diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 77b20ef..adff2e7 100644 --- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3121,6 +3121,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3140,6 +3140,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index a79aa25..df5b642 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -3759,7 +3759,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -3778,7 +3778,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index a5a4011..7010897 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -3823,6 +3823,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -3842,6 +3842,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index ddfe9a5..f7c4c13 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -3795,6 +3795,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -3814,6 +3814,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -3819,6 +3823,7 @@ AC_SUBST(sitearchdir)dnl +@@ -3838,6 +3842,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index a5865ce..7ea4b76 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -3710,9 +3710,6 @@ AS_CASE(["$target_os"], +@@ -3729,9 +3729,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -3735,56 +3732,62 @@ AC_ARG_WITH(ridir, +@@ -3754,56 +3751,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -3801,6 +3804,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -3820,6 +3823,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/ruby-2.7.0-Initialize-ABRT-hook.patch b/ruby-2.7.0-Initialize-ABRT-hook.patch index 5dd2654..97bcbac 100644 --- a/ruby-2.7.0-Initialize-ABRT-hook.patch +++ b/ruby-2.7.0-Initialize-ABRT-hook.patch @@ -57,7 +57,7 @@ diff --git a/ruby.c b/ruby.c index 60c57d6259..1eec16f2c8 100644 --- a/ruby.c +++ b/ruby.c -@@ -1451,10 +1451,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) +@@ -1463,10 +1463,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt) void Init_builtin_features(void); diff --git a/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch b/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch index ddd70e6..83751aa 100644 --- a/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch +++ b/ruby-2.8.0-remove-unneeded-gem-require-for-ipaddr.patch @@ -17,6 +17,6 @@ index 7c17cd54..f721f247 100644 spec.required_ruby_version = ">= 2.3.0" - spec.add_runtime_dependency "ipaddr" - spec.add_development_dependency "rake" + spec.add_development_dependency "rake", ">= 11.2.0" spec.add_development_dependency "rake-compiler" spec.add_development_dependency "test-unit", "~> 3.0" diff --git a/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch b/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch index 3fa0747..0594670 100644 --- a/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch +++ b/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch @@ -12,7 +12,7 @@ diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb index f38f903..a6e2019 100644 --- a/test/fiddle/helper.rb +++ b/test/fiddle/helper.rb -@@ -20,8 +20,8 @@ +@@ -36,8 +36,8 @@ # 64-bit ruby libdir = '/lib64' if File.directory? '/lib64' end diff --git a/ruby.spec b/ruby.spec index 509673d..93baa8b 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 2 %global minor_version 7 -%global teeny_version 6 +%global teeny_version 8 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -22,7 +22,7 @@ %endif -%global release 138 +%global release 139 %{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -49,7 +49,7 @@ %global irb_version 1.2.6 %global json_version 2.3.0 %global net_telnet_version 0.2.0 -%global openssl_version 2.1.3 +%global openssl_version 2.1.4 %global psych_version 3.1.0 %global racc_version 1.4.16 %global rdoc_version 6.2.1.1 @@ -1146,7 +1146,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %files default-gems %{gem_dir}/specifications/default/benchmark-0.1.0.gemspec -%{gem_dir}/specifications/default/cgi-0.1.0.1.gemspec +%{gem_dir}/specifications/default/cgi-0.1.0.2.gemspec %{gem_dir}/specifications/default/csv-3.1.2.gemspec %{gem_dir}/specifications/default/date-3.0.3.gemspec %{gem_dir}/specifications/default/dbm-1.1.0.gemspec @@ -1182,7 +1182,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %{gem_dir}/specifications/default/strscan-1.0.3.gemspec %{gem_dir}/specifications/default/timeout-0.1.0.gemspec %{gem_dir}/specifications/default/tracer-0.1.0.gemspec -%{gem_dir}/specifications/default/uri-0.10.0.gemspec +%{gem_dir}/specifications/default/uri-0.10.0.2.gemspec %{gem_dir}/specifications/default/webrick-1.6.1.gemspec %{gem_dir}/specifications/default/yaml-0.1.0.gemspec %{gem_dir}/specifications/default/zlib-1.1.0.gemspec @@ -1298,6 +1298,16 @@ MSPECOPTS="$MSPECOPTS -P 'File.utime allows Time instances in the far future to %changelog +* Tue Apr 25 2023 Jarek Prokop - 2.7.8-139 +- Upgrade to Ruby 2.7.8. + Resolves: rhbz#2149262 +- Fix HTTP response splitting in CGI. + Resolves: CVE-2021-33621 +- Fix ReDoS vulnerability in URI. + Resolves: CVE-2023-28755 +- Fix ReDoS vulnerability in Time. + Resolves: CVE-2023-28756 + * Tue Jul 19 2022 Jarek Prokop - 2.7.6-138 - Upgrade to Ruby 2.7.6. Resolves: rhbz#2109424 diff --git a/sources b/sources index e0f3f48..79c8c1b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (ruby-2.7.6.tar.xz) = e86410b59d5917786fe43b00fd75dedd0e7f84611286b9274c542d2e562088fcee6bcc6c2596c30ccf793280d2bac6bfbb2619ef0513b3ca31f10f88684c7b1f +SHA512 (ruby-2.7.8.tar.xz) = 4b49dff3e1c2e79d914e10418e4c03026f5d4c137dc337f5c720fe26cb9fcdcf4afc6b7c967356cf5fbe04cc5ef431174c48a035becf3e2322c2c45d3c9b2f59 SHA512 (ruby-rubygems-bundler-v2.2.24.txz) = 5db5fd09ce62342677bcdff397b295e44a680006fca2149fa36e634d3073b6f1d36429ff016127075d272f967f4de355edfa37d4fbcdd4f4d55f485a13d177c9