Compare commits
1 Commits
c8-stream-
...
c8-stream-
Author | SHA1 | Date | |
---|---|---|---|
7718972607 |
@ -0,0 +1,44 @@
|
|||||||
|
From 5d08bbb0415c2ecc10037837b81e6a27d40ee7be Mon Sep 17 00:00:00 2001
|
||||||
|
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
|
||||||
|
Date: Thu, 29 Jun 2023 22:25:17 +0900
|
||||||
|
Subject: [PATCH] CVE-2023-36617 for Ruby 3.0 (#7997)
|
||||||
|
|
||||||
|
* Merge URI-0.10.3
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
Backport note, bundler is not distributed the same as RubyGems in Ruby
|
||||||
|
2.5, therefore we do not use backport for Bundler.
|
||||||
|
---
|
||||||
|
lib/uri/rfc2396_parser.rb | 4 ++--
|
||||||
|
lib/uri/rfc3986_parser.rb | 2 +-
|
||||||
|
3 files changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb
|
||||||
|
index b9e7b2b26e..c7c3ecd96d 100644
|
||||||
|
--- a/lib/uri/rfc2396_parser.rb
|
||||||
|
+++ b/lib/uri/rfc2396_parser.rb
|
||||||
|
@@ -502,8 +502,8 @@ def initialize_regexp(pattern)
|
||||||
|
ret = {}
|
||||||
|
|
||||||
|
# for URI::split
|
||||||
|
- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
|
||||||
|
- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
|
||||||
|
+ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
|
||||||
|
+ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
|
||||||
|
|
||||||
|
# for URI::extract
|
||||||
|
ret[:URI_REF] = Regexp.new(pattern[:URI_REF])
|
||||||
|
diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
|
||||||
|
index ad32368cfa..1accd03376 100644
|
||||||
|
--- a/lib/uri/rfc3986_parser.rb
|
||||||
|
+++ b/lib/uri/rfc3986_parser.rb
|
||||||
|
@@ -106,7 +106,7 @@ def default_regexp # :nodoc:
|
||||||
|
QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
|
||||||
|
FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
|
||||||
|
OPAQUE: /\A(?:[^\/].*)?\z/,
|
||||||
|
- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
|
||||||
|
+ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
@ -0,0 +1,81 @@
|
|||||||
|
From 740289bf02c9bea54f75b702f62862c62c62672b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
|
||||||
|
Date: Thu, 21 Mar 2024 15:55:48 +0900
|
||||||
|
Subject: [PATCH] Merge StringIO 3.0.1.1
|
||||||
|
|
||||||
|
---
|
||||||
|
ext/stringio/stringio.c | 2 +-
|
||||||
|
test/stringio/test_stringio.rb | 27 ++++++++++++++++++++++-----
|
||||||
|
2 files changed, 23 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ext/stringio/stringio.c b/ext/stringio/stringio.c
|
||||||
|
index f537054b5d..946ae06da4 100644
|
||||||
|
--- a/ext/stringio/stringio.c
|
||||||
|
+++ b/ext/stringio/stringio.c
|
||||||
|
@@ -833,7 +833,7 @@ strio_unget_bytes(struct StringIO *ptr, const char *cp, long cl)
|
||||||
|
len = RSTRING_LEN(str);
|
||||||
|
rest = pos - len;
|
||||||
|
if (cl > pos) {
|
||||||
|
- long ex = (rest < 0 ? cl-pos : cl+rest);
|
||||||
|
+ long ex = cl - (rest < 0 ? pos : len);
|
||||||
|
rb_str_modify_expand(str, ex);
|
||||||
|
rb_str_set_len(str, len + ex);
|
||||||
|
s = RSTRING_PTR(str);
|
||||||
|
diff --git a/test/stringio/test_stringio.rb b/test/stringio/test_stringio.rb
|
||||||
|
index f5169f641a..c055b901e3 100644
|
||||||
|
--- a/test/stringio/test_stringio.rb
|
||||||
|
+++ b/test/stringio/test_stringio.rb
|
||||||
|
@@ -693,6 +693,15 @@ def test_ungetc_padding
|
||||||
|
assert_equal("b""\0""a", s.string)
|
||||||
|
end
|
||||||
|
|
||||||
|
+ def test_ungetc_fill
|
||||||
|
+ count = 100
|
||||||
|
+ s = StringIO.new
|
||||||
|
+ s.print 'a' * count
|
||||||
|
+ s.ungetc('b' * (count * 5))
|
||||||
|
+ assert_equal((count * 5), s.string.size)
|
||||||
|
+ assert_match(/\Ab+\z/, s.string)
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
def test_ungetbyte_pos
|
||||||
|
b = '\\b00010001 \\B00010001 \\b1 \\B1 \\b000100011'
|
||||||
|
s = StringIO.new( b )
|
||||||
|
@@ -718,6 +727,15 @@ def test_ungetbyte_padding
|
||||||
|
assert_equal("b""\0""a", s.string)
|
||||||
|
end
|
||||||
|
|
||||||
|
+ def test_ungetbyte_fill
|
||||||
|
+ count = 100
|
||||||
|
+ s = StringIO.new
|
||||||
|
+ s.print 'a' * count
|
||||||
|
+ s.ungetbyte('b' * (count * 5))
|
||||||
|
+ assert_equal((count * 5), s.string.size)
|
||||||
|
+ assert_match(/\Ab+\z/, s.string)
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
def test_frozen
|
||||||
|
s = StringIO.new
|
||||||
|
s.freeze
|
||||||
|
@@ -760,18 +778,17 @@ def test_new_block_warning
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_overflow
|
||||||
|
- skip if RbConfig::SIZEOF["void*"] > RbConfig::SIZEOF["long"]
|
||||||
|
+ return if RbConfig::SIZEOF["void*"] > RbConfig::SIZEOF["long"]
|
||||||
|
limit = (1 << (RbConfig::SIZEOF["void*"]*8-1)) - 0x10
|
||||||
|
assert_separately(%w[-rstringio], "#{<<-"begin;"}\n#{<<-"end;"}")
|
||||||
|
begin;
|
||||||
|
limit = #{limit}
|
||||||
|
ary = []
|
||||||
|
- while true
|
||||||
|
+ begin
|
||||||
|
x = "a"*0x100000
|
||||||
|
break if [x].pack("p").unpack("i!")[0] < 0
|
||||||
|
ary << x
|
||||||
|
- skip if ary.size > 100
|
||||||
|
- end
|
||||||
|
+ end while ary.size <= 100
|
||||||
|
s = StringIO.new(x)
|
||||||
|
s.gets("xxx", limit)
|
||||||
|
assert_equal(0x100000, s.pos)
|
@ -0,0 +1,203 @@
|
|||||||
|
From 7957a25edf844c966de45848fa7e9e2513955660 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
|
||||||
|
Date: Thu, 21 Mar 2024 15:47:40 +0900
|
||||||
|
Subject: [PATCH 1/2] Merge RDoc-6.3.4.1
|
||||||
|
|
||||||
|
---
|
||||||
|
lib/rdoc/rdoc.rb | 3 ++-
|
||||||
|
lib/rdoc/store.rb | 45 ++++++++++++++++++++--------------
|
||||||
|
test/rdoc/test_rdoc_options.rb | 6 ++---
|
||||||
|
3 files changed, 31 insertions(+), 23 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
|
||||||
|
index a2711fbbd1..c5690fc3b4 100644
|
||||||
|
--- a/lib/rdoc/rdoc.rb
|
||||||
|
+++ b/lib/rdoc/rdoc.rb
|
||||||
|
@@ -162,8 +162,9 @@ def load_options
|
||||||
|
RDoc.load_yaml
|
||||||
|
|
||||||
|
begin
|
||||||
|
- options = YAML.load_file '.rdoc_options'
|
||||||
|
+ options = YAML.safe_load_file '.rdoc_options', permitted_classes: [RDoc::Options, Symbol]
|
||||||
|
rescue Psych::SyntaxError
|
||||||
|
+ raise RDoc::Error, "#{options_file} is not a valid rdoc options file"
|
||||||
|
end
|
||||||
|
|
||||||
|
raise RDoc::Error, "#{options_file} is not a valid rdoc options file" unless
|
||||||
|
diff --git a/lib/rdoc/store.rb b/lib/rdoc/store.rb
|
||||||
|
index 999aa76f92..07d03e90f7 100644
|
||||||
|
--- a/lib/rdoc/store.rb
|
||||||
|
+++ b/lib/rdoc/store.rb
|
||||||
|
@@ -539,9 +539,7 @@ def load_all
|
||||||
|
def load_cache
|
||||||
|
#orig_enc = @encoding
|
||||||
|
|
||||||
|
- open cache_path, 'rb' do |io|
|
||||||
|
- @cache = Marshal.load io.read
|
||||||
|
- end
|
||||||
|
+ @cache = marshal_load(cache_path)
|
||||||
|
|
||||||
|
load_enc = @cache[:encoding]
|
||||||
|
|
||||||
|
@@ -596,9 +594,7 @@ def load_class klass_name
|
||||||
|
def load_class_data klass_name
|
||||||
|
file = class_file klass_name
|
||||||
|
|
||||||
|
- open file, 'rb' do |io|
|
||||||
|
- Marshal.load io.read
|
||||||
|
- end
|
||||||
|
+ marshal_load(file)
|
||||||
|
rescue Errno::ENOENT => e
|
||||||
|
error = MissingFileError.new(self, file, klass_name)
|
||||||
|
error.set_backtrace e.backtrace
|
||||||
|
@@ -611,14 +607,10 @@ def load_class_data klass_name
|
||||||
|
def load_method klass_name, method_name
|
||||||
|
file = method_file klass_name, method_name
|
||||||
|
|
||||||
|
- open file, 'rb' do |io|
|
||||||
|
- obj = Marshal.load io.read
|
||||||
|
- obj.store = self
|
||||||
|
- obj.parent =
|
||||||
|
- find_class_or_module(klass_name) || load_class(klass_name) unless
|
||||||
|
- obj.parent
|
||||||
|
- obj
|
||||||
|
- end
|
||||||
|
+ obj = marshal_load(file)
|
||||||
|
+ obj.store = self
|
||||||
|
+ obj.parent ||= find_class_or_module(klass_name) || load_class(klass_name)
|
||||||
|
+ obj
|
||||||
|
rescue Errno::ENOENT => e
|
||||||
|
error = MissingFileError.new(self, file, klass_name + method_name)
|
||||||
|
error.set_backtrace e.backtrace
|
||||||
|
@@ -631,11 +623,9 @@ def load_method klass_name, method_name
|
||||||
|
def load_page page_name
|
||||||
|
file = page_file page_name
|
||||||
|
|
||||||
|
- open file, 'rb' do |io|
|
||||||
|
- obj = Marshal.load io.read
|
||||||
|
- obj.store = self
|
||||||
|
- obj
|
||||||
|
- end
|
||||||
|
+ obj = marshal_load(file)
|
||||||
|
+ obj.store = self
|
||||||
|
+ obj
|
||||||
|
rescue Errno::ENOENT => e
|
||||||
|
error = MissingFileError.new(self, file, page_name)
|
||||||
|
error.set_backtrace e.backtrace
|
||||||
|
@@ -965,4 +955,21 @@ def unique_modules
|
||||||
|
@unique_modules
|
||||||
|
end
|
||||||
|
|
||||||
|
+ private
|
||||||
|
+ def marshal_load(file)
|
||||||
|
+ File.open(file, 'rb') {|io| Marshal.load(io, MarshalFilter)}
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
+ MarshalFilter = proc do |obj|
|
||||||
|
+ case obj
|
||||||
|
+ when true, false, nil, Array, Class, Encoding, Hash, Integer, String, Symbol, RDoc::Text
|
||||||
|
+ else
|
||||||
|
+ unless obj.class.name.start_with?("RDoc::")
|
||||||
|
+ raise TypeError, "not permitted class: #{obj.class.name}"
|
||||||
|
+ end
|
||||||
|
+ end
|
||||||
|
+ obj
|
||||||
|
+ end
|
||||||
|
+ private_constant :MarshalFilter
|
||||||
|
+
|
||||||
|
end
|
||||||
|
diff --git a/test/rdoc/test_rdoc_options.rb b/test/rdoc/test_rdoc_options.rb
|
||||||
|
index 400ed9a549..247c7c87ce 100644
|
||||||
|
--- a/test/rdoc/test_rdoc_options.rb
|
||||||
|
+++ b/test/rdoc/test_rdoc_options.rb
|
||||||
|
@@ -145,7 +145,7 @@ def test_init_with_encoding
|
||||||
|
|
||||||
|
@options.encoding = Encoding::IBM437
|
||||||
|
|
||||||
|
- options = YAML.load YAML.dump @options
|
||||||
|
+ options = YAML.safe_load(YAML.dump(@options), permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
|
||||||
|
assert_equal Encoding::IBM437, options.encoding
|
||||||
|
end
|
||||||
|
@@ -161,7 +161,7 @@ def test_init_with_trim_paths
|
||||||
|
- /etc
|
||||||
|
YAML
|
||||||
|
|
||||||
|
- options = YAML.load yaml
|
||||||
|
+ options = YAML.safe_load(yaml, permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
|
||||||
|
assert_empty options.rdoc_include
|
||||||
|
assert_empty options.static_path
|
||||||
|
@@ -729,7 +729,7 @@ def test_write_options
|
||||||
|
|
||||||
|
assert File.exist? '.rdoc_options'
|
||||||
|
|
||||||
|
- assert_equal @options, YAML.load(File.read('.rdoc_options'))
|
||||||
|
+ assert_equal @options, YAML.safe_load(File.read('.rdoc_options'), permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
From 153a4d16058783c923d0df5b1cbe2610ef96e3a8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jarek Prokop <jprokop@redhat.com>
|
||||||
|
Date: Tue, 28 May 2024 16:56:26 +0200
|
||||||
|
Subject: [PATCH 2/2] Port the rebase to work with Ruby 2.5.9.
|
||||||
|
|
||||||
|
Ruby 2.5's Psych does not have safe_load_file method.
|
||||||
|
However, from Ruby 3.3's sources, the method is just File.read
|
||||||
|
simple wrapper with a safe_load call. Therefore it was copied over to
|
||||||
|
the lib/rdoc/rdoc.rb file.
|
||||||
|
---
|
||||||
|
lib/rdoc/rdoc.rb | 9 ++++++-
|
||||||
|
test/rdoc/test_rdoc_options.rb | 6 +++---
|
||||||
|
2 files changed, 11 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
|
||||||
|
index c5690fc3b4..435cd2eaf0 100644
|
||||||
|
--- a/lib/rdoc/rdoc.rb
|
||||||
|
+++ b/lib/rdoc/rdoc.rb
|
||||||
|
@@ -162,7 +162,12 @@ def load_options
|
||||||
|
RDoc.load_yaml
|
||||||
|
|
||||||
|
begin
|
||||||
|
- options = YAML.safe_load_file '.rdoc_options', permitted_classes: [RDoc::Options, Symbol]
|
||||||
|
+ # Opening file inspired from Ruby 3.3.0 sources,
|
||||||
|
+ # file 'ext/psych/lib/psych.rb', line 658.
|
||||||
|
+ # https://github.com/ruby/ruby/blob/v3_3_0/ext/psych/lib/psych.rb#L658
|
||||||
|
+ options = File.open('.rdoc_options', 'r:bom|utf-8') do |file|
|
||||||
|
+ YAML.safe_load file, [RDoc::Options, Symbol], [], false, '.rdoc_options'
|
||||||
|
+ end
|
||||||
|
rescue Psych::SyntaxError
|
||||||
|
raise RDoc::Error, "#{options_file} is not a valid rdoc options file"
|
||||||
|
end
|
||||||
|
diff --git a/test/rdoc/test_rdoc_options.rb b/test/rdoc/test_rdoc_options.rb
|
||||||
|
index 247c7c87ce..60fe035dce 100644
|
||||||
|
--- a/test/rdoc/test_rdoc_options.rb
|
||||||
|
+++ b/test/rdoc/test_rdoc_options.rb
|
||||||
|
@@ -145,7 +145,7 @@ def test_init_with_encoding
|
||||||
|
|
||||||
|
@options.encoding = Encoding::IBM437
|
||||||
|
|
||||||
|
- options = YAML.safe_load(YAML.dump(@options), permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
+ options = YAML.safe_load(YAML.dump(@options), [RDoc::Options, Symbol])
|
||||||
|
|
||||||
|
assert_equal Encoding::IBM437, options.encoding
|
||||||
|
end
|
||||||
|
@@ -161,7 +161,7 @@ def test_init_with_trim_paths
|
||||||
|
- /etc
|
||||||
|
YAML
|
||||||
|
|
||||||
|
- options = YAML.safe_load(yaml, permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
+ options = YAML.safe_load(yaml, [RDoc::Options, Symbol])
|
||||||
|
|
||||||
|
assert_empty options.rdoc_include
|
||||||
|
assert_empty options.static_path
|
||||||
|
@@ -729,7 +729,7 @@ def test_write_options
|
||||||
|
|
||||||
|
assert File.exist? '.rdoc_options'
|
||||||
|
|
||||||
|
- assert_equal @options, YAML.safe_load(File.read('.rdoc_options'), permitted_classes: [RDoc::Options, Symbol])
|
||||||
|
+ assert_equal @options, YAML.safe_load(File.read('.rdoc_options'), [RDoc::Options, Symbol])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
@ -0,0 +1,48 @@
|
|||||||
|
From 9eda3000e3efd5bdd4ed60d07e2f43633e39d361 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
|
||||||
|
Date: Tue, 23 Apr 2024 19:22:22 +0900
|
||||||
|
Subject: [PATCH] merge revision(s) 33e5b47c16f1fd3382186e6ffe73cfc6e00946f7:
|
||||||
|
|
||||||
|
Fix handling of reg->dmin in Regex matching
|
||||||
|
|
||||||
|
---
|
||||||
|
regexec.c | 10 ++++++++++
|
||||||
|
1 file changed, 10 insertions(+)
|
||||||
|
---
|
||||||
|
regexec.c | 10 ++++++++++
|
||||||
|
1 file changed, 10 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/regexec.c b/regexec.c
|
||||||
|
index 4582c35c3f..36ac1d4bc5 100644
|
||||||
|
--- a/regexec.c
|
||||||
|
+++ b/regexec.c
|
||||||
|
@@ -3900,12 +3900,17 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
|
||||||
|
UChar* range, UChar** low, UChar** high, UChar** low_prev)
|
||||||
|
{
|
||||||
|
UChar *p, *pprev = (UChar* )NULL;
|
||||||
|
+ size_t input_len = end - str;
|
||||||
|
|
||||||
|
#ifdef ONIG_DEBUG_SEARCH
|
||||||
|
fprintf(stderr, "forward_search_range: str: %"PRIuPTR" (%p), end: %"PRIuPTR" (%p), s: %"PRIuPTR" (%p), range: %"PRIuPTR" (%p)\n",
|
||||||
|
(uintptr_t )str, str, (uintptr_t )end, end, (uintptr_t )s, s, (uintptr_t )range, range);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+ if (reg->dmin > input_len) {
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
p = s;
|
||||||
|
if (reg->dmin > 0) {
|
||||||
|
if (ONIGENC_IS_SINGLEBYTE(reg->enc)) {
|
||||||
|
@@ -4042,6 +4047,11 @@ backward_search_range(regex_t* reg, const UChar* str, const UChar* end,
|
||||||
|
UChar** low, UChar** high)
|
||||||
|
{
|
||||||
|
UChar *p;
|
||||||
|
+ size_t input_len = end - str;
|
||||||
|
+
|
||||||
|
+ if (reg->dmin > input_len) {
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
range += reg->dmin;
|
||||||
|
p = s;
|
236
SOURCES/ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
Normal file
236
SOURCES/ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
Normal file
@ -0,0 +1,236 @@
|
|||||||
|
From d3933fc753187a055a4904af82f5f3794c88c416 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sorah Fukumori <her@sorah.jp>
|
||||||
|
Date: Mon, 1 Jan 2024 20:45:54 +0900
|
||||||
|
Subject: [PATCH] [ruby/net-http] Renew test certificates
|
||||||
|
|
||||||
|
The private key is replaced with a public known test key published at
|
||||||
|
[RFC 9500].
|
||||||
|
|
||||||
|
Also lifetime has been extended to 10 years from 4 years.
|
||||||
|
|
||||||
|
[RFC 9500]: https://www.rfc-editor.org/rfc/rfc9500.html
|
||||||
|
|
||||||
|
https://github.com/ruby/net-http/commit/4ab6c4a500
|
||||||
|
---
|
||||||
|
test/net/fixtures/cacert.pem | 44 ++++++++--------
|
||||||
|
test/net/fixtures/server.crt | 99 +++++++-----------------------------
|
||||||
|
test/net/fixtures/server.key | 55 ++++++++++----------
|
||||||
|
4 files changed, 68 insertions(+), 130 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
|
||||||
|
index f623bd62ed375..24c83f1c65225 100644
|
||||||
|
--- a/test/net/fixtures/cacert.pem
|
||||||
|
+++ b/test/net/fixtures/cacert.pem
|
||||||
|
@@ -1,24 +1,24 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
-MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
|
||||||
|
-VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
|
||||||
|
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
|
||||||
|
-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
|
||||||
|
-MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
|
||||||
|
-B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
|
||||||
|
-cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
|
||||||
|
-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||||
|
-CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
|
||||||
|
-SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
|
||||||
|
-3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
|
||||||
|
-BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
|
||||||
|
-2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
|
||||||
|
-WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
|
||||||
|
-I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
|
||||||
|
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
|
||||||
|
-of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
|
||||||
|
-aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
|
||||||
|
-2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
|
||||||
|
-uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
|
||||||
|
-K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
|
||||||
|
-mA==
|
||||||
|
+MIID+zCCAuOgAwIBAgIUGMvHl3EhtKPKcgc3NQSAYfFuC+8wDQYJKoZIhvcNAQEL
|
||||||
|
+BQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRQwEgYDVQQHDAtN
|
||||||
|
+YXR6LWUgY2l0eTEXMBUGA1UECgwOUnVieSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1
|
||||||
|
+YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJARYWc2VjdXJpdHlAcnVieS1sYW5nLm9y
|
||||||
|
+ZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEyMjkxMTQ3MjNaMIGMMQswCQYDVQQGEwJK
|
||||||
|
+UDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkxFzAVBgNV
|
||||||
|
+BAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0ExJTAjBgkq
|
||||||
|
+hkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqGSIb3DQEB
|
||||||
|
+AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI
|
||||||
|
++1GSqyi1bFBgsRjM0THllIdMbKmJtWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0f
|
||||||
|
+qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0
|
||||||
|
+yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe
|
||||||
|
+NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1
|
||||||
|
+JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjUzBRMB0GA1Ud
|
||||||
|
+DgQWBBSJGVleDvFp9cu9R+E0/OKYzGkwkTAfBgNVHSMEGDAWgBSJGVleDvFp9cu9
|
||||||
|
+R+E0/OKYzGkwkTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBl
|
||||||
|
+8GLB8skAWlkSw/FwbUmEV3zyqu+p7PNP5YIYoZs0D74e7yVulGQ6PKMZH5hrZmHo
|
||||||
|
+orFSQU+VUUirG8nDGj7Rzce8WeWBxsaDGC8CE2dq6nC6LuUwtbdMnBrH0LRWAz48
|
||||||
|
+jGFF3jHtVz8VsGfoZTZCjukWqNXvU6hETT9GsfU+PZqbqcTVRPH52+XgYayKdIbD
|
||||||
|
+r97RM4X3+aXBHcUW0b76eyyi65RR/Xtvn8ioZt2AdX7T2tZzJyXJN3Hupp77s6Ui
|
||||||
|
+AZR35SToHCZeTZD12YBvLBdaTPLZN7O/Q/aAO9ZiJaZ7SbFOjz813B2hxXab4Fob
|
||||||
|
+2uJX6eMWTVxYK5D4M9lm
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
|
||||||
|
index 5ca78a6d146a0..5d2923795dabc 100644
|
||||||
|
--- a/test/net/fixtures/server.crt
|
||||||
|
+++ b/test/net/fixtures/server.crt
|
||||||
|
@@ -1,82 +1,21 @@
|
||||||
|
-Certificate:
|
||||||
|
- Data:
|
||||||
|
- Version: 3 (0x2)
|
||||||
|
- Serial Number: 2 (0x2)
|
||||||
|
- Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
|
||||||
|
- Validity
|
||||||
|
- Not Before: Jan 2 03:27:13 2019 GMT
|
||||||
|
- Not After : Jan 1 03:27:13 2024 GMT
|
||||||
|
- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
|
||||||
|
- Subject Public Key Info:
|
||||||
|
- Public Key Algorithm: rsaEncryption
|
||||||
|
- Public-Key: (2048 bit)
|
||||||
|
- Modulus:
|
||||||
|
- 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
|
||||||
|
- 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
|
||||||
|
- e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
|
||||||
|
- 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
|
||||||
|
- cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
|
||||||
|
- 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
|
||||||
|
- bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
|
||||||
|
- 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
|
||||||
|
- 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
|
||||||
|
- 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
|
||||||
|
- 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
|
||||||
|
- 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
|
||||||
|
- 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
|
||||||
|
- de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
|
||||||
|
- 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
|
||||||
|
- e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
|
||||||
|
- 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
|
||||||
|
- 4f:41
|
||||||
|
- Exponent: 65537 (0x10001)
|
||||||
|
- X509v3 extensions:
|
||||||
|
- X509v3 Basic Constraints:
|
||||||
|
- CA:FALSE
|
||||||
|
- Netscape Comment:
|
||||||
|
- OpenSSL Generated Certificate
|
||||||
|
- X509v3 Subject Key Identifier:
|
||||||
|
- ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
|
||||||
|
- X509v3 Authority Key Identifier:
|
||||||
|
- keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
|
||||||
|
-
|
||||||
|
- Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
- 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
|
||||||
|
- ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
|
||||||
|
- 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
|
||||||
|
- fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
|
||||||
|
- 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
|
||||||
|
- 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
|
||||||
|
- 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
|
||||||
|
- 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
|
||||||
|
- d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
|
||||||
|
- 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
|
||||||
|
- 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
|
||||||
|
- 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
|
||||||
|
- 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
|
||||||
|
- da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
|
||||||
|
- fd:be:bd:6e
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
-MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
|
||||||
|
-EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
|
||||||
|
-DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
|
||||||
|
-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
|
||||||
|
-DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
|
||||||
|
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
|
||||||
|
-BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||||
|
-AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
|
||||||
|
-zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
|
||||||
|
-VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
|
||||||
|
-wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
|
||||||
|
-sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
|
||||||
|
-dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
|
||||||
|
-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
|
||||||
|
-wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
|
||||||
|
-+J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
|
||||||
|
-y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
|
||||||
|
-EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
|
||||||
|
-Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
|
||||||
|
-oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
|
||||||
|
-28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
|
||||||
|
+MIIDYTCCAkkCAQAwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
|
||||||
|
+VQQIDAdTaGltYW5lMRQwEgYDVQQHDAtNYXR6LWUgY2l0eTEXMBUGA1UECgwOUnVi
|
||||||
|
+eSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
|
||||||
|
+ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEy
|
||||||
|
+MjkxMTQ3MjNaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRcwFQYD
|
||||||
|
+VQQKDA5SdWJ5IENvcmUgVGVhbTESMBAGA1UECwwJUnVieSBUZXN0MRIwEAYDVQQD
|
||||||
|
+DAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+egZ
|
||||||
|
+Q6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI+1GSqyi1bFBgsRjM0THllIdMbKmJ
|
||||||
|
+tWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0fqXmG8UTz0VTWdlAXXmhUs6lSADvA
|
||||||
|
+aIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0yg+801SXzoFTTa+UGIRLE66jH51a
|
||||||
|
+a5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIeNWMF32wHqIOOPvQcWV3M5D2vxJEj
|
||||||
|
+702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1JNPc/n3dVUm+fM6NoDXPoLP7j55G
|
||||||
|
+9zKyqGtGAWXAj1MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACtGNdj5TEtnJBYp
|
||||||
|
+M+LhBeU3oNteldfycEm993gJp6ghWZFg23oX8fVmyEeJr/3Ca9bAgDqg0t9a0npN
|
||||||
|
+oWKEY6wVKqcHgu3gSvThF5c9KhGbeDDmlTSVVNQmXWX0K2d4lS2cwZHH8mCm2mrY
|
||||||
|
+PDqlEkSc7k4qSiqigdS8i80Yk+lDXWsm8CjsiC93qaRM7DnS0WPQR0c16S95oM6G
|
||||||
|
+VklFKUSDAuFjw9aVWA/nahOucjn0w5fVW6lyIlkBslC1ChlaDgJmvhz+Ol3iMsE0
|
||||||
|
+kAmFNu2KKPVrpMWaBID49QwQTDyhetNLaVVFM88iUdA9JDoVMEuP1mm39JqyzHTu
|
||||||
|
+uBrdP4Q=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
|
||||||
|
index 7f2380e71e637..6a83d5bcf4a52 100644
|
||||||
|
--- a/test/net/fixtures/server.key
|
||||||
|
+++ b/test/net/fixtures/server.key
|
||||||
|
@@ -1,28 +1,27 @@
|
||||||
|
------BEGIN PRIVATE KEY-----
|
||||||
|
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
|
||||||
|
-XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
|
||||||
|
-Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
|
||||||
|
-6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
|
||||||
|
-cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
|
||||||
|
-n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
|
||||||
|
-/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
|
||||||
|
-DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
|
||||||
|
-LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
|
||||||
|
-QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
|
||||||
|
-hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
|
||||||
|
-1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
|
||||||
|
-liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
|
||||||
|
-U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
|
||||||
|
-pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
|
||||||
|
-A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
|
||||||
|
-ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
|
||||||
|
-oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
|
||||||
|
-gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
|
||||||
|
-xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
|
||||||
|
-kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
|
||||||
|
-uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
|
||||||
|
-y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
|
||||||
|
-g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
|
||||||
|
-wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
|
||||||
|
-2whRF0FEjKA8ehrNhAq+VFfFNw==
|
||||||
|
------END PRIVATE KEY-----
|
||||||
|
+-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
+MIIEowIBAAKCAQEAsPnoGUOnrpiSqt4XynxA+HRP7S+BSObI6qJ7fQAVSPtRkqso
|
||||||
|
+tWxQYLEYzNEx5ZSHTGypibVsJylvCfuToDTfMul8b/CZjP2Ob0LdpYrNH6l5hvFE
|
||||||
|
+89FU1nZQF15oVLOpUgA7wGiHuEVawrGfey92UE68mOyUVXGweJIVDdxqdMoPvNNU
|
||||||
|
+l86BU02vlBiESxOuox+dWmuVV7vfYZ79Toh/LUK43YvJh+rhv4nKuF7iHjVjBd9s
|
||||||
|
+B6iDjj70HFldzOQ9r8SRI+9NirupPTkF5AKNe6kUhKJ1luB7S27ZkvB3tSTT3P59
|
||||||
|
+3VVJvnzOjaA1z6Cz+4+eRvcysqhrRgFlwI9TEwIDAQABAoIBAEEYiyDP29vCzx/+
|
||||||
|
+dS3LqnI5BjUuJhXUnc6AWX/PCgVAO+8A+gZRgvct7PtZb0sM6P9ZcLrweomlGezI
|
||||||
|
+FrL0/6xQaa8bBr/ve/a8155OgcjFo6fZEw3Dz7ra5fbSiPmu4/b/kvrg+Br1l77J
|
||||||
|
+aun6uUAs1f5B9wW+vbR7tzbT/mxaUeDiBzKpe15GwcvbJtdIVMa2YErtRjc1/5B2
|
||||||
|
+BGVXyvlJv0SIlcIEMsHgnAFOp1ZgQ08aDzvilLq8XVMOahAhP1O2A3X8hKdXPyrx
|
||||||
|
+IVWE9bS9ptTo+eF6eNl+d7htpKGEZHUxinoQpWEBTv+iOoHsVunkEJ3vjLP3lyI/
|
||||||
|
+fY0NQ1ECgYEA3RBXAjgvIys2gfU3keImF8e/TprLge1I2vbWmV2j6rZCg5r/AS0u
|
||||||
|
+pii5CvJ5/T5vfJPNgPBy8B/yRDs+6PJO1GmnlhOkG9JAIPkv0RBZvR0PMBtbp6nT
|
||||||
|
+Y3yo1lwamBVBfY6rc0sLTzosZh2aGoLzrHNMQFMGaauORzBFpY5lU50CgYEAzPHl
|
||||||
|
+u5DI6Xgep1vr8QvCUuEesCOgJg8Yh1UqVoY/SmQh6MYAv1I9bLGwrb3WW/7kqIoD
|
||||||
|
+fj0aQV5buVZI2loMomtU9KY5SFIsPV+JuUpy7/+VE01ZQM5FdY8wiYCQiVZYju9X
|
||||||
|
+Wz5LxMNoz+gT7pwlLCsC4N+R8aoBk404aF1gum8CgYAJ7VTq7Zj4TFV7Soa/T1eE
|
||||||
|
+k9y8a+kdoYk3BASpCHJ29M5R2KEA7YV9wrBklHTz8VzSTFTbKHEQ5W5csAhoL5Fo
|
||||||
|
+qoHzFFi3Qx7MHESQb9qHyolHEMNx6QdsHUn7rlEnaTTyrXh3ifQtD6C0yTmFXUIS
|
||||||
|
+CW9wKApOrnyKJ9nI0HcuZQKBgQCMtoV6e9VGX4AEfpuHvAAnMYQFgeBiYTkBKltQ
|
||||||
|
+XwozhH63uMMomUmtSG87Sz1TmrXadjAhy8gsG6I0pWaN7QgBuFnzQ/HOkwTm+qKw
|
||||||
|
+AsrZt4zeXNwsH7QXHEJCFnCmqw9QzEoZTrNtHJHpNboBuVnYcoueZEJrP8OnUG3r
|
||||||
|
+UjmopwKBgAqB2KYYMUqAOvYcBnEfLDmyZv9BTVNHbR2lKkMYqv5LlvDaBxVfilE0
|
||||||
|
+2riO4p6BaAdvzXjKeRrGNEKoHNBpOSfYCOM16NjL8hIZB1CaV3WbT5oY+jp7Mzd5
|
||||||
|
+7d56RZOE+ERK2uz/7JX9VSsM/LbH9pJibd4e8mikDS9ntciqOH/3
|
||||||
|
+-----END RSA PRIVATE KEY-----
|
1662
SOURCES/rubygem-rexml-3.2.9-Fix-CVE-2024-35176-DoS-in-REXML.patch
Normal file
1662
SOURCES/rubygem-rexml-3.2.9-Fix-CVE-2024-35176-DoS-in-REXML.patch
Normal file
File diff suppressed because it is too large
Load Diff
264
SOURCES/rubygem-strscan-1.0.2-Accept-String-as-a-pattern.patch
Normal file
264
SOURCES/rubygem-strscan-1.0.2-Accept-String-as-a-pattern.patch
Normal file
@ -0,0 +1,264 @@
|
|||||||
|
From e56ac27d19cc3acdf6c1cb13b14224c43df5f5f6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kouhei Sutou <kou@clear-code.com>
|
||||||
|
Date: Thu, 4 Apr 2019 17:52:50 +0900
|
||||||
|
Subject: [PATCH] Accept String as a pattern
|
||||||
|
|
||||||
|
It's only for head only match case such as StringScanner#scan.
|
||||||
|
|
||||||
|
If we use a String as a pattern, we can improve match performance.
|
||||||
|
Here is a result of the including benchmark. It shows String as a
|
||||||
|
pattern is 1.25x faster than Regexp as a pattern.
|
||||||
|
|
||||||
|
% rake benchmark
|
||||||
|
/tmp/local/bin/ruby -S benchmark-driver benchmark/scan.yaml
|
||||||
|
Warming up --------------------------------------
|
||||||
|
regexp 12.094M i/s - 12.242M times in 1.012250s (82.69ns/i, 277clocks/i)
|
||||||
|
string 14.653M i/s - 14.889M times in 1.016124s (68.25ns/i, 252clocks/i)
|
||||||
|
Calculating -------------------------------------
|
||||||
|
regexp 14.713M i/s - 36.281M times in 2.465970s (67.97ns/i, 254clocks/i)
|
||||||
|
string 18.422M i/s - 43.959M times in 2.386255s (54.28ns/i, 201clocks/i)
|
||||||
|
|
||||||
|
Comparison:
|
||||||
|
string: 18421631.8 i/s
|
||||||
|
regexp: 14712660.7 i/s - 1.25x slower
|
||||||
|
|
||||||
|
====
|
||||||
|
Backport https://github.com/ruby/strscan/pull/4 for strscan.
|
||||||
|
|
||||||
|
REXML fixes for CVE-2024-35716 depend on this feature.
|
||||||
|
---
|
||||||
|
ext/strscan/strscan.c | 92 +++++++++++++++++++-----------
|
||||||
|
test/strscan/test_stringscanner.rb | 45 ++++++++++++++-
|
||||||
|
2 files changed, 100 insertions(+), 37 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/ext/strscan/strscan.c b/ext/strscan/strscan.c
|
||||||
|
index d6168a0d4f..43319b672e 100644
|
||||||
|
--- a/ext/strscan/strscan.c
|
||||||
|
+++ b/ext/strscan/strscan.c
|
||||||
|
@@ -447,15 +447,18 @@ strscan_set_pos(VALUE self, VALUE v)
|
||||||
|
}
|
||||||
|
|
||||||
|
static VALUE
|
||||||
|
-strscan_do_scan(VALUE self, VALUE regex, int succptr, int getstr, int headonly)
|
||||||
|
+strscan_do_scan(VALUE self, VALUE pattern, int succptr, int getstr, int headonly)
|
||||||
|
{
|
||||||
|
- regex_t *rb_reg_prepare_re(VALUE re, VALUE str);
|
||||||
|
struct strscanner *p;
|
||||||
|
- regex_t *re;
|
||||||
|
- long ret;
|
||||||
|
- int tmpreg;
|
||||||
|
|
||||||
|
- Check_Type(regex, T_REGEXP);
|
||||||
|
+ if (headonly) {
|
||||||
|
+ if (!RB_TYPE_P(pattern, T_REGEXP)) {
|
||||||
|
+ StringValue(pattern);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ else {
|
||||||
|
+ Check_Type(pattern, T_REGEXP);
|
||||||
|
+ }
|
||||||
|
GET_SCANNER(self, p);
|
||||||
|
|
||||||
|
CLEAR_MATCH_STATUS(p);
|
||||||
|
@@ -463,37 +466,55 @@ strscan_do_scan(VALUE self, VALUE regex, int succptr, int getstr, int headonly)
|
||||||
|
return Qnil;
|
||||||
|
}
|
||||||
|
|
||||||
|
- p->regex = regex;
|
||||||
|
- re = rb_reg_prepare_re(regex, p->str);
|
||||||
|
- tmpreg = re != RREGEXP_PTR(regex);
|
||||||
|
- if (!tmpreg) RREGEXP(regex)->usecnt++;
|
||||||
|
+ if (RB_TYPE_P(pattern, T_REGEXP)) {
|
||||||
|
+ regex_t *rb_reg_prepare_re(VALUE re, VALUE str);
|
||||||
|
+ regex_t *re;
|
||||||
|
+ long ret;
|
||||||
|
+ int tmpreg;
|
||||||
|
+
|
||||||
|
+ p->regex = pattern;
|
||||||
|
+ re = rb_reg_prepare_re(pattern, p->str);
|
||||||
|
+ tmpreg = re != RREGEXP_PTR(pattern);
|
||||||
|
+ if (!tmpreg) RREGEXP(pattern)->usecnt++;
|
||||||
|
+
|
||||||
|
+ if (headonly) {
|
||||||
|
+ ret = onig_match(re, (UChar* )CURPTR(p),
|
||||||
|
+ (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
+ (UChar* )CURPTR(p), &(p->regs), ONIG_OPTION_NONE);
|
||||||
|
+ }
|
||||||
|
+ else {
|
||||||
|
+ ret = onig_search(re,
|
||||||
|
+ (UChar* )CURPTR(p), (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
+ (UChar* )CURPTR(p), (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
+ &(p->regs), ONIG_OPTION_NONE);
|
||||||
|
+ }
|
||||||
|
+ if (!tmpreg) RREGEXP(pattern)->usecnt--;
|
||||||
|
+ if (tmpreg) {
|
||||||
|
+ if (RREGEXP(pattern)->usecnt) {
|
||||||
|
+ onig_free(re);
|
||||||
|
+ }
|
||||||
|
+ else {
|
||||||
|
+ onig_free(RREGEXP_PTR(pattern));
|
||||||
|
+ RREGEXP_PTR(pattern) = re;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- if (headonly) {
|
||||||
|
- ret = onig_match(re, (UChar* )CURPTR(p),
|
||||||
|
- (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
- (UChar* )CURPTR(p), &(p->regs), ONIG_OPTION_NONE);
|
||||||
|
+ if (ret == -2) rb_raise(ScanError, "regexp buffer overflow");
|
||||||
|
+ if (ret < 0) {
|
||||||
|
+ /* not matched */
|
||||||
|
+ return Qnil;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
- ret = onig_search(re,
|
||||||
|
- (UChar* )CURPTR(p), (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
- (UChar* )CURPTR(p), (UChar* )(CURPTR(p) + S_RESTLEN(p)),
|
||||||
|
- &(p->regs), ONIG_OPTION_NONE);
|
||||||
|
- }
|
||||||
|
- if (!tmpreg) RREGEXP(regex)->usecnt--;
|
||||||
|
- if (tmpreg) {
|
||||||
|
- if (RREGEXP(regex)->usecnt) {
|
||||||
|
- onig_free(re);
|
||||||
|
+ rb_enc_check(p->str, pattern);
|
||||||
|
+ if (S_RESTLEN(p) < RSTRING_LEN(pattern)) {
|
||||||
|
+ return Qnil;
|
||||||
|
}
|
||||||
|
- else {
|
||||||
|
- onig_free(RREGEXP_PTR(regex));
|
||||||
|
- RREGEXP_PTR(regex) = re;
|
||||||
|
+ if (memcmp(CURPTR(p), RSTRING_PTR(pattern), RSTRING_LEN(pattern)) != 0) {
|
||||||
|
+ return Qnil;
|
||||||
|
}
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (ret == -2) rb_raise(ScanError, "regexp buffer overflow");
|
||||||
|
- if (ret < 0) {
|
||||||
|
- /* not matched */
|
||||||
|
- return Qnil;
|
||||||
|
+ onig_region_clear(&(p->regs));
|
||||||
|
+ onig_region_set(&(p->regs), 0, 0, RSTRING_LEN(pattern));
|
||||||
|
}
|
||||||
|
|
||||||
|
MATCHED(p);
|
||||||
|
@@ -520,7 +541,8 @@ strscan_do_scan(VALUE self, VALUE regex, int succptr, int getstr, int headonly)
|
||||||
|
* p s.scan(/\w+/) # -> "test"
|
||||||
|
* p s.scan(/\w+/) # -> nil
|
||||||
|
* p s.scan(/\s+/) # -> " "
|
||||||
|
- * p s.scan(/\w+/) # -> "string"
|
||||||
|
+ * p s.scan("str") # -> "str"
|
||||||
|
+ * p s.scan(/\w+/) # -> "ing"
|
||||||
|
* p s.scan(/./) # -> nil
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
@@ -539,6 +561,7 @@ strscan_scan(VALUE self, VALUE re)
|
||||||
|
* s = StringScanner.new('test string')
|
||||||
|
* p s.match?(/\w+/) # -> 4
|
||||||
|
* p s.match?(/\w+/) # -> 4
|
||||||
|
+ * p s.match?("test") # -> 4
|
||||||
|
* p s.match?(/\s+/) # -> nil
|
||||||
|
*/
|
||||||
|
static VALUE
|
||||||
|
@@ -560,7 +583,8 @@ strscan_match_p(VALUE self, VALUE re)
|
||||||
|
* p s.skip(/\w+/) # -> 4
|
||||||
|
* p s.skip(/\w+/) # -> nil
|
||||||
|
* p s.skip(/\s+/) # -> 1
|
||||||
|
- * p s.skip(/\w+/) # -> 6
|
||||||
|
+ * p s.skip("st") # -> 2
|
||||||
|
+ * p s.skip(/\w+/) # -> 4
|
||||||
|
* p s.skip(/./) # -> nil
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
diff --git a/test/strscan/test_stringscanner.rb b/test/strscan/test_stringscanner.rb
|
||||||
|
index 3423f9cfed..63b1ce1f9b 100644
|
||||||
|
--- a/test/strscan/test_stringscanner.rb
|
||||||
|
+++ b/test/strscan/test_stringscanner.rb
|
||||||
|
@@ -282,6 +282,22 @@ def test_scan
|
||||||
|
assert_equal "", s.scan(//)
|
||||||
|
end
|
||||||
|
|
||||||
|
+ def test_scan_string
|
||||||
|
+ s = StringScanner.new('stra strb strc')
|
||||||
|
+ assert_equal 'str', s.scan('str')
|
||||||
|
+ assert_equal 'str', s[0]
|
||||||
|
+ assert_equal 3, s.pos
|
||||||
|
+ assert_equal false, s.tainted?
|
||||||
|
+ assert_equal 'a ', s.scan('a ')
|
||||||
|
+
|
||||||
|
+ str = 'stra strb strc'.dup
|
||||||
|
+ str.taint
|
||||||
|
+ s = StringScanner.new(str, false)
|
||||||
|
+ matched = s.scan('str')
|
||||||
|
+ assert_equal 'str', matched
|
||||||
|
+ assert_equal true, matched.tainted?
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
def test_skip
|
||||||
|
s = StringScanner.new('stra strb strc', true)
|
||||||
|
assert_equal 4, s.skip(/\w+/)
|
||||||
|
@@ -367,8 +383,10 @@ def test_matched
|
||||||
|
assert_equal false, s.matched.tainted?
|
||||||
|
s.scan(/\s+/)
|
||||||
|
assert_equal ' ', s.matched
|
||||||
|
+ s.scan('st')
|
||||||
|
+ assert_equal 'st', s.matched
|
||||||
|
s.scan(/\w+/)
|
||||||
|
- assert_equal 'strb', s.matched
|
||||||
|
+ assert_equal 'rb', s.matched
|
||||||
|
s.scan(/\s+/)
|
||||||
|
assert_equal ' ', s.matched
|
||||||
|
s.scan(/\w+/)
|
||||||
|
@@ -483,7 +501,7 @@ def test_pre_match
|
||||||
|
s.skip(/\s/)
|
||||||
|
assert_equal 'a', s.pre_match
|
||||||
|
assert_equal false, s.pre_match.tainted?
|
||||||
|
- s.scan(/\w/)
|
||||||
|
+ s.scan('b')
|
||||||
|
assert_equal 'a ', s.pre_match
|
||||||
|
s.scan_until(/c/)
|
||||||
|
assert_equal 'a b ', s.pre_match
|
||||||
|
@@ -513,7 +531,7 @@ def test_post_match
|
||||||
|
assert_equal ' b c d e', s.post_match
|
||||||
|
s.skip(/\s/)
|
||||||
|
assert_equal 'b c d e', s.post_match
|
||||||
|
- s.scan(/\w/)
|
||||||
|
+ s.scan('b')
|
||||||
|
assert_equal ' c d e', s.post_match
|
||||||
|
s.scan_until(/c/)
|
||||||
|
assert_equal ' d e', s.post_match
|
||||||
|
@@ -589,6 +607,20 @@ def test_encoding
|
||||||
|
assert_equal(Encoding::EUC_JP, ss.scan(/./e).encoding)
|
||||||
|
end
|
||||||
|
|
||||||
|
+ def test_encoding_string
|
||||||
|
+ str = "\xA1\xA2".dup.force_encoding("euc-jp")
|
||||||
|
+ ss = StringScanner.new(str)
|
||||||
|
+ assert_equal(str.dup, ss.scan(str.dup))
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
+ def test_invalid_encoding_string
|
||||||
|
+ str = "\xA1\xA2".dup.force_encoding("euc-jp")
|
||||||
|
+ ss = StringScanner.new(str)
|
||||||
|
+ assert_raise(Encoding::CompatibilityError) do
|
||||||
|
+ ss.scan(str.encode("UTF-8"))
|
||||||
|
+ end
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
def test_generic_regexp
|
||||||
|
ss = StringScanner.new("\xA1\xA2".dup.force_encoding("euc-jp"))
|
||||||
|
t = ss.scan(/./)
|
||||||
|
@@ -643,6 +675,13 @@ def test_exist_p
|
||||||
|
assert_equal(nil, s.exist?(/e/))
|
||||||
|
end
|
||||||
|
|
||||||
|
+ def test_exist_p_string
|
||||||
|
+ s = StringScanner.new("test string")
|
||||||
|
+ assert_raise(TypeError) do
|
||||||
|
+ s.exist?(" ")
|
||||||
|
+ end
|
||||||
|
+ end
|
||||||
|
+
|
||||||
|
def test_skip_until
|
||||||
|
s = StringScanner.new("Foo Bar Baz")
|
||||||
|
assert_equal(3, s.skip_until(/Foo/))
|
@ -21,7 +21,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
%global release 111
|
%global release 112
|
||||||
|
|
||||||
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||||
|
|
||||||
@ -230,6 +230,42 @@ Patch41: ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
|
|||||||
# https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
|
# https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
|
||||||
# https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
|
# https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
|
||||||
Patch42: ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
|
Patch42: ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
|
||||||
|
# Fix net-http test errors due to expired certificate
|
||||||
|
# https://github.com/ruby/ruby/commit/d3933fc753187a055a4904af82f5f3794c88c416
|
||||||
|
# https://bugs.ruby-lang.org/issues/20106
|
||||||
|
Patch43: ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
|
||||||
|
# CVE-2023-36617 ReDoS vulnerability - upstream's incomplete fix
|
||||||
|
# for CVE-2023-28755.
|
||||||
|
# Tests not included as assert_linear_time was introduced in Ruby 2.7.
|
||||||
|
# https://github.com/ruby/ruby/commit/616926b55e306a0704254a7ddfd6e9834d06c7f2
|
||||||
|
Patch44: ruby-3.0.7-Fix-CVE-2023-36617-Upstreams-incomplete-fix-for-CVE-2023-28755.patch
|
||||||
|
# CVE-2024-27280 Buffer overread vulnerability in StringIO.
|
||||||
|
# Backported from:
|
||||||
|
# https://github.com/ruby/ruby/commit/bd9424c71c15896a997d5a092bf5e1ed453defa6
|
||||||
|
Patch45: ruby-3.0.7-Fix-CVE-2024-27280-Buffer-overread-in-StringIO.patch
|
||||||
|
# CVE-2024-27281 RCE vulnerability with .rdoc_options in RDoc.
|
||||||
|
# Backported from:
|
||||||
|
# https://github.com/ruby/ruby/commit/7957a25edf844c966de45848fa7e9e2513955660
|
||||||
|
Patch46: ruby-3.0.7-Fix-CVE-2024-27281-RCE-vulnerability-with-rdoc_options.patch
|
||||||
|
# CVE-2024-27282 Arbitrary memory address read vulnerability with Regex search.
|
||||||
|
# Backported from:
|
||||||
|
# https://github.com/ruby/ruby/commit/6c6dca749d3f732b7be04bae20095a040c50fdb8
|
||||||
|
Patch47: ruby-3.0.7-Fix-CVE-2024-27282-Memory-address-read-with-Regex.patch
|
||||||
|
# Fix for REXML CVE-2024-35176 depends on being able to pass a string to the
|
||||||
|
# scan method in addition to a regex.
|
||||||
|
# https://github.com/ruby/strscan/pull/4
|
||||||
|
Patch48: rubygem-strscan-1.0.2-Accept-String-as-a-pattern.patch
|
||||||
|
# CVE-2024-35176 REXML: DoS parsing an XML with many `<`s in an attribute value.
|
||||||
|
# The actual fix for the CVE is https://github.com/ruby/rexml/pull/126 ,
|
||||||
|
# but that PR is depending on the content of a few previous PRs and commits.
|
||||||
|
# https://github.com/ruby/rexml/commit/694239f0855668c986feba6f1b395ecd94a1f0bc
|
||||||
|
# https://github.com/ruby/rexml/commit/810d2285235d5501a0a124f300832e6e9515da3c
|
||||||
|
# https://github.com/ruby/rexml/commit/77128555476cb0db798e2912fb3a07d6411dc320
|
||||||
|
# https://github.com/ruby/rexml/commit/370666e314816b57ecd5878e757224c3b6bc93f5
|
||||||
|
# https://github.com/ruby/rexml/commit/0496940d5998ccbc50d16fb734993ab50fc60c2d
|
||||||
|
# https://github.com/ruby/rexml/commit/4325835f92f3f142ebd91a3fdba4e1f1ab7f1cfb
|
||||||
|
# https://github.com/ruby/rexml/commit/f1df7d13b3e57a5e059273d2f0870163c08d7420
|
||||||
|
Patch49: rubygem-rexml-3.2.9-Fix-CVE-2024-35176-DoS-in-REXML.patch
|
||||||
|
|
||||||
|
|
||||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||||
@ -643,6 +679,13 @@ sed -i 's/"evaluation\/incorrect_words.yaml"\.freeze, //' \
|
|||||||
%patch40 -p1
|
%patch40 -p1
|
||||||
%patch41 -p1
|
%patch41 -p1
|
||||||
%patch42 -p1
|
%patch42 -p1
|
||||||
|
%patch43 -p1
|
||||||
|
%patch44 -p1
|
||||||
|
%patch45 -p1
|
||||||
|
%patch46 -p1
|
||||||
|
%patch47 -p1
|
||||||
|
%patch48 -p1
|
||||||
|
%patch49 -p1
|
||||||
|
|
||||||
# Provide an example of usage of the tapset:
|
# Provide an example of usage of the tapset:
|
||||||
cp -a %{SOURCE3} .
|
cp -a %{SOURCE3} .
|
||||||
@ -868,6 +911,18 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/test_segv_\(setproctitle\|test\|loaded_featur
|
|||||||
# https://bugs.ruby-lang.org/issues/14175
|
# https://bugs.ruby-lang.org/issues/14175
|
||||||
sed -i '/def test_mdns_each_address$/,/^ end$/ s/^/#/' test/resolv/test_mdns.rb
|
sed -i '/def test_mdns_each_address$/,/^ end$/ s/^/#/' test/resolv/test_mdns.rb
|
||||||
|
|
||||||
|
# Provide workaround for s390x zlib errors in tests on RHEL 8.
|
||||||
|
# The library works, but there seems to be chip acceleration used
|
||||||
|
# resulting in failing asserts against hardcoded values that were
|
||||||
|
# created for a different algorithm than is the default on that platform.
|
||||||
|
# Fix taken from:
|
||||||
|
# https://github.com/ruby/zlib/commit/280a1b5905d752af25e9f09e6511388cb4260eb2
|
||||||
|
%ifarch s390x
|
||||||
|
# Force chip acceleration off.
|
||||||
|
# https://www.ibm.com/docs/en/linux-on-systems?topic=o-applications-2
|
||||||
|
export DFLTCC=0
|
||||||
|
%endif
|
||||||
|
|
||||||
# For now, disable test incompatible with OpenSSL 1.1.1:
|
# For now, disable test incompatible with OpenSSL 1.1.1:
|
||||||
# https://github.com/rubygems/rubygems/issues/2388
|
# https://github.com/rubygems/rubygems/issues/2388
|
||||||
DISABLE_TESTS="$DISABLE_TESTS -n !/test_do_not_allow_invalid_client_cert_auth_connection/"
|
DISABLE_TESTS="$DISABLE_TESTS -n !/test_do_not_allow_invalid_client_cert_auth_connection/"
|
||||||
@ -1195,6 +1250,23 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
|
|||||||
%{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
|
%{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue May 21 2024 Jarek Prokop <jprokop@redhat.com> - 2.5.9-112
|
||||||
|
- Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755.
|
||||||
|
(CVE-2023-36617)
|
||||||
|
Resolves: RHEL-5614
|
||||||
|
- Fix Buffer overread vulnerability in StringIO.
|
||||||
|
(CVE-2024-27280)
|
||||||
|
Resolves: RHEL-34125
|
||||||
|
- Fix RCE vulnerability with .rdoc_options in RDoc.
|
||||||
|
(CVE-2024-27281)
|
||||||
|
Resolves: RHEL-34117
|
||||||
|
- Fix Arbitrary memory address read vulnerability with Regex search.
|
||||||
|
(CVE-2024-27282)
|
||||||
|
Resolves: RHEL-33867
|
||||||
|
- Fix REXML DoS parsing an XML with many `<`s in an attribute value.
|
||||||
|
(CVE-2024-35176)
|
||||||
|
Resolves: RHEL-37877
|
||||||
|
|
||||||
* Mon Jun 12 2023 Jarek Prokop <jprokop@redhat.com> - 2.5.9-111
|
* Mon Jun 12 2023 Jarek Prokop <jprokop@redhat.com> - 2.5.9-111
|
||||||
- Fix HTTP response splitting in CGI.
|
- Fix HTTP response splitting in CGI.
|
||||||
Resolves: CVE-2021-33621
|
Resolves: CVE-2021-33621
|
||||||
|
Loading…
Reference in New Issue
Block a user