Upgrade to Ruby 2.7.8.
- Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDoS vulnerability in URI. Resolves: CVE-2023-28755 - Fix ReDoS vulnerability in Time. Resolves: CVE-2023-28756 Resolves: rhbz#2149262
This commit is contained in:
Jarek Prokop
parent
5657cec13b
commit
e46f255532
|
|
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
|
|||
index d261ea57b5..3c13076b82 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3121,6 +3121,11 @@ AS_IF([test ${multiarch+set}], [
|
||||
@@ -3140,6 +3140,11 @@ AS_IF([test ${multiarch+set}], [
|
||||
])
|
||||
|
||||
archlibdir='${libdir}/${arch}'
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
|
|||
index c42436c23d..d261ea57b5 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3759,7 +3759,8 @@ AS_CASE(["$ruby_version_dir_name"],
|
||||
@@ -3778,7 +3778,8 @@ AS_CASE(["$ruby_version_dir_name"],
|
||||
ruby_version_dir=/'${ruby_version_dir_name}'
|
||||
|
||||
if test -z "${ruby_version_dir_name}"; then
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
|
|||
index 3c13076b82..93af30321d 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3823,6 +3823,8 @@ AC_SUBST(vendorarchdir)dnl
|
||||
@@ -3842,6 +3842,8 @@ AC_SUBST(vendorarchdir)dnl
|
||||
AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
|
||||
AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
|
|||
index 93af30321d..bc13397e0e 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3795,6 +3795,10 @@ AC_ARG_WITH(vendorarchdir,
|
||||
@@ -3814,6 +3814,10 @@ AC_ARG_WITH(vendorarchdir,
|
||||
[vendorarchdir=$withval],
|
||||
[vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
|
||||
|
||||
|
|
@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644
|
|||
AS_IF([test "${LOAD_RELATIVE+set}"], [
|
||||
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
|
||||
RUBY_EXEC_PREFIX=''
|
||||
@@ -3819,6 +3823,7 @@ AC_SUBST(sitearchdir)dnl
|
||||
@@ -3838,6 +3842,7 @@ AC_SUBST(sitearchdir)dnl
|
||||
AC_SUBST(vendordir)dnl
|
||||
AC_SUBST(vendorlibdir)dnl
|
||||
AC_SUBST(vendorarchdir)dnl
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
|
|||
index 80b137e380..63cd3b4f8b 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -3710,9 +3710,6 @@ AS_CASE(["$target_os"],
|
||||
@@ -3729,9 +3729,6 @@ AS_CASE(["$target_os"],
|
||||
rubyw_install_name='$(RUBYW_INSTALL_NAME)'
|
||||
])
|
||||
|
||||
|
|
@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644
|
|||
rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
|
||||
AC_ARG_WITH(rubyarchprefix,
|
||||
AS_HELP_STRING([--with-rubyarchprefix=DIR],
|
||||
@@ -3735,56 +3732,62 @@ AC_ARG_WITH(ridir,
|
||||
@@ -3754,56 +3751,62 @@ AC_ARG_WITH(ridir,
|
||||
AC_SUBST(ridir)
|
||||
AC_SUBST(RI_BASE_NAME)
|
||||
|
||||
|
|
@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644
|
|||
|
||||
AS_IF([test "${LOAD_RELATIVE+set}"], [
|
||||
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
|
||||
@@ -3801,6 +3804,7 @@ AC_SUBST(sitearchincludedir)dnl
|
||||
@@ -3820,6 +3823,7 @@ AC_SUBST(sitearchincludedir)dnl
|
||||
AC_SUBST(arch)dnl
|
||||
AC_SUBST(sitearch)dnl
|
||||
AC_SUBST(ruby_version)dnl
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ diff --git a/ruby.c b/ruby.c
|
|||
index 60c57d6259..1eec16f2c8 100644
|
||||
--- a/ruby.c
|
||||
+++ b/ruby.c
|
||||
@@ -1451,10 +1451,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
|
||||
@@ -1463,10 +1463,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
|
||||
|
||||
void Init_builtin_features(void);
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,6 @@ index 7c17cd54..f721f247 100644
|
|||
spec.required_ruby_version = ">= 2.3.0"
|
||||
|
||||
- spec.add_runtime_dependency "ipaddr"
|
||||
spec.add_development_dependency "rake"
|
||||
spec.add_development_dependency "rake", ">= 11.2.0"
|
||||
spec.add_development_dependency "rake-compiler"
|
||||
spec.add_development_dependency "test-unit", "~> 3.0"
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb
|
|||
index f38f903..a6e2019 100644
|
||||
--- a/test/fiddle/helper.rb
|
||||
+++ b/test/fiddle/helper.rb
|
||||
@@ -20,8 +20,8 @@
|
||||
@@ -36,8 +36,8 @@
|
||||
# 64-bit ruby
|
||||
libdir = '/lib64' if File.directory? '/lib64'
|
||||
end
|
||||
|
|
|
|||
20
ruby.spec
20
ruby.spec
|
|
@ -1,6 +1,6 @@
|
|||
%global major_version 2
|
||||
%global minor_version 7
|
||||
%global teeny_version 6
|
||||
%global teeny_version 8
|
||||
%global major_minor_version %{major_version}.%{minor_version}
|
||||
|
||||
%global ruby_version %{major_minor_version}.%{teeny_version}
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
%endif
|
||||
|
||||
|
||||
%global release 138
|
||||
%global release 139
|
||||
%{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||
|
||||
# The RubyGems library has to stay out of Ruby directory tree, since the
|
||||
|
|
@ -49,7 +49,7 @@
|
|||
%global irb_version 1.2.6
|
||||
%global json_version 2.3.0
|
||||
%global net_telnet_version 0.2.0
|
||||
%global openssl_version 2.1.3
|
||||
%global openssl_version 2.1.4
|
||||
%global psych_version 3.1.0
|
||||
%global racc_version 1.4.16
|
||||
%global rdoc_version 6.2.1.1
|
||||
|
|
@ -1146,7 +1146,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to
|
|||
|
||||
%files default-gems
|
||||
%{gem_dir}/specifications/default/benchmark-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/cgi-0.1.0.1.gemspec
|
||||
%{gem_dir}/specifications/default/cgi-0.1.0.2.gemspec
|
||||
%{gem_dir}/specifications/default/csv-3.1.2.gemspec
|
||||
%{gem_dir}/specifications/default/date-3.0.3.gemspec
|
||||
%{gem_dir}/specifications/default/dbm-1.1.0.gemspec
|
||||
|
|
@ -1182,7 +1182,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to
|
|||
%{gem_dir}/specifications/default/strscan-1.0.3.gemspec
|
||||
%{gem_dir}/specifications/default/timeout-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/tracer-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/uri-0.10.0.gemspec
|
||||
%{gem_dir}/specifications/default/uri-0.10.0.2.gemspec
|
||||
%{gem_dir}/specifications/default/webrick-1.6.1.gemspec
|
||||
%{gem_dir}/specifications/default/yaml-0.1.0.gemspec
|
||||
%{gem_dir}/specifications/default/zlib-1.1.0.gemspec
|
||||
|
|
@ -1298,6 +1298,16 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to
|
|||
|
||||
|
||||
%changelog
|
||||
* Tue Apr 25 2023 Jarek Prokop <jprokop@redhat.com> - 2.7.8-139
|
||||
- Upgrade to Ruby 2.7.8.
|
||||
Resolves: rhbz#2149262
|
||||
- Fix HTTP response splitting in CGI.
|
||||
Resolves: CVE-2021-33621
|
||||
- Fix ReDoS vulnerability in URI.
|
||||
Resolves: CVE-2023-28755
|
||||
- Fix ReDoS vulnerability in Time.
|
||||
Resolves: CVE-2023-28756
|
||||
|
||||
* Tue Jul 19 2022 Jarek Prokop <jprokop@redhat.com> - 2.7.6-138
|
||||
- Upgrade to Ruby 2.7.6.
|
||||
Resolves: rhbz#2109424
|
||||
|
|
|
|||
2
sources
2
sources
|
|
@ -1,2 +1,2 @@
|
|||
SHA512 (ruby-2.7.6.tar.xz) = e86410b59d5917786fe43b00fd75dedd0e7f84611286b9274c542d2e562088fcee6bcc6c2596c30ccf793280d2bac6bfbb2619ef0513b3ca31f10f88684c7b1f
|
||||
SHA512 (ruby-2.7.8.tar.xz) = 4b49dff3e1c2e79d914e10418e4c03026f5d4c137dc337f5c720fe26cb9fcdcf4afc6b7c967356cf5fbe04cc5ef431174c48a035becf3e2322c2c45d3c9b2f59
|
||||
SHA512 (ruby-rubygems-bundler-v2.2.24.txz) = 5db5fd09ce62342677bcdff397b295e44a680006fca2149fa36e634d3073b6f1d36429ff016127075d272f967f4de355edfa37d4fbcdd4f4d55f485a13d177c9
|
||||
|
|
|
|||
Loading…
Reference in New Issue