Update to Ruby 2.0.0-p353.
- Allow MD5 in OpenSSL for tests. - Fix heap overflow in floating point parsing (CVE-2013-4164).
This commit is contained in:
parent
3a0654b687
commit
eac4c415ba
1
.gitignore
vendored
1
.gitignore
vendored
@ -20,3 +20,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz
|
||||
/ruby-2.0.0-p0.tar.gz
|
||||
/ruby-2.0.0-p195.tar.bz2
|
||||
/ruby-2.0.0-p247.tar.bz2
|
||||
/ruby-2.0.0-p353.tar.bz2
|
||||
|
@ -1,85 +0,0 @@
|
||||
From 5617aafa2d44d0a4bc811830e225463abd01b2b2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
||||
Date: Tue, 21 May 2013 10:01:33 +0200
|
||||
Subject: [PATCH] Fix build against OpenSSL with enabled ECC curves.
|
||||
|
||||
---
|
||||
ext/openssl/ossl_pkey_ec.c | 4 ++++
|
||||
test/openssl/test_pkey_ec.rb | 26 +++++++++++++-------------
|
||||
2 files changed, 17 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
|
||||
index 8e6d88f..29e28ca 100644
|
||||
--- a/ext/openssl/ossl_pkey_ec.c
|
||||
+++ b/ext/openssl/ossl_pkey_ec.c
|
||||
@@ -762,8 +762,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
|
||||
method = EC_GFp_mont_method();
|
||||
} else if (id == s_GFp_nist) {
|
||||
method = EC_GFp_nist_method();
|
||||
+#if !defined(OPENSSL_NO_EC2M)
|
||||
} else if (id == s_GF2m_simple) {
|
||||
method = EC_GF2m_simple_method();
|
||||
+#endif
|
||||
}
|
||||
|
||||
if (method) {
|
||||
@@ -817,8 +819,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
|
||||
|
||||
if (id == s_GFp) {
|
||||
new_curve = EC_GROUP_new_curve_GFp;
|
||||
+#if !defined(OPENSSL_NO_EC2M)
|
||||
} else if (id == s_GF2m) {
|
||||
new_curve = EC_GROUP_new_curve_GF2m;
|
||||
+#endif
|
||||
} else {
|
||||
ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
|
||||
}
|
||||
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
|
||||
index f151335..56f3ff7 100644
|
||||
--- a/test/openssl/test_pkey_ec.rb
|
||||
+++ b/test/openssl/test_pkey_ec.rb
|
||||
@@ -7,28 +7,28 @@ class OpenSSL::TestEC < Test::Unit::TestCase
|
||||
@data1 = 'foo'
|
||||
@data2 = 'bar' * 1000 # data too long for DSA sig
|
||||
|
||||
- @group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
|
||||
- @group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
|
||||
- @group3 = OpenSSL::PKey::EC::Group.new('prime256v1')
|
||||
+ @groups = []
|
||||
+ @keys = []
|
||||
|
||||
- @key1 = OpenSSL::PKey::EC.new
|
||||
- @key1.group = @group1
|
||||
- @key1.generate_key
|
||||
+ OpenSSL::PKey::EC.builtin_curves.each do |curve, comment|
|
||||
+ group = OpenSSL::PKey::EC::Group.new(curve)
|
||||
|
||||
- @key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
|
||||
- @key2.generate_key
|
||||
+ key = OpenSSL::PKey::EC.new(group)
|
||||
+ key.generate_key
|
||||
|
||||
- @key3 = OpenSSL::PKey::EC.new(@group3)
|
||||
- @key3.generate_key
|
||||
-
|
||||
- @groups = [@group1, @group2, @group3]
|
||||
- @keys = [@key1, @key2, @key3]
|
||||
+ @groups << group
|
||||
+ @keys << key
|
||||
+ end
|
||||
end
|
||||
|
||||
def compare_keys(k1, k2)
|
||||
assert_equal(k1.to_pem, k2.to_pem)
|
||||
end
|
||||
|
||||
+ def test_builtin_curves
|
||||
+ assert(!OpenSSL::PKey::EC.builtin_curves.empty?)
|
||||
+ end
|
||||
+
|
||||
def test_curve_names
|
||||
@groups.each_with_index do |group, idx|
|
||||
key = @keys[idx]
|
||||
--
|
||||
1.8.2.1
|
||||
|
19
ruby.spec
19
ruby.spec
@ -1,7 +1,7 @@
|
||||
%global major_version 2
|
||||
%global minor_version 0
|
||||
%global teeny_version 0
|
||||
%global patch_level 247
|
||||
%global patch_level 353
|
||||
|
||||
%global major_minor_version %{major_version}.%{minor_version}
|
||||
|
||||
@ -26,7 +26,7 @@
|
||||
%endif
|
||||
|
||||
|
||||
%global release 15
|
||||
%global release 16
|
||||
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||
|
||||
%global rubygems_version 2.0.3
|
||||
@ -139,11 +139,6 @@ Patch13: rubygems-2.0.0-Do-not-modify-global-Specification.dirs-during-insta.pat
|
||||
# This prevents issues, when ruby configuration specifies --with-ruby-version=''.
|
||||
# https://github.com/rubygems/rubygems/pull/455
|
||||
Patch14: rubygems-2.0.0-Fixes-for-empty-ruby-version.patch
|
||||
# Although this does not directly affects Fedora ATM, it might be issue when
|
||||
# rebuilding package on different platform (RHEL7). Please keep the patch until
|
||||
# it is resolved in upstream.
|
||||
# https://bugs.ruby-lang.org/issues/8384
|
||||
Patch15: ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch
|
||||
# Adds aarch64 support.
|
||||
# http://bugs.ruby-lang.org/issues/8331
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=926463
|
||||
@ -424,7 +419,6 @@ Tcl/Tk interface for the object-oriented scripting language Ruby.
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
@ -600,7 +594,9 @@ DISABLE_TESTS="-x test_dl2.rb $DISABLE_TESTS"
|
||||
# the test suite).
|
||||
touch abrt.rb
|
||||
|
||||
make check TESTS="-v $DISABLE_TESTS"
|
||||
# Allow MD5 in OpenSSL.
|
||||
# https://bugs.ruby-lang.org/issues/9154
|
||||
OPENSSL_ENABLE_MD5_VERIFY=1 make check TESTS="-v $DISABLE_TESTS"
|
||||
|
||||
%post libs -p /sbin/ldconfig
|
||||
|
||||
@ -893,6 +889,11 @@ make check TESTS="-v $DISABLE_TESTS"
|
||||
%{ruby_libdir}/tkextlib
|
||||
|
||||
%changelog
|
||||
* Mon Nov 25 2013 Vít Ondruch <vondruch@redhat.com> - 2.0.0.353-16
|
||||
- Update to Ruby 2.0.0-p353.
|
||||
- Allow MD5 in OpenSSL for tests.
|
||||
- Fix heap overflow in floating point parsing (CVE-2013-4164).
|
||||
|
||||
* Tue Jul 30 2013 Vít Ondruch <vondruch@redhat.com> - 2.0.0.247-15
|
||||
- Move Psych symlinks to vendor dir, to prevent F18 -> F19 upgrade issues
|
||||
(rhbz#988490).
|
||||
|
@ -44,7 +44,7 @@ diff --git a/lib/rubygems/dependency_installer.rb b/lib/rubygems/dependency_inst
|
||||
index dffa8df..841f26a 100644
|
||||
--- a/lib/rubygems/dependency_installer.rb
|
||||
+++ b/lib/rubygems/dependency_installer.rb
|
||||
@@ -57,17 +57,14 @@ class Gem::DependencyInstaller
|
||||
@@ -57,16 +57,14 @@ class Gem::DependencyInstaller
|
||||
# :build_args:: See Gem::Installer::new
|
||||
|
||||
def initialize(options = {})
|
||||
@ -54,7 +54,6 @@ index dffa8df..841f26a 100644
|
||||
- # HACK shouldn't change the global settings, needed for -i behavior
|
||||
- # maybe move to the install command? See also github #442
|
||||
- Gem::Specification.dirs = @install_dir
|
||||
- Gem.ensure_gem_subdirectories @install_dir
|
||||
+ Gem.ensure_gem_subdirectories options[:install_dir]
|
||||
end
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
From c9b2eff36728266052ccfff54d3ac0a0624fd0f1 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
||||
Date: Thu, 14 Feb 2013 11:50:41 +0100
|
||||
Subject: [PATCH 1/2] Use File.join insteado of manual path creation.
|
||||
Subject: [PATCH] Use File.join insteado of manual path creation.
|
||||
|
||||
This prevents issues, when File.join in #new_default_spec removes
|
||||
superfluous slashes while they are kept in expected paths. E.g. the test
|
||||
@ -32,50 +32,3 @@ index 60df53f..35c9631 100644
|
||||
--
|
||||
1.8.1.2
|
||||
|
||||
|
||||
From b022cef7b2e6c2d138388a6c2db02cca8c408cc6 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
||||
Date: Thu, 14 Feb 2013 13:35:20 +0100
|
||||
Subject: [PATCH 2/2] Do not add last slash to Gem.user_dir if ruby_version
|
||||
string is empty.
|
||||
|
||||
---
|
||||
lib/rubygems/defaults.rb | 4 +++-
|
||||
test/rubygems/test_gem.rb | 6 ++++--
|
||||
2 files changed, 7 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/lib/rubygems/defaults.rb b/lib/rubygems/defaults.rb
|
||||
index ea84e5c..05c35bb 100644
|
||||
--- a/lib/rubygems/defaults.rb
|
||||
+++ b/lib/rubygems/defaults.rb
|
||||
@@ -54,7 +54,9 @@ module Gem
|
||||
# Path for gems in the user's home directory
|
||||
|
||||
def self.user_dir
|
||||
- File.join Gem.user_home, '.gem', ruby_engine, ConfigMap[:ruby_version]
|
||||
+ parts = [Gem.user_home, '.gem', ruby_engine]
|
||||
+ parts << ConfigMap[:ruby_version] unless ConfigMap[:ruby_version].empty?
|
||||
+ File.join parts
|
||||
end
|
||||
|
||||
##
|
||||
diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
|
||||
index bf77009..9ee78f7 100644
|
||||
--- a/test/rubygems/test_gem.rb
|
||||
+++ b/test/rubygems/test_gem.rb
|
||||
@@ -1198,8 +1198,10 @@ class TestGem < Gem::TestCase
|
||||
end
|
||||
|
||||
def test_self_user_dir
|
||||
- assert_equal File.join(@userhome, '.gem', Gem.ruby_engine,
|
||||
- Gem::ConfigMap[:ruby_version]), Gem.user_dir
|
||||
+ parts = [@userhome, '.gem', Gem.ruby_engine]
|
||||
+ parts << Gem::ConfigMap[:ruby_version] unless Gem::ConfigMap[:ruby_version].empty?
|
||||
+
|
||||
+ assert_equal File.join(parts), Gem.user_dir
|
||||
end
|
||||
|
||||
def test_self_user_home
|
||||
--
|
||||
1.8.1.2
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user