Fix buffer overread vulnerability in StringIO.
(CVE-2024-27280)
Fix RCE vulnerability with .rdoc_options in RDoc.
(CVE-2024-27281)
Fix Arbitrary memory address read vulnerability with Regex search.
(CVE-2024-27282)
Ruby bundled NKF, add appropriate `bundled` provide and test
License review and clarification
Upgrade by merging Fedora changes up to commit:
ff5301a5f3
Resolves: RHEL-33976
Resolves: RHEL-34130
Resolves: RHEL-34122
Resolves: RHEL-33872
- Fix command injection vulnerability in RDoc. (CVE-2021-31799)
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
(CVE-2021-31810)
- Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
- Fix dependencies of gems with explicit source installed from a
different source. (CVE-2020-36327)
Related: rhbz#1938942
Rebased from Fedora rawhide, commit: 6b2ff68.
* Except "Fix FTBFS due to an incompatible load" as that is included as
a separate commit to highlight the change.
* Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
* Pass ldflags to gem install via CONFIGURE_ARGS
* Remove IRB dependency from rubygem-rdoc.
* Fix flaky excon test suite.
* Properly support DWARF5 debug information.
Related: rhbz#1920533
* Bundle OpenSSL into StdLib.
* Fix SEGFAULT in rubygem-shoulda-matchers test suite.
* Provide `gem.build_complete` file for binary gems.
* Re-enable test suite.
* ruby-default-gems have to depend on rubygem(io-console) due to
reline.
* Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
* Add support for reworked RubyGems plugins.
* Use proper path for plugin wrappers.
* Extract RSS and REXML into separate subpackages, because they were
moved from default gems to bundled gems.
* Drop Net::Telnet and XMLRPC packages, because they were dropped from
Ruby.
Resolves: rhbz#1938942
Move gemified xmlrpc into subpackage.
Move gemified openssl into subpackage.
Tk is removed from stdlib.
Extend 'gem_' macros for pre-release version support.
- Explicitly list RubyGems directories to avoid accidentaly packaged content.
- Split test-unit and power_assert gems into separate sub-packages.
- Drop libdb dependency in favor of gdbm.
- Recreate some patches using upstream svn when available, and add some
comments for patches
Tue May 11 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-2
- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch and
instead completely replace with ruby_1_8 branch head (at this time,
using rev 27738) (seems to fix 560053, 590503)
- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/