.4,ruby}/gc.rbinc > ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch -# diff -u {ruby-3.1.4,ruby}/miniprelude.c >> ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch +# diff -u {ruby-3.1.5,ruby}/gc.rbinc > ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch +# diff -u {ruby-3.1.5,ruby}/miniprelude.c >> ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch Patch25: ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch # Define the GC compaction support macro at run time. # https://bugs.ruby-lang.org/issues/18829 @@ -220,30 +220,6 @@ Patch35: ruby-irb-1.4.1-set-rdoc-soft-dep.patch # https://github.com/ruby/ruby/commit/bffadcd6d46ccfccade79ce0efb60ced8eac4483 # https://bugs.ruby-lang.org/issues/19529#note-7 Patch36: ruby-3.1.4-Skip-test_compaction_bug_19529-if-compaction-unsupported.patch -# Bundler does not correctly resolve archful gems in 2.3.26. -# Example of such an issue -# https://github.com/sclorg/s2i-ruby-container/issues/469 -# The patch is an amalgamation of the following: -# https://github.com/rubygems/rubygems/pull/6225 -# https://github.com/rubygems/rubygems/commit/7b64c64262a7a980c0eb23b96ea56cf72ea06e89 -# Backport requested in -# https://bugs.ruby-lang.org/issues/19576 -Patch37: rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch -Patch38: rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch -# Continuation of the bundler fix for s2i-ruby-container #469 issue. -# Additionally to already described problem, when bundler is run with -# --deployment it again resolves to the incorrect gem from Rubygems repository. -# Fix and test from: -# https://github.com/rubygems/rubygems/pull/6261 -# https://bugs.ruby-lang.org/issues/19576#note-4 -Patch39: rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch -Patch40: rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch -# Renew expired test certificates. -# https://github.com/ruby/net-http/pull/169 -Patch41: ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch -# Update URI to 0.12.2 and Bundler::URI to 0.10.3 to mitigate CVE-2023-36617. -# https://github.com/ruby/ruby/pull/7996 -Patch42: ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -712,15 +688,6 @@ rm -rf ext/fiddle/libffi* %patch34 -p1 %patch35 -p1 %patch36 -p1 -%patch37 -p2 -%patch39 -p2 -%patch41 -p1 -%patch42 -p1 - -pushd spec/bundler -%patch38 -p3 -%patch40 -p3 -popd # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1318,7 +1285,7 @@ make runruby TESTRUN_SCRIPT=" \ %{gem_dir}/specifications/default/ipaddr-1.2.4.gemspec %{gem_dir}/specifications/default/logger-1.5.0.gemspec %{gem_dir}/specifications/default/mutex_m-0.1.1.gemspec -%{gem_dir}/specifications/default/net-http-0.3.0.gemspec +%{gem_dir}/specifications/default/net-http-0.3.0.1.gemspec %{gem_dir}/specifications/default/net-protocol-0.1.2.gemspec %{gem_dir}/specifications/default/nkf-0.1.1.gemspec %{gem_dir}/specifications/default/observer-0.1.1.gemspec @@ -1592,6 +1559,16 @@ make runruby TESTRUN_SCRIPT=" \ %changelog +* Tue Apr 30 2024 Jun Aruga - 3.1.5-144 +- Upgrade to Ruby 3.1.5. + Resolves: RHEL-33978 +- Fix buffer overread vulnerability in StringIO. + Resolves: RHEL-34129 +- Fix RCE vulnerability with .rdoc_options in RDoc. + Resolves: RHEL-34121 +- Fix arbitrary memory address read vulnerability with Regex search. + Resolves: RHEL-33871 + * Thu Mar 14 2024 Jarek Prokop - 3.1.4-143 - Upgrade to Ruby 3.1.4. Resolves: RHEL-5586 diff --git a/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch b/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch deleted file mode 100644 index e082682..0000000 --- a/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch +++ /dev/null @@ -1,72 +0,0 @@ -diff --git a/bundler/spec/install/gemfile/specific_platform_spec.rb b/bundler/spec/install/gemfile/specific_platform_spec.rb -index a29446305..e35d8bc16 100644 ---- a/bundler/spec/install/gemfile/specific_platform_spec.rb -+++ b/bundler/spec/install/gemfile/specific_platform_spec.rb -@@ -104,40 +104,53 @@ - L - end - -- it "still installs the generic RUBY variant if necessary even when running on a legacy lockfile locked only to RUBY" do -- build_repo4 do -- build_gem "nokogiri", "1.3.10" -- build_gem "nokogiri", "1.3.10" do |s| -- s.platform = "arm64-darwin" -- s.required_ruby_version = "< #{Gem.ruby_version}" -+ context "when running on a legacy lockfile locked only to RUBY" do -+ around do |example| -+ build_repo4 do -+ build_gem "nokogiri", "1.3.10" -+ build_gem "nokogiri", "1.3.10" do |s| -+ s.platform = "arm64-darwin" -+ s.required_ruby_version = "< #{Gem.ruby_version}" -+ end -+ -+ build_gem "bundler", "2.1.4" - end - -- build_gem "bundler", "2.1.4" -- end -- -- gemfile <<~G -+ gemfile <<~G - source "#{file_uri_for(gem_repo4)}" -+ - gem "nokogiri" -- G -+ G - -- lockfile <<-L -+ lockfile <<-L - GEM - remote: #{file_uri_for(gem_repo4)}/ - specs: - nokogiri (1.3.10) -+ - PLATFORMS - ruby -+ - DEPENDENCIES - nokogiri -+ - RUBY VERSION - 2.5.3p105 -+ - BUNDLED WITH - 2.1.4 -- L -+ L - -- simulate_platform "arm64-darwin-22" do -+ simulate_platform "arm64-darwin-22", &example -+ end -+ -+ it "still installs the generic RUBY variant if necessary" do - bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s } - end -+ -+ it "still installs the generic RUBY variant if necessary, even in frozen mode" do -+ bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s, "BUNDLE_FROZEN" => "true" } -+ end - end - - it "doesn't discard previously installed platform specific gem and fall back to ruby on subsequent bundles" do diff --git a/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch b/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch deleted file mode 100644 index 7617e02..0000000 --- a/rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 891246c3865ed0af7e277ca50c079f466d035f7c Mon Sep 17 00:00:00 2001 -From: Jarek Prokop -Date: Thu, 1 Jun 2023 13:22:24 +0200 -Subject: [PATCH] Backport "Fix another issue of Bundler not falling back to an - installable candidate" - -In this case, when materializing a legacy lockfile using only "ruby" -platform, and in frozen mode. - -===== - -Commit adapted from: https://github.com/rubygems/rubygems/pull/6261 ---- - bundler/lib/bundler/lazy_specification.rb | 11 +++-- - .../install/gemfile/specific_platform_spec.rb | 41 ++++++++++++------- - 2 files changed, 35 insertions(+), 17 deletions(-) - -diff --git a/bundler/lib/bundler/lazy_specification.rb b/bundler/lib/bundler/lazy_specification.rb -index e8bee25ab..a65020e6c 100644 ---- a/bundler/lib/bundler/lazy_specification.rb -+++ b/bundler/lib/bundler/lazy_specification.rb -@@ -85,7 +85,7 @@ def materialize_for_installation - - installable_candidates = GemHelpers.select_best_platform_match(matching_specs, target_platform) - -- specification = __materialize__(installable_candidates) -+ specification = __materialize__(installable_candidates, :fallback_to_non_installable => false) - return specification unless specification.nil? - - if target_platform != platform -@@ -98,13 +98,18 @@ def materialize_for_installation - __materialize__(candidates) - end - -- def __materialize__(candidates) -+ # If in frozen mode, we fallback to a non-installable candidate because by -+ # doing this we avoid re-resolving and potentially end up changing the -+ # lock file, which is not allowed. In that case, we will give a proper error -+ # about the mismatch higher up the stack, right before trying to install the -+ # bad gem. -+ def __materialize__(candidates, fallback_to_non_installable: Bundler.frozen_bundle?) - search = candidates.reverse.find do |spec| - spec.is_a?(StubSpecification) || - (spec.matches_current_ruby? && - spec.matches_current_rubygems?) - end -- if search.nil? && Bundler.frozen_bundle? -+ if search.nil? && fallback_to_non_installable - search = candidates.last - else - search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification)) --- -2.41.0.rc1 - diff --git a/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch b/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch deleted file mode 100644 index 157a5be..0000000 --- a/rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch +++ /dev/null @@ -1,144 +0,0 @@ -From 0985592ad2d815ac461100807f5b2621e5f49b21 Mon Sep 17 00:00:00 2001 -From: Jarek Prokop -Date: Fri, 31 Mar 2023 11:54:07 +0200 -Subject: [PATCH 1/2] Provide fix for bundler Gemfile resolving regression. - -Instead of resolving to correct Ruby platform, it preferred the -archful package, that is actually incompatible. - -See https://github.com/sclorg/s2i-ruby-container/issues/469 -for an example of the bug. - -Commit taken from: - -and adapted: - -for the PR#6225. ---- - bundler/lib/bundler/index.rb | 5 ++ - bundler/lib/bundler/lazy_specification.rb | 64 ++++++++++------------- - 2 files changed, 34 insertions(+), 35 deletions(-) - -diff --git a/bundler/lib/bundler/index.rb b/bundler/lib/bundler/index.rb -index ed16c90a3..903e220d5 100644 ---- a/bundler/lib/bundler/index.rb -+++ b/bundler/lib/bundler/index.rb -@@ -71,6 +71,7 @@ def local_search(query) - when Gem::Specification, RemoteSpecification, LazySpecification, EndpointSpecification then search_by_spec(query) - when String then specs_by_name(query) - when Gem::Dependency then search_by_dependency(query) -+ when Array then search_by_name_and_version(*query) - else - raise "You can't search for a #{query.inspect}." - end -@@ -173,6 +174,10 @@ def search_by_dependency(dependency) - end - end - -+ def search_by_name_and_version(name, version) -+ specs_by_name(name).select { |spec| spec.version == version } -+ end -+ - EMPTY_SEARCH = [].freeze - - def search_by_spec(spec) -diff --git a/bundler/lib/bundler/lazy_specification.rb b/bundler/lib/bundler/lazy_specification.rb -index 949e8264b..e8bee25ab 100644 ---- a/bundler/lib/bundler/lazy_specification.rb -+++ b/bundler/lib/bundler/lazy_specification.rb -@@ -13,7 +13,6 @@ def initialize(name, version, platform, source = nil) - @dependencies = [] - @platform = platform || Gem::Platform::RUBY - @source = source -- @specification = nil - end - - def full_name -@@ -76,37 +75,41 @@ def to_lock - def materialize_for_installation - source.local! - -- candidates = if source.is_a?(Source::Path) || !ruby_platform_materializes_to_ruby_platform? -- target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform -+ matching_specs = source.specs.search(use_exact_resolved_specifications? ? self : [name, version]) -+ return self if matching_specs.empty? - -- GemHelpers.select_best_platform_match(source.specs.search(Dependency.new(name, version)), target_platform) -- else -- source.specs.search(self) -- end -+ candidates = if use_exact_resolved_specifications? -+ matching_specs -+ else -+ target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform -+ -+ installable_candidates = GemHelpers.select_best_platform_match(matching_specs, target_platform) -+ -+ specification = __materialize__(installable_candidates) -+ return specification unless specification.nil? - -- return self if candidates.empty? -+ if target_platform != platform -+ installable_candidates = GemHelpers.select_best_platform_match(matching_specs, platform) -+ end -+ -+ installable_candidates -+ end - - __materialize__(candidates) - end - - def __materialize__(candidates) -- @specification = begin -- search = candidates.reverse.find do |spec| -- spec.is_a?(StubSpecification) || -- (spec.matches_current_ruby? && -- spec.matches_current_rubygems?) -- end -- if search.nil? && Bundler.frozen_bundle? -- search = candidates.last -- else -- search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification)) -- end -- search -+ search = candidates.reverse.find do |spec| -+ spec.is_a?(StubSpecification) || -+ (spec.matches_current_ruby? && -+ spec.matches_current_rubygems?) - end -- end -- -- def respond_to?(*args) -- super || @specification ? @specification.respond_to?(*args) : nil -+ if search.nil? && Bundler.frozen_bundle? -+ search = candidates.last -+ else -+ search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification)) -+ end -+ search - end - - def to_s -@@ -127,17 +130,8 @@ def git_version - end - - private -- -- def to_ary -- nil -- end -- -- def method_missing(method, *args, &blk) -- raise "LazySpecification has not been materialized yet (calling :#{method} #{args.inspect})" unless @specification -- -- return super unless respond_to?(method) -- -- @specification.send(method, *args, &blk) -+ def use_exact_resolved_specifications? -+ @use_exact_resolved_specifications ||= !source.is_a?(Source::Path) && ruby_platform_materializes_to_ruby_platform? - end - - # --- -2.40.0 - diff --git a/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch b/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch deleted file mode 100644 index 33f29d4..0000000 --- a/rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch +++ /dev/null @@ -1,60 +0,0 @@ -From cb3d287a91e9b6762e47635137d6024fe39e117d Mon Sep 17 00:00:00 2001 -From: Jarek Prokop -Date: Fri, 31 Mar 2023 12:06:21 +0200 -Subject: [PATCH] Tests from bundler's PR#6225. - -See . ---- - .../install/gemfile/specific_platform_spec.rb | 36 +++++++++++++++++++ - 1 file changed, 36 insertions(+) - -diff --git a/bundler/spec/install/gemfile/specific_platform_spec.rb b/bundler/spec/install/gemfile/specific_platform_spec.rb -index 98efec396..a29446305 100644 ---- a/bundler/spec/install/gemfile/specific_platform_spec.rb -+++ b/bundler/spec/install/gemfile/specific_platform_spec.rb -@@ -104,6 +104,42 @@ - L - end - -+ it "still installs the generic RUBY variant if necessary even when running on a legacy lockfile locked only to RUBY" do -+ build_repo4 do -+ build_gem "nokogiri", "1.3.10" -+ build_gem "nokogiri", "1.3.10" do |s| -+ s.platform = "arm64-darwin" -+ s.required_ruby_version = "< #{Gem.ruby_version}" -+ end -+ -+ build_gem "bundler", "2.1.4" -+ end -+ -+ gemfile <<~G -+ source "#{file_uri_for(gem_repo4)}" -+ gem "nokogiri" -+ G -+ -+ lockfile <<-L -+ GEM -+ remote: #{file_uri_for(gem_repo4)}/ -+ specs: -+ nokogiri (1.3.10) -+ PLATFORMS -+ ruby -+ DEPENDENCIES -+ nokogiri -+ RUBY VERSION -+ 2.5.3p105 -+ BUNDLED WITH -+ 2.1.4 -+ L -+ -+ simulate_platform "arm64-darwin-22" do -+ bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s } -+ end -+ end -+ - it "doesn't discard previously installed platform specific gem and fall back to ruby on subsequent bundles" do - build_repo2 do - build_gem("libv8", "8.4.255.0") --- -2.40.0 - diff --git a/sources b/sources index b2e2ad7..f406e3c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633 +SHA512 (ruby-3.1.5.tar.xz) = a9883f4d074825bb1f54ef3429a9a71341274bd2de1aa8ea32bce19b6b9c1bac5e5dc4c34a92b8e7caa73ba71d7ed7c546a6fec6f1fd3d8986974dce214f6d49