Commit Graph

84 Commits

Author SHA1 Message Date
Jarek Prokop
23b8352956 Upgrade to Ruby 3.3.1.
Fix buffer overread vulnerability in StringIO.
  (CVE-2024-27280)
Fix RCE vulnerability with .rdoc_options in RDoc.
  (CVE-2024-27281)
Fix Arbitrary memory address read vulnerability with Regex search.
  (CVE-2024-27282)

Ruby bundled NKF, add appropriate `bundled` provide and test
License review and clarification

Upgrade by merging Fedora changes up to commit:
ff5301a5f3

Resolves: RHEL-33976
Resolves: RHEL-34130
Resolves: RHEL-34122
Resolves: RHEL-33872
2024-05-20 18:56:41 +02:00
Jarek Prokop
d97bc213ea Upgrade to Ruby 3.3.0.
Imported from Fedora @ 3008410

Resolves: RHEL-17089
2024-01-29 16:24:55 +01:00
Jarek Prokop
20188a8a3f Upgrade to Ruby 3.1.2 by merging Fedora Rawhide branch (commit: b7b5473).
Resolves: rhbz#2063773
2022-06-22 20:36:32 +02:00
Jarek Prokop
e036ecc271 Upgrade to Ruby 3.0.2.
- Fix command injection vulnerability in RDoc. (CVE-2021-31799)
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
  (CVE-2021-31810)
- Fix StartTLS stripping vulnerability in Net::IMAP (CVE-2021-32066)
- Fix dependencies of gems with explicit source installed from a
  different source. (CVE-2020-36327)

Related: rhbz#1938942
2021-07-21 18:10:53 +02:00
Jarek Prokop
8475ee2d69 Upgrade to Ruby 3.0.1.
Rebased from Fedora rawhide, commit: 6b2ff68.

* Except "Fix FTBFS due to an incompatible load" as that is included as
  a separate commit to highlight the change.
* Add missing `rubygem-` prefix for bundled provide of 'connection_pool'.
* Pass ldflags to gem install via CONFIGURE_ARGS
* Remove IRB dependency from rubygem-rdoc.
* Fix flaky excon test suite.
* Properly support DWARF5 debug information.
  Related: rhbz#1920533
* Bundle OpenSSL into StdLib.
* Fix SEGFAULT in rubygem-shoulda-matchers test suite.
* Provide `gem.build_complete` file for binary gems.
* Re-enable test suite.
* ruby-default-gems have to depend on rubygem(io-console) due to
  reline.
* Fix SEGFAULT preventing rubygem-unicode to build on armv7hl.
* Add support for reworked RubyGems plugins.
* Use proper path for plugin wrappers.
* Extract RSS and REXML into separate subpackages, because they were
   moved from default gems to bundled gems.
* Drop Net::Telnet and XMLRPC packages, because they were dropped from
  Ruby.

Resolves: rhbz#1938942
2021-06-24 21:02:48 +02:00
Pavel Valena
0ac9ccaebf Upgrade to Ruby 2.7.3.
Resolves: rhbz#1947938
2021-04-21 10:55:36 +02:00
Vít Ondruch
f80c0b1d07 Upgrade to Ruby 2.7.2.
Related: rhbz#1947938
2021-04-21 10:55:36 +02:00
Jun Aruga
7916a42d9d Update to Ruby 2.7.1 by merging Fedora master branch (commit: 2981648)
Resolves: rhbz#1817135
2020-05-30 06:49:49 +02:00
Jun Aruga
86bf30d871 Update to Ruby 2.6.3 by merging Fedora master branch (commit: 1cc2a49)
Resolves: rhbz#1672575
2019-06-13 16:56:02 +02:00
Vít Ondruch
2cf4920fa3 Update to Ruby 2.5.5.
* Remove Patch25: ruby-2.6.0-Update-for-tzdata-2018f.patch; subsumed
* Remove Patch11: ruby-2.6.0-Try-to-update-cert.patch; subsumed
* Remove Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with
    -TLS-1.3.patch; subsumed

Resolves: rhbz#1688758
2019-04-18 07:39:17 +02:00
Jun Aruga
d488a44d58 Update to Ruby 2.5.3.
Resolves: rhbz#1643092
2018-11-08 16:07:37 +01:00
Pavel Valena
7bbdc3fdb9 Update to Ruby 2.5.1. 2018-04-10 12:45:04 +02:00
Vít Ondruch
c2db65dbc7 Upgrade to Ruby 2.5.0. 2018-01-03 12:07:19 +01:00
Pavel Valena
535c42e96c Update to Ruby 2.4.2.
Patch10 and Patch11 subsumed.
2017-09-19 16:19:16 +02:00
Vít Ondruch
5c42276905 Update to Ruby 2.4.1. 2017-04-03 16:11:07 +02:00
Vít Ondruch
3130f89edd Upgrade to Ruby 2.4.0.
Move gemified xmlrpc into subpackage.
Move gemified openssl into subpackage.
Tk is removed from stdlib.
Extend 'gem_' macros for pre-release version support.
2017-01-09 15:58:21 +01:00
Vít Ondruch
d14e3f780f Update to Ruby 2.3.3. 2016-11-22 13:49:04 +01:00
Vít Ondruch
0a64e4b921 Update to Ruby 2.3.2. 2016-11-18 16:59:26 +01:00
Vít Ondruch
f2347fa378 Update to Ruby 2.3.1. 2016-04-29 23:19:03 +02:00
Vít Ondruch
4c12d4e704 Upgrade to Ruby 2.3.0. 2016-01-05 11:00:48 +01:00
Vít Ondruch
e467536081 Update to Ruby 2.2.4. 2015-12-21 13:08:17 +01:00
Vít Ondruch
b945bce4cb Update to Ruby 2.2.3. 2015-09-01 14:25:32 +02:00
Josef Stribny
05eb8b6a78 Update to Ruby 2.2.2 2015-04-14 09:51:46 +02:00
Vít Ondruch
1af12992cf Update to Ruby 2.2.1. 2015-03-04 11:49:19 +01:00
Vít Ondruch
9195984ef3 Upgrade to Ruby 2.2.0.
- Explicitly list RubyGems directories to avoid accidentaly packaged content.
- Split test-unit and power_assert gems into separate sub-packages.
- Drop libdb dependency in favor of gdbm.
2015-01-15 10:14:24 +01:00
Vít Ondruch
1610d07dcd Update to Ruby 2.1.5. 2014-11-28 17:02:55 +01:00
Vít Ondruch
61fd310e63 Update to Ruby 2.1.4. 2014-10-29 15:22:34 +01:00
Josef Stribny
d09c32278d Update to Ruby 2.1.2 2014-05-20 13:24:29 +02:00
Vít Ondruch
a7c9cd0323 Import Ruby 2.1 sources. 2014-04-08 13:32:43 +02:00
Vít Ondruch
eac4c415ba Update to Ruby 2.0.0-p353.
- Allow MD5 in OpenSSL for tests.
- Fix heap overflow in floating point parsing (CVE-2013-4164).
2013-11-27 16:07:24 +01:00
Vít Ondruch
26512adf37 Update to Ruby 2.0.0-p247 (rhbz#979605).
Fix CVE-2013-4073.
Fix for wrong makefiles created by mkmf (rhbz#921650).
2013-07-01 12:03:01 +02:00
Vít Ondruch
e1890f92f2 Update to Ruby 2.0.0-p195 (rhbz#917374).
Fix object taint bypassing in DL and Fiddle (CVE-2013-2065).
2013-05-20 15:56:24 +02:00
Vít Ondruch
eba90976c0 Update to Ruby 2.0.0-p0. 2013-02-25 12:46:22 +01:00
Vít Ondruch
eedc10e71b Add missing patch. 2013-02-22 15:28:37 +01:00
Mamoru TASAKA
51a6d3593c Update to 1.9.3 p385 2013-02-11 15:55:43 +09:00
Mamoru Tasaka
957db76127 Update to 1.9.3 p374
- Fix provided variables in pkgconfig (bug 789532:
  Vít Ondruch <vondruch@redhat.com>)
2013-01-20 01:44:27 +09:00
Mamoru Tasaka
a8441ce179 Update to 1.9.3.362 2013-01-02 16:07:42 +09:00
Mamoru Tasaka
97857e815d Update to 1.9.3.327
- Fix Hash-flooding DoS vulnerability on MurmurHash function
  (CVE-2012-5371)
2012-11-10 14:14:28 +09:00
Mamoru Tasaka
352f32d3d1 Update to 1.9.3 p286
- Don't create files when NUL-containing path name is passed
  (bug 865940)
2012-10-13 14:53:07 +09:00
Vít Ondruch
1cc853bb60 Update to Ruby 1.9.3-p194. 2012-04-20 15:01:52 +02:00
Vít Ondruch
ef4f0ea417 Upgrade to Ruby 1.9.3-p125. 2012-02-21 12:15:40 +01:00
Vít Ondruch
117278abd0 Update to Ruby 1.9.3. 2012-01-18 15:54:01 +01:00
Mamoru Tasaka
139d71a9fb Update to 1.8.7p352
Randomize hash on process startup (CVE-2011-4815, bug 750564)
2011-12-30 00:36:28 +09:00
Mamoru Tasaka
ace4eca586 Update to 1.8.7 p352
CVE-2011-2686 is fixed in this version (bug 722415)
Update ext/tk to the latest git
Remove duplicate path entry (bug 718695)
2011-07-16 10:31:19 +09:00
Mamoru Tasaka
156edf52c6 Update to 1.8.7 p334 2011-02-19 19:33:28 +09:00
Mamoru Tasaka
ca286f57ff - Update to 1.8.7 p330
- ext/tk updated to the newest header
2010-12-26 03:12:28 +09:00
Mamoru Tasaka
1f8d8f93ae - Update to 1.8.7.302
- CVE-2010-0541 (bug 587731) is fixed in this version
- Update ext/tk to the latest head
2010-08-23 02:26:59 +09:00
Mamoru Tasaka
84e77dfb4d Update to ruby 1.8.7 patchlevel 299 2010-07-26 19:14:51 +00:00
Mamoru Tasaka
75c801898d - ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407)
- Recreate some patches using upstream svn when available, and add some
    comments for patches
Tue May 11 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-2
- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch and
    instead completely replace with ruby_1_8 branch head (at this time,
    using rev 27738) (seems to fix 560053, 590503)
- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/
2010-05-14 19:10:53 +00:00
Mamoru Tasaka
e68a717cca - Update to 1.8.6 p 399 (bug 579675)
- Patch to fix gc bug causing open4 crash (bug 580993)
2010-04-26 19:02:49 +00:00