Fix DoS vulnerability in rexml.
(CVE-2024-39908)
(CVE-2024-41946)
(CVE-2024-43398)
Fix REXML DoS when parsing an XML having many specific characters such as
whitespace character, >] and ]>.
(CVE-2024-41123)
Upgrade by merging Fedora changes up to commit:
b7e197fb88
Exclude:
- Generate RPM dependencies with RPM 4.20 API
6bed1e3bd5
We don't have new enough RPM.
Resolves: RHEL-55409
Resolves: RHEL-57049
Resolves: RHEL-52783
Resolves: RHEL-57054
Resolves: RHEL-57069
Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Ruby bundled NKF, add appropriate `bundled` provide and test
License review and clarification
Upgrade by merging Fedora changes up to commit:
ff5301a5f3
Resolves: RHEL-37446
Resolves: RHEL-37448
Resolves: RHEL-37449
Resolves: RHEL-37447
TestGemBundledCA is commented out since some of the build
infra can see DNS but then cannot connect.
Ideally not even DNS can be resolved for the rubygems.org.
The tests always get omitted in builds
as long as the infra does not allow connecting outside,
which is what we expect as correct behavior from mock.
Related: RHEL-17090
