import UBI ruby-2.5.9-111.module+el8.9.0+19193+435404ae

import ruby-2.5.9-110.module+el8.6.0+15956+aa803fc1
import ruby-2.5.9-109.module+el8.5.0+14275+d9c243ca
2023-11-15 03:49:17 +00:00 · 2022-08-01 09:06:38 +00:00 · 2022-02-24 15:14:42 +00:00 · 2022-02-16 11:08:29 +00:00 · 2021-09-10 18:57:46 +00:00 · 2021-09-10 18:57:32 +00:00
37 changed files with 2774 additions and 922 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/ruby-2.5.3.tar.xz
+SOURCES/ruby-2.5.9.tar.xz
--- a/.ruby.metadata
+++ b/.ruby.metadata
@ -1 +1 @@
-5acbdea1ced1e36684268e1cb6f8a4e7669bce77 SOURCES/ruby-2.5.3.tar.xz
+7be8dc2e6e534eb36bfdf9f017af512996ec99a6 SOURCES/ruby-2.5.9.tar.xz
--- a/SOURCES/macros.rubygems
+++ b/SOURCES/macros.rubygems
@ -60,7 +60,7 @@ gem install \\\
 #
 %gemspec_add_dep(g:s:d) \
 read -d '' gemspec_add_dep_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}%{?prerelease}.gemspec}' \
  \
  name = '%{-g*}' \
  requirements = %{*}%{!?1:nil} \
@ -97,7 +97,7 @@ unset -v gemspec_add_dep_script \
 #
 %gemspec_remove_dep(g:s:d) \
 read -d '' gemspec_remove_dep_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}%{?prerelease}.gemspec}' \
  \
  name = '%{-g*}' \
  requirements = %{*}%{!?1:nil} \
@ -144,7 +144,7 @@ unset -v gemspec_remove_dep_script \
 #
 %gemspec_add_file(s:tr) \
 read -d '' gemspec_add_file_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}%{?prerelease}.gemspec}' \
  \
  abort("gemspec_add_file: Use only one '-t' or '-r' at a time.") if "%{?-t}%{?-r}" == "-t-r" \
  \
@ -177,7 +177,7 @@ unset -v gemspec_add_file_script \
 #
 %gemspec_remove_file(s:tr) \
 read -d '' gemspec_remove_file_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}%{?prerelease}.gemspec}' \
  \
  abort("gemspec_remove_file: Use only one '-t' or '-r' at a time.") if "%{?-t}%{?-r}" == "-t-r" \
  \
--- a/SOURCES/operating_system.rb
+++ b/SOURCES/operating_system.rb
@ -119,6 +119,7 @@ module Gem
    def default_path
      path = default_dirs.collect {|location, paths| paths[:gem_dir]}
      path.unshift Gem.user_dir if File.exist? Gem.user_home
+      path
    end

    def default_ext_dir_for base_dir
--- a/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch
+++ b/SOURCES/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch
@ -39,7 +39,7 @@ diff --git a/configure.ac b/configure.ac
 index 028ef7ca3e..cdeff87871 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4396,6 +4396,13 @@ AC_SUBST(rubyarchhdrdir)dnl
+@@ -4397,6 +4397,13 @@ AC_SUBST(rubyarchhdrdir)dnl
 AC_SUBST(sitearchhdrdir)dnl
 AC_SUBST(vendorarchhdrdir)dnl
 
--- a/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch
+++ b/SOURCES/ruby-2.1.0-Enable-configuration-of-archlibdir.patch
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
 index 11fc237552..b77e88fc37 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3641,6 +3641,11 @@ AS_IF([test ${multiarch+set}], [
+@@ -3642,6 +3642,11 @@ AS_IF([test ${multiarch+set}], [
 ])
 
 archlibdir='${libdir}/${arch}'
--- a/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
+++ b/SOURCES/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
 index 999e2d6d5d..11fc237552 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4251,7 +4251,8 @@ AS_CASE(["$ruby_version_dir_name"],
+@@ -4252,7 +4252,8 @@ AS_CASE(["$ruby_version_dir_name"],
 ruby_version_dir=/'${ruby_version_dir_name}'
 
 if test -z "${ruby_version_dir_name}"; then
--- a/SOURCES/ruby-2.1.0-always-use-i386.patch
+++ b/SOURCES/ruby-2.1.0-always-use-i386.patch
@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
 index b77e88fc37..6bba453e3c 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4315,6 +4315,8 @@ AC_SUBST(vendorarchdir)dnl
+@@ -4316,6 +4316,8 @@ AC_SUBST(vendorarchdir)dnl
 AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
 AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
 
--- a/SOURCES/ruby-2.1.0-custom-rubygems-location.patch
+++ b/SOURCES/ruby-2.1.0-custom-rubygems-location.patch
@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
 index 6bba453e3c..028ef7ca3e 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4287,6 +4287,10 @@ AC_ARG_WITH(vendorarchdir,
+@@ -4288,6 +4288,10 @@ AC_ARG_WITH(vendorarchdir,
             [vendorarchdir=$withval],
             [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
 
@ -26,7 +26,7 @@ index 6bba453e3c..028ef7ca3e 100644
 AS_IF([test "${LOAD_RELATIVE+set}"], [
     AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
     RUBY_EXEC_PREFIX=''
-@@ -4311,6 +4315,7 @@ AC_SUBST(sitearchdir)dnl
+@@ -4312,6 +4316,7 @@ AC_SUBST(sitearchdir)dnl
 AC_SUBST(vendordir)dnl
 AC_SUBST(vendorlibdir)dnl
 AC_SUBST(vendorarchdir)dnl
@ -67,15 +67,15 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb
 index b47b6e1..0b99408 100755
 --- a/tool/rbinstall.rb
 +++ b/tool/rbinstall.rb
-@@ -331,6 +331,7 @@ def CONFIG.[](name, mandatory = false)
- sitearchlibdir = CONFIG["sitearchdir"]
- vendorlibdir = CONFIG["vendorlibdir"]
- vendorarchlibdir = CONFIG["vendorarchdir"]
+@@ -335,6 +335,7 @@ def CONFIG.[](name, mandatory = false)
+   vendorlibdir = CONFIG["vendorlibdir"]
+   vendorarchlibdir = CONFIG["vendorarchdir"]
+ end
 +rubygemsdir = CONFIG["rubygemsdir"]
 mandir = CONFIG["mandir", true]
 docdir = CONFIG["docdir", true]
 configure_args = Shellwords.shellwords(CONFIG["configure_args"])
-@@ -537,7 +538,13 @@ def install(src, cmd)
+@@ -541,7 +542,13 @@ def install(src, cmd)
 install?(:local, :comm, :lib) do
   prepare "library scripts", rubylibdir
   noinst = %w[*.txt *.rdoc *.gemspec]
--- a/SOURCES/ruby-2.3.0-ruby_version.patch
+++ b/SOURCES/ruby-2.3.0-ruby_version.patch
@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
 index 8ea969412f..a00f2b6776 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -4202,9 +4202,6 @@ AS_CASE(["$target_os"],
+@@ -4203,9 +4203,6 @@ AS_CASE(["$target_os"],
     rubyw_install_name='$(RUBYW_INSTALL_NAME)'
     ])
 
@ -30,7 +30,7 @@ index 8ea969412f..a00f2b6776 100644
 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
 AC_ARG_WITH(rubyarchprefix,
 	    AS_HELP_STRING([--with-rubyarchprefix=DIR],
-@@ -4227,56 +4224,62 @@ AC_ARG_WITH(ridir,
+@@ -4228,56 +4225,62 @@ AC_ARG_WITH(ridir,
 AC_SUBST(ridir)
 AC_SUBST(RI_BASE_NAME)
 
@ -120,7 +120,7 @@ index 8ea969412f..a00f2b6776 100644
 
 AS_IF([test "${LOAD_RELATIVE+set}"], [
     AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
-@@ -4293,6 +4296,7 @@ AC_SUBST(sitearchincludedir)dnl
+@@ -4294,6 +4297,7 @@ AC_SUBST(sitearchincludedir)dnl
 AC_SUBST(arch)dnl
 AC_SUBST(sitearch)dnl
 AC_SUBST(ruby_version)dnl
@ -171,7 +171,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb
 index d4c110e..d39c9a6 100755
 --- a/tool/rbinstall.rb
 +++ b/tool/rbinstall.rb
-@@ -417,7 +417,7 @@ def CONFIG.[](name, mandatory = false)
+@@ -421,7 +421,7 @@ def CONFIG.[](name, mandatory = false)
 
 install?(:doc, :rdoc) do
   if $rdocdir
@ -245,7 +245,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
 index 0428bea..b6e090e 100644
 --- a/test/rubygems/test_gem.rb
 +++ b/test/rubygems/test_gem.rb
-@@ -1156,7 +1156,8 @@ def test_self_use_paths
+@@ -1191,7 +1191,8 @@ def test_self_use_paths
 
   def test_self_user_dir
     parts = [@userhome, '.gem', Gem.ruby_engine]
@ -255,7 +255,7 @@ index 0428bea..b6e090e 100644
 
     assert_equal File.join(parts), Gem.user_dir
   end
-@@ -1283,7 +1284,7 @@ def test_self_user_home_user_drive_and_path
+@@ -1318,7 +1319,7 @@ def test_self_user_home_user_drive_and_path
   def test_self_vendor_dir
     expected =
       File.join RbConfig::CONFIG['vendordir'], 'gems',
--- a/SOURCES/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
+++ b/SOURCES/ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
@ -1,116 +0,0 @@
-From 346e147ba6480839b87046e9a9efab0bf6ed3660 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
-Date: Wed, 10 Aug 2016 17:35:48 +0200
-Subject: [PATCH] Rely on ldd to detect glibc.
-
-This is just workaround, since we know we are quite sure this will be successful
-on Red Hat platforms.
-
-This workaround rhbz#1361037
---
- test/fiddle/helper.rb | 92 ---------------------------------------------------
- 1 file changed, 92 deletions(-)
-
-diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb
-index 1da3d93..65148a1 100644
--- a/test/fiddle/helper.rb
-+++ b/test/fiddle/helper.rb
-@@ -6,95 +6,6 @@
- 
- libc_so = libm_so = nil
- 
-case RUBY_PLATFORM
-when /cygwin/
-  libc_so = "cygwin1.dll"
-  libm_so = "cygwin1.dll"
-when /linux/
-  libdir = '/lib'
-  case [0].pack('L!').size
-  when 4
-    # 32-bit ruby
-    libdir = '/lib32' if File.directory? '/lib32'
-  when 8
-    # 64-bit ruby
-    libdir = '/lib64' if File.directory? '/lib64'
-  end
-  libc_so = File.join(libdir, "libc.so.6")
-  libm_so = File.join(libdir, "libm.so.6")
-when /mingw/, /mswin/
-  require "rbconfig"
-  crtname = RbConfig::CONFIG["RUBY_SO_NAME"][/msvc\w+/] || 'ucrtbase'
-  libc_so = libm_so = "#{crtname}.dll"
-when /darwin/
-  libc_so = "/usr/lib/libc.dylib"
-  libm_so = "/usr/lib/libm.dylib"
-when /kfreebsd/
-  libc_so = "/lib/libc.so.0.1"
-  libm_so = "/lib/libm.so.1"
-when /gnu/	#GNU/Hurd
-  libc_so = "/lib/libc.so.0.3"
-  libm_so = "/lib/libm.so.6"
-when /mirbsd/
-  libc_so = "/usr/lib/libc.so.41.10"
-  libm_so = "/usr/lib/libm.so.7.0"
-when /freebsd/
-  libc_so = "/lib/libc.so.7"
-  libm_so = "/lib/libm.so.5"
-when /bsd|dragonfly/
-  libc_so = "/usr/lib/libc.so"
-  libm_so = "/usr/lib/libm.so"
-when /solaris/
-  libdir = '/lib'
-  case [0].pack('L!').size
-  when 4
-    # 32-bit ruby
-    libdir = '/lib' if File.directory? '/lib'
-  when 8
-    # 64-bit ruby
-    libdir = '/lib/64' if File.directory? '/lib/64'
-  end
-  libc_so = File.join(libdir, "libc.so")
-  libm_so = File.join(libdir, "libm.so")
-when /aix/
-  pwd=Dir.pwd
-  libc_so = libm_so = "#{pwd}/libaixdltest.so"
-  unless File.exist? libc_so
-    cobjs=%w!strcpy.o!
-    mobjs=%w!floats.o sin.o!
-    funcs=%w!sin sinf strcpy strncpy!
-    expfile='dltest.exp'
-    require 'tmpdir'
-    Dir.mktmpdir do |dir|
-      begin
-        Dir.chdir dir
-        %x!/usr/bin/ar x /usr/lib/libc.a #{cobjs.join(' ')}!
-        %x!/usr/bin/ar x /usr/lib/libm.a #{mobjs.join(' ')}!
-        %x!echo "#{funcs.join("\n")}\n" > #{expfile}!
-        require 'rbconfig'
-        if RbConfig::CONFIG["GCC"] = 'yes'
-          lflag='-Wl,'
-        else
-          lflag=''
-        end
-        flags="#{lflag}-bE:#{expfile} #{lflag}-bnoentry -lm"
-        %x!#{RbConfig::CONFIG["LDSHARED"]} -o #{libc_so} #{(cobjs+mobjs).join(' ')} #{flags}!
-      ensure
-        Dir.chdir pwd
-      end
-    end
-  end
-else
-  libc_so = ARGV[0] if ARGV[0] && ARGV[0][0] == ?/
-  libm_so = ARGV[1] if ARGV[1] && ARGV[1][0] == ?/
-  if( !(libc_so && libm_so) )
-    $stderr.puts("libc and libm not found: #{$0} <libc> <libm>")
-  end
-end
-
-libc_so = nil if !libc_so || (libc_so[0] == ?/ && !File.file?(libc_so))
-libm_so = nil if !libm_so || (libm_so[0] == ?/ && !File.file?(libm_so))
-
- if !libc_so || !libm_so
-   ruby = EnvUtil.rubybin
-   ldd = `ldd #{ruby}`
-- 
-2.9.2
-
--- a/SOURCES/ruby-2.5.0-Add-Gem.operating_system_defaults.patch
+++ b/SOURCES/ruby-2.5.0-Add-Gem.operating_system_defaults.patch
@ -64,7 +64,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
 index 3225a05c6b..62b80c4945 100644
 --- a/test/rubygems/test_gem.rb
 +++ b/test/rubygems/test_gem.rb
-@@ -1802,6 +1802,13 @@ def test_use_gemdeps_specific
+@@ -1837,6 +1837,13 @@ def test_use_gemdeps_specific
     ENV['RUBYGEMS_GEMDEPS'] = rubygems_gemdeps
   end
 
--- a/SOURCES/ruby-2.5.9-revert-stop-the-error-due-to-openssl-1-1-1h.patch
+++ b/SOURCES/ruby-2.5.9-revert-stop-the-error-due-to-openssl-1-1-1h.patch
@ -0,0 +1,46 @@
+From 93e6364a848f00b34647b13063dceb854dfaa11e Mon Sep 17 00:00:00 2001
+From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Wed, 28 Oct 2020 13:12:06 +0000
+Subject: [PATCH] merge revision(s): 07786ed
+
+	* test/net/http/test_https.rb: Stop the error due to openssl 1.1.1h
+
+	On some environments that uses OpenSSL 1.1.1h, the two tests now fail.
+
+	http://rubyci.s3.amazonaws.com/android29-x86_64/ruby-master/log/20200924T062352Z.fail.html.gz
+	https://github.com/ruby/ruby/runs/1159288773?check_suite_focus=true
+
+	```
+	  1) Failure:
+	TestNetHTTPS#test_get [/data/data/com.termux/files/home/cb/tmp/build/202	00924T062352Z/ruby/test/net/http/test_https.rb:47]:
+	<"0\x82\x03\xED0\x82\x02\xD5\xA0\x03..."> expected but was
+	<"0\x82\x03\xE30\x82\x02\xCB\xA0\x03...">.
+	```
+
+	Not sure why, but verify_callback now seems to receive only SERVER_CERT
+	but not CA_CERT.
+	It would be good to investigate the issue furthermore, but tentatively,
+	I want to stop the failures.
+
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67887 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+---
+ test/net/http/test_https.rb | 6 ++++--
+
+diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb
+index c1d486470ae2..3a2341024121 100644
+--- a/test/net/http/test_https.rb
+++ b/test/net/http/test_https.rb
+@@ -44,8 +44,10 @@ def test_get
+     http.request_get("/") {|res|
+       assert_equal($test_net_http_data, res.body)
+     }
+-    assert_equal(CA_CERT.to_der, certs[0].to_der)
+-    assert_equal(SERVER_CERT.to_der, certs[1].to_der)
+    # TODO: OpenSSL 1.1.1h seems to yield only SERVER_CERT; need to check the incompatibility
+    certs.zip([SERVER_CERT, CA_CERT]) do |actual, expected|
+      assert_equal(expected.to_der, actual.to_der)
+    end
+   rescue SystemCallError
+     skip $!
+   end
--- a/SOURCES/ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch
+++ b/SOURCES/ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch
@ -0,0 +1,78 @@
+From 893949167bdb911c7db9fd59de85f288c09741e1 Mon Sep 17 00:00:00 2001
+From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Sat, 15 Sep 2018 09:59:14 +0000
+Subject: [PATCH] Fix issues detected by code analysis tool (mainly Coverity).
+
+* Fix leaked storage in addr2line.c.
+* Fix for "top_root" leaking the resource.
+
+[Fix GH-1956]
+
+From: Jun Aruga <jaruga@redhat.com>
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+---
+ addr2line.c | 8 ++++++--
+ regcomp.c   | 3 +++
+ 2 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/addr2line.c b/addr2line.c
+index 2c422cc1697a..b266e44d5d4b 100644
+--- a/addr2line.c
+++ b/addr2line.c
+@@ -593,11 +593,12 @@ fill_lines(int num_traces, void **traces, int check_debuglink,
+ 		h = dlopen(NULL, RTLD_NOW|RTLD_LOCAL);
+ 		if (!h) continue;
+ 		s = dlsym(h, strtab + sym->st_name);
+-		if (!s) continue;
+-		if (dladdr(s, &info)) {
+		if (s && dladdr(s, &info)) {
+ 		    dladdr_fbase = (uintptr_t)info.dli_fbase;
+                    dlclose(h);
+ 		    break;
+ 		}
+                dlclose(h);
+ 	    }
+ 	    if (ehdr->e_type == ET_EXEC) {
+ 		obj->base_addr = 0;
+@@ -655,6 +656,9 @@ fill_lines(int num_traces, void **traces, int check_debuglink,
+ finish:
+     return dladdr_fbase;
+ fail:
+    if (file != NULL) {
+        munmap(file, (size_t)filesize);
+    }
+     return (uintptr_t)-1;
+ }
+ 
+diff --git a/regcomp.c b/regcomp.c
+index 0f6bee60d576..df7f73bac501 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -3596,6 +3596,7 @@ expand_case_fold_string(Node* node, regex_t* reg)
+     if (n == 0 || varlen == 0) {
+       if (IS_NULL(snode)) {
+ 	if (IS_NULL(root) && IS_NOT_NULL(prev_node)) {
+          onig_node_free(top_root);
+ 	  top_root = root = onig_node_list_add(NULL_NODE, prev_node);
+ 	  if (IS_NULL(root)) {
+ 	    onig_node_free(prev_node);
+@@ -3627,6 +3628,7 @@ expand_case_fold_string(Node* node, regex_t* reg)
+ 	}
+       }
+       if (IS_NULL(root) && IS_NOT_NULL(prev_node)) {
+        onig_node_free(top_root);
+ 	top_root = root = onig_node_list_add(NULL_NODE, prev_node);
+ 	if (IS_NULL(root)) {
+ 	  onig_node_free(prev_node);
+@@ -3677,6 +3679,7 @@ expand_case_fold_string(Node* node, regex_t* reg)
+     if (r != 0) goto mem_err;
+ 
+     if (IS_NOT_NULL(prev_node) && IS_NULL(root)) {
+      onig_node_free(top_root);
+       top_root = root = onig_node_list_add(NULL_NODE, prev_node);
+       if (IS_NULL(root)) {
+ 	onig_node_free(srem);
+-- 
+2.21.0
+
--- a/SOURCES/ruby-2.6.0-Try-to-update-cert.patch
+++ b/SOURCES/ruby-2.6.0-Try-to-update-cert.patch
@ -1,502 +0,0 @@
-From f234e6c3d3170f37508e214cdaef78d4b2584e5a Mon Sep 17 00:00:00 2001
-From: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 2 Jan 2019 03:08:20 +0000
-Subject: [PATCH 1/2] Try to update cert
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
- test/net/fixtures/cacert.pem |  86 +++++++-------------------
- test/net/fixtures/server.crt | 113 +++++++++++++++++++++++------------
- test/net/fixtures/server.key |  43 ++++++++-----
- 3 files changed, 124 insertions(+), 118 deletions(-)
-
-diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
-index 7073387877..f623bd62ed 100644
--- a/test/net/fixtures/cacert.pem
-+++ b/test/net/fixtures/cacert.pem
-@@ -1,66 +1,24 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            b9:90:a2:bf:62:69:17:9c
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-        Validity
-            Not Before: Jan  3 01:34:17 2014 GMT
-            Not After : Jan  2 01:34:17 2019 GMT
-        Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6:
-                    bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be:
-                    9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13:
-                    9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5:
-                    b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40:
-                    0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d:
-                    a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89:
-                    af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6:
-                    d0:fc:d6:eb:fc:06:82:10:fb
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2
-            X509v3 Authority Key Identifier: 
-                keyid:E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2
-                DirName:/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-                serial:B9:90:A2:BF:62:69:17:9C
-
-            X509v3 Basic Constraints: 
-                CA:TRUE
-    Signature Algorithm: sha1WithRSAEncryption
-        8f:77:06:4e:31:72:12:ee:68:09:70:27:d4:31:85:ef:10:95:
-        f9:0f:2b:66:63:08:37:88:6e:b7:9b:40:3e:18:77:33:86:e8:
-        61:6a:b7:3c:cb:c7:a6:d6:d5:92:6a:1f:56:d0:9f:5c:32:56:
-        d3:37:52:fe:0e:20:c2:7a:0d:fe:2d:3c:81:da:b8:7f:4d:6a:
-        08:01:d9:be:7a:a2:15:be:a6:ce:49:64:90:8c:9a:ca:6e:2e:
-        84:48:1d:94:19:56:94:46:aa:25:9b:68:c2:80:60:bf:cb:2e:
-        35:03:ea:0a:65:5a:33:38:c6:cc:81:46:c0:bc:36:86:96:39:
-        10:7d
- -----BEGIN CERTIFICATE-----
-MIIDjTCCAvagAwIBAgIJALmQor9iaRecMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD
-VQQGEwJKUDEQMA4GA1UECBMHU2hpbWFuZTEUMBIGA1UEBxMLTWF0ei1lIGNpdHkx
-FzAVBgNVBAoTDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDEwxSdWJ5IFRlc3QgQ0Ex
-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTQwMTAz
-MDEzNDE3WhcNMTkwMTAyMDEzNDE3WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT
-B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv
-cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv70BpBrLJE51+
-66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl9Ny7XaVBYOep
-dLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQABo4H0MIHxMB0G
-A1UdDgQWBBToflisE3sDIo2erzILhImAgAwewjCBwQYDVR0jBIG5MIG2gBToflis
-E3sDIo2erzILhImAgAwewqGBkqSBjzCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT
-B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv
-cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
-ZWN1cml0eUBydWJ5LWxhbmcub3JnggkAuZCiv2JpF5wwDAYDVR0TBAUwAwEB/zAN
-BgkqhkiG9w0BAQUFAAOBgQCPdwZOMXIS7mgJcCfUMYXvEJX5DytmYwg3iG63m0A+
-GHczhuhharc8y8em1tWSah9W0J9cMlbTN1L+DiDCeg3+LTyB2rh/TWoIAdm+eqIV
-vqbOSWSQjJrKbi6ESB2UGVaURqolm2jCgGC/yy41A+oKZVozOMbMgUbAvDaGljkQ
-fQ==
-+MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
-+VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
-+MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
-+B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
-+cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
-+ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-+CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
-+SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
-+3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
-+BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
-+2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
-+WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
-+I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
-+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
-+of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
-+aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
-+2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
-+uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
-+K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
-+mA==
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
-index fa4f99493a..817ecc222c 100644
--- a/test/net/fixtures/server.crt
-+++ b/test/net/fixtures/server.crt
-@@ -1,48 +1,83 @@
- Certificate:
-     Data:
-        Version: 1 (0x0)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: sha1WithRSAEncryption
-+        Version: 3 (0x2)
-+        Serial Number: 1 (0x1)
-+    Signature Algorithm: sha256WithRSAEncryption
-         Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Validity
-            Not Before: Jan  3 01:34:17 2014 GMT
-            Not After : Jan  2 01:34:17 2019 GMT
-        Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
-+            Not Before: Jan  2 03:06:53 2019 GMT
-+            Not After : Jan  1 03:06:53 2024 GMT
-+        Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Subject Public Key Info:
-             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6:
-                    bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be:
-                    9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13:
-                    9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5:
-                    b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40:
-                    0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d:
-                    a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89:
-                    af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6:
-                    d0:fc:d6:eb:fc:06:82:10:fb
-+                Public-Key: (2048 bit)
-+                Modulus:
-+                    00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86:
-+                    c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68:
-+                    7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87:
-+                    e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71:
-+                    3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be:
-+                    c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3:
-+                    7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd:
-+                    0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57:
-+                    d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc:
-+                    90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84:
-+                    0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0:
-+                    7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f:
-+                    72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1:
-+                    dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd:
-+                    fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e:
-+                    14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de:
-+                    ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82:
-+                    96:a9
-                 Exponent: 65537 (0x10001)
-    Signature Algorithm: sha1WithRSAEncryption
-        85:f5:d3:05:8b:8c:f4:43:1c:88:f2:8f:b2:f2:93:77:b7:3d:
-        95:c6:a0:34:bc:33:6a:d8:85:5f:3e:86:08:10:c5:5c:c1:76:
-        a3:53:3c:dc:38:98:23:97:e7:da:21:ac:e8:4d:3c:96:70:29:
-        ff:ff:1e:4a:9a:17:2b:db:04:62:b9:ef:ab:ea:a7:a5:e8:7c:
-        b1:d5:ed:30:a8:6c:78:de:51:7e:e3:8a:c2:a4:64:a8:63:a2:
-        bc:fd:43:9c:f3:55:7d:54:c9:6a:d8:53:1c:4b:6b:03:aa:b6:
-        19:e6:a4:4f:47:00:96:c5:42:59:85:4e:c3:4e:cd:41:82:53:
-        10:f8
-+        X509v3 extensions:
-+            X509v3 Basic Constraints: 
-+                CA:FALSE
-+            Netscape Comment: 
-+                OpenSSL Generated Certificate
-+            X509v3 Subject Key Identifier: 
-+                F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43
-+            X509v3 Authority Key Identifier: 
-+                keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
-+
-+    Signature Algorithm: sha256WithRSAEncryption
-+         02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19:
-+         3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4:
-+         28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42:
-+         08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7:
-+         fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea:
-+         86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75:
-+         26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45:
-+         ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87:
-+         2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06:
-+         5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d:
-+         bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27:
-+         f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07:
-+         fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5:
-+         8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87:
-+         9d:64:28:ce
- -----BEGIN CERTIFICATE-----
-MIICXDCCAcUCAQAwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
-VQQIEwdTaGltYW5lMRQwEgYDVQQHEwtNYXR6LWUgY2l0eTEXMBUGA1UEChMOUnVi
-eSBDb3JlIFRlYW0xFTATBgNVBAMTDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
-ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0xNDAxMDMwMTM0MTdaFw0xOTAx
-MDIwMTM0MTdaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIEwdTaGltYW5lMRcwFQYD
-VQQKEw5SdWJ5IENvcmUgVGVhbTESMBAGA1UECxMJUnVieSBUZXN0MRIwEAYDVQQD
-Ewlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANt10EXesd+/
-caAOsKXmvPQcneUlZ2TFe8vxr8a+mqrqfg/MBa/vQGkGsskTnX7rogbi6n0Hx8eZ
-x/vVuOtjd2IrGBLDU1jQ9cdADAHRJoI0Fgnj3GX03LtdpUFg56l0utdMtqOcxYyJ
-r8vonwX+6v5kJL/n7eP20PzW6/wGghD7AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEA
-hfXTBYuM9EMciPKPsvKTd7c9lcagNLwzatiFXz6GCBDFXMF2o1M83DiYI5fn2iGs
-6E08lnAp//8eSpoXK9sEYrnvq+qnpeh8sdXtMKhseN5RfuOKwqRkqGOivP1DnPNV
-fVTJathTHEtrA6q2GeakT0cAlsVCWYVOw07NQYJTEPg=
-+MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
-+EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
-+DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
-+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX
-+DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG
-+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m
-+u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W
-+vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI
-+Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT
-+Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI
-+BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5
-+MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl
-+cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME
-+GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK
-+Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx
-+DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2
-+Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN
-+/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS
-+SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm
-+gJGByxo9tY6HnWQozg==
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
-index 7c57546ece..1e73232728 100644
--- a/test/net/fixtures/server.key
-+++ b/test/net/fixtures/server.key
-@@ -1,15 +1,28 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv
-70BpBrLJE51+66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl
-9Ny7XaVBYOepdLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQAB
-AoGAGtYHR+P5gFDaxiXFuCPFC1zMeg7e29XCU6gURIteQnQ2QhxCvcbV64HkLu51
-HeYWhB0Pa4aeCWxmpgb2e+JH4MEoIjeJSGyZQeqwkQLgWJDdvkgWx5am58QzA60I
-ipkZ9QHcPffSs5RiGx4yfr58KqAmwFphGCY8W7v4LqaENdECQQD9H5VTW9g4gj1c
-j3uNYvSI/D7a9P7gfI+ziczuwMm5xsBx3D/t5TAr3SJKNne3sl1E6ZERCUbzxf+C
-k58EiHx1AkEA3fRLGqDOq7EcQhbjTcA/v/t5MwlGEUsS9+XrqOWn50YuoIwRZJ3v
-qHRQzfQfFNklGtfBvwQ4md3irXjMeGVprwJBAMEAuwiDiHuV+xm/ofKtmE13IKot
-ksYy1BOOp/8IawhHXueyi+BmF/PqOkIiA+jCjNGF0oIN89beizPSQbbgJx0CQG/K
-qL1bu1ys0y/SeWBi8XkP/0aeaCUzq/UiYCTsrzoEll2UzvnftqMhGsXxLGqCyHaR
-r2s3hA6zvIVlL4+AfM8CQQClq+WDrC5VKciLYakZNWJjV1m+H2Ut/0fXdUjKHajE
-FWLcsrOhADf6bkTb71GwPxnKRkkRmud5upP0ZYYTqM4X
------END RSA PRIVATE KEY-----
-+-----BEGIN PRIVATE KEY-----
-+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k
-+339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu
-+cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l
-+//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT
-+XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP
-+CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym
-+WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM
-+BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9
-+fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j
-+hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T
-+uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q
-+8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB
-+s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z
-+AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl
-+lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x
-+u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm
-+gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr
-+45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN
-+W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM
-+spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3
-+bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW
-+uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox
-+kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+
-+XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE
-+bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml
-+uCiVeqoPl+JIg4m8Tz76XWo=
-+-----END PRIVATE KEY-----
-- 
-2.20.1
-
-
-From 1e0b49a293d3792826c67b7e05c5fcbd09c9ea6e Mon Sep 17 00:00:00 2001
-From: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 2 Jan 2019 03:29:01 +0000
-Subject: [PATCH 2/2] Try to update cert (2nd try)
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
- test/net/fixtures/server.crt | 115 +++++++++++++++++------------------
- test/net/fixtures/server.key |  52 ++++++++--------
- 2 files changed, 83 insertions(+), 84 deletions(-)
-
-diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
-index 817ecc222c..5ca78a6d14 100644
--- a/test/net/fixtures/server.crt
-+++ b/test/net/fixtures/server.crt
-@@ -1,35 +1,35 @@
- Certificate:
-     Data:
-         Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-+        Serial Number: 2 (0x2)
-     Signature Algorithm: sha256WithRSAEncryption
-         Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Validity
-            Not Before: Jan  2 03:06:53 2019 GMT
-            Not After : Jan  1 03:06:53 2024 GMT
-        Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-+            Not Before: Jan  2 03:27:13 2019 GMT
-+            Not After : Jan  1 03:27:13 2024 GMT
-+        Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
-         Subject Public Key Info:
-             Public Key Algorithm: rsaEncryption
-                 Public-Key: (2048 bit)
-                 Modulus:
-                    00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86:
-                    c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68:
-                    7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87:
-                    e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71:
-                    3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be:
-                    c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3:
-                    7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd:
-                    0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57:
-                    d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc:
-                    90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84:
-                    0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0:
-                    7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f:
-                    72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1:
-                    dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd:
-                    fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e:
-                    14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de:
-                    ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82:
-                    96:a9
-+                    00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
-+                    9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
-+                    e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
-+                    7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
-+                    cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
-+                    0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
-+                    bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
-+                    74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
-+                    8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
-+                    40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
-+                    47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
-+                    79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
-+                    02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
-+                    de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
-+                    86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
-+                    e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
-+                    74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
-+                    4f:41
-                 Exponent: 65537 (0x10001)
-         X509v3 extensions:
-             X509v3 Basic Constraints: 
-@@ -37,47 +37,46 @@ Certificate:
-             Netscape Comment: 
-                 OpenSSL Generated Certificate
-             X509v3 Subject Key Identifier: 
-                F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43
-+                ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
-             X509v3 Authority Key Identifier: 
-                 keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
- 
-     Signature Algorithm: sha256WithRSAEncryption
-         02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19:
-         3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4:
-         28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42:
-         08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7:
-         fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea:
-         86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75:
-         26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45:
-         ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87:
-         2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06:
-         5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d:
-         bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27:
-         f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07:
-         fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5:
-         8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87:
-         9d:64:28:ce
-+         1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
-+         ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
-+         2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
-+         fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
-+         56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
-+         04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
-+         89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
-+         93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
-+         d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
-+         1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
-+         1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
-+         5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
-+         63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
-+         da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
-+         fd:be:bd:6e
- -----BEGIN CERTIFICATE-----
-MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
-+MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
- EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
- DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX
-DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m
-u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W
-vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI
-Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT
-Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI
-BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5
-MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl
-cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME
-GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK
-Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx
-DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2
-Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN
-/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS
-SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm
-gJGByxo9tY6HnWQozg==
-+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
-+DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
-+BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-+AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
-+zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
-+VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
-+wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
-+sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
-+dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
-+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
-+wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
-++J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
-+y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
-+EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
-+Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
-+oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
-+28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
-index 1e73232728..7f2380e71e 100644
--- a/test/net/fixtures/server.key
-+++ b/test/net/fixtures/server.key
-@@ -1,28 +1,28 @@
- -----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k
-339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu
-cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l
-//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT
-XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP
-CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym
-WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM
-BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9
-fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j
-hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T
-uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q
-8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB
-s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z
-AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl
-lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x
-u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm
-gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr
-45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN
-W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM
-spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3
-bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW
-uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox
-kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+
-XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE
-bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml
-uCiVeqoPl+JIg4m8Tz76XWo=
-+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
-+XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
-+Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
-+6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
-+cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
-+n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
-+/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
-+DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
-+LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
-+QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
-+hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
-+1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
-+liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
-+U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
-+pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
-+A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
-+ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
-+oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
-+gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
-+xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
-+kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
-+uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
-+y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
-+g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
-+wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
-+2whRF0FEjKA8ehrNhAq+VFfFNw==
- -----END PRIVATE KEY-----
-- 
-2.20.1
-
--- a/SOURCES/ruby-2.6.0-Update-for-tzdata-2018f.patch
+++ b/SOURCES/ruby-2.6.0-Update-for-tzdata-2018f.patch
@ -1,44 +0,0 @@
-From e71ca6cdcf108e6a2fa47ec9fadefe7554717908 Mon Sep 17 00:00:00 2001
-From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Fri, 26 Oct 2018 01:47:09 +0000
-Subject: [PATCH] Update for tzdata-2018f
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65365 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
- test/ruby/test_time_tz.rb | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
-index 2da4fd8d9ce4..328fde48fc34 100644
--- a/test/ruby/test_time_tz.rb
-+++ b/test/ruby/test_time_tz.rb
-@@ -86,7 +86,9 @@ def group_by(e, &block)
-   has_lisbon_tz &&= have_tz_offset?("Europe/Lisbon")
-   CORRECT_TOKYO_DST_1951 = with_tz("Asia/Tokyo") {
-     if Time.local(1951, 5, 6, 12, 0, 0).dst? # noon, DST
-      Time.local(1951, 5, 6, 1, 0, 0).dst?   # DST with fixed tzdata
-+      if Time.local(1951, 5, 6, 1, 0, 0).dst? # DST with fixed tzdata
-+        Time.local(1951, 9, 8, 23, 0, 0).dst? ? "2018f" : "2018e"
-+      end
-     end
-   }
-   CORRECT_KIRITIMATI_SKIP_1994 = with_tz("Pacific/Kiritimati") {
-@@ -347,12 +349,16 @@ def self.gen_zdump_test(data)
- Asia/Singapore  Thu Dec 31 16:29:59 1981 UTC = Thu Dec 31 23:59:59 1981 SGT isdst=0 gmtoff=27000
- Asia/Singapore  Thu Dec 31 16:30:00 1981 UTC = Fri Jan  1 00:30:00 1982 SGT isdst=0 gmtoff=28800
- End
-  gen_zdump_test CORRECT_TOKYO_DST_1951 ? <<'End' : <<'End'
-+  gen_zdump_test CORRECT_TOKYO_DST_1951 ? <<'End' + (CORRECT_TOKYO_DST_1951 < "2018f" ? <<'2018e' : <<'2018f') : <<'End'
- Asia/Tokyo  Sat May  5 14:59:59 1951 UTC = Sat May  5 23:59:59 1951 JST isdst=0 gmtoff=32400
- Asia/Tokyo  Sat May  5 15:00:00 1951 UTC = Sun May  6 01:00:00 1951 JDT isdst=1 gmtoff=36000
-+End
- Asia/Tokyo  Sat Sep  8 13:59:59 1951 UTC = Sat Sep  8 23:59:59 1951 JDT isdst=1 gmtoff=36000
- Asia/Tokyo  Sat Sep  8 14:00:00 1951 UTC = Sat Sep  8 23:00:00 1951 JST isdst=0 gmtoff=32400
-End
-+2018e
-+Asia/Tokyo  Sat Sep  8 14:59:59 1951 UTC = Sun Sep  9 00:59:59 1951 JDT isdst=1 gmtoff=36000
-+Asia/Tokyo  Sat Sep  8 15:00:00 1951 UTC = Sun Sep  9 00:00:00 1951 JST isdst=0 gmtoff=32400
-+2018f
- Asia/Tokyo  Sat May  5 16:59:59 1951 UTC = Sun May  6 01:59:59 1951 JST isdst=0 gmtoff=32400
- Asia/Tokyo  Sat May  5 17:00:00 1951 UTC = Sun May  6 03:00:00 1951 JDT isdst=1 gmtoff=36000
- Asia/Tokyo  Fri Sep  7 15:59:59 1951 UTC = Sat Sep  8 01:59:59 1951 JDT isdst=1 gmtoff=36000
--- a/SOURCES/ruby-2.6.0-library-options-to-MAINLIBS.patch
+++ b/SOURCES/ruby-2.6.0-library-options-to-MAINLIBS.patch
@ -27,7 +27,7 @@ index aebbae1969a5..733a0c992fd7 100644
 
 AC_DEFUN([RUBY_RM_RECURSIVE], [
 m4_version_prereq([2.70], [-1], [
-@@ -2938,13 +2939,11 @@ AS_IF([test x"$enable_pthread" = xyes], [
+@@ -2939,13 +2940,11 @@ AS_IF([test x"$enable_pthread" = xyes], [
 	AC_DEFINE(_THREAD_SAFE)
 	AC_DEFINE(HAVE_LIBPTHREAD)
 	AC_CHECK_HEADERS(pthread_np.h, [], [], [@%:@include <pthread.h>])
@ -46,7 +46,7 @@ index aebbae1969a5..733a0c992fd7 100644
     ], [
 	AC_MSG_WARN("Don't know how to find pthread library on your system -- thread support disabled")
     ])
-@@ -3623,7 +3622,7 @@ LIBRUBY_A='lib$(RUBY_SO_NAME)-static.a'
+@@ -3624,7 +3623,7 @@ LIBRUBY_A='lib$(RUBY_SO_NAME)-static.a'
 LIBRUBY='$(LIBRUBY_A)'
 LIBRUBYARG_STATIC='-l$(RUBY_SO_NAME)-static'
 LIBRUBYARG='$(LIBRUBYARG_STATIC)'
@ -55,7 +55,7 @@ index aebbae1969a5..733a0c992fd7 100644
 
 AS_CASE(["$target_os"],
   [cygwin*|mingw*|haiku*|darwin*], [
-@@ -3689,9 +3688,6 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3690,9 +3689,6 @@ AS_CASE("$enable_shared", [yes], [
   LIBRUBY_RELATIVE=no
   test -z "$CCDLFLAGS" || CFLAGS="$CFLAGS $CCDLFLAGS"
   ENABLE_SHARED=yes
@ -65,7 +65,7 @@ index aebbae1969a5..733a0c992fd7 100644
 
   # libdir can be overridden in config.site file (on OpenSUSE at least).
   libdir_basename=lib
-@@ -3726,7 +3722,6 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3727,7 +3723,6 @@ AS_CASE("$enable_shared", [yes], [
 	])
 	],
     [freebsd*|dragonfly*], [
@ -73,7 +73,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)$(MINOR)'
 	LIBRUBY_SONAME='$(LIBRUBY_SO)'
 	AS_IF([test "$rb_cv_binary_elf" != "yes" ], [
-@@ -3735,7 +3730,6 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3736,7 +3731,6 @@ AS_CASE("$enable_shared", [yes], [
 	])
 	],
     [netbsd*], [
@ -81,7 +81,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	LIBRUBY_SONAME='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)$(MINOR)'
 	LIBRUBY_SO="${LIBRUBY_SONAME}"'.$(TEENY)'
 	RUBY_APPEND_OPTIONS(LIBRUBY_DLDFLAGS, ['-Wl,-soname,$(LIBRUBY_SONAME)' "$LDFLAGS_OPTDIR"])
-@@ -3746,11 +3740,9 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3747,11 +3741,9 @@ AS_CASE("$enable_shared", [yes], [
 	])
 	],
     [openbsd*|mirbsd*], [
@ -93,7 +93,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)'
 	LIBRUBY_SONAME='lib$(RUBY_SO_NAME).$(SOEXT).$(RUBY_PROGRAM_VERSION)'
 	LIBRUBY_ALIASES='$(LIBRUBY_SONAME) lib$(RUBY_SO_NAME).$(SOEXT)'
-@@ -3768,7 +3760,7 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3769,7 +3761,7 @@ AS_CASE("$enable_shared", [yes], [
     [aix*], [
 	RUBY_APPEND_OPTIONS(LIBRUBY_DLDFLAGS, ["${linker_flag}-bnoentry" "$XLDFLAGS" "$LDFLAGS_OPTDIR"])
 	LIBRUBYARG_SHARED='-L${libdir} -l${RUBY_SO_NAME}'
@ -102,7 +102,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	],
     [darwin*], [
 	LIBRUBY_LDSHARED='$(CC) -dynamiclib'
-@@ -3788,7 +3780,6 @@ AS_CASE("$enable_shared", [yes], [
+@@ -3789,7 +3781,6 @@ AS_CASE("$enable_shared", [yes], [
 	LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT)'
 	LIBRUBY_SONAME='lib$(RUBY_BASE_NAME).$(RUBY_API_VERSION).$(SOEXT)'
 	LIBRUBY_ALIASES='$(LIBRUBY_SONAME) lib$(RUBY_INSTALL_NAME).$(SOEXT)'
@ -110,7 +110,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	],
     [interix*], [
 	LIBRUBYARG_SHARED='-L. -L${libdir} -l$(RUBY_SO_NAME)'
-@@ -4031,7 +4022,6 @@ AS_CASE(["$target_os"],
+@@ -4032,7 +4023,6 @@ AS_CASE(["$target_os"],
 	    ])
 	LIBRUBY_ALIASES=''
 	FIRSTMAKEFILE=GNUmakefile:cygwin/GNUmakefile.in
@ -118,7 +118,7 @@ index aebbae1969a5..733a0c992fd7 100644
 	AS_IF([test x"$enable_shared" = xyes], [
 	    LIBRUBY='lib$(RUBY_SO_NAME).dll.a'
 	], [
-@@ -4131,6 +4121,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [
+@@ -4132,6 +4122,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [
 		[rb_cv_architecture_available=yes], [rb_cv_architecture_available=no]))
 ])
 
--- a/SOURCES/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
+++ b/SOURCES/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
@ -1,157 +0,0 @@
-From 1dfc377ae3b174b043d3f0ed36de57b0296b34d0 Mon Sep 17 00:00:00 2001
-From: rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 8 Aug 2018 14:13:55 +0000
-Subject: [PATCH] net/http, net/ftp: fix session resumption with TLS 1.3
-
-When TLS 1.3 is in use, the session ticket may not have been sent yet
-even though a handshake has finished. Also, the ticket could change if
-multiple session ticket messages are sent by the server. Use
-SSLContext#session_new_cb instead of calling SSLSocket#session
-immediately after a handshake. This way also works with earlier protocol
-versions.
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
- lib/net/ftp.rb              |  5 ++++-
- lib/net/http.rb             |  7 +++++--
- test/net/http/test_https.rb | 35 ++++++++++-------------------------
- 3 files changed, 19 insertions(+), 28 deletions(-)
-
-diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
-index c3ee47ef4d36..9902f9dc657a 100644
--- a/lib/net/ftp.rb
-+++ b/lib/net/ftp.rb
-@@ -230,6 +230,10 @@ def initialize(host = nil, user_or_options = {}, passwd = nil, acct = nil)
-         if defined?(VerifyCallbackProc)
-           @ssl_context.verify_callback = VerifyCallbackProc
-         end
-+        @ssl_context.session_cache_mode =
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE
-+        @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess }
-         @ssl_session = nil
-         if options[:private_data_connection].nil?
-           @private_data_connection = true
-@@ -349,7 +353,6 @@ def start_tls_session(sock)
-       if @ssl_context.verify_mode != VERIFY_NONE
-         ssl_sock.post_connection_check(@host)
-       end
-      @ssl_session = ssl_sock.session
-       return ssl_sock
-     end
-     private :start_tls_session
-diff --git a/lib/net/http.rb b/lib/net/http.rb
-index 281b15cedff0..683a884f5dbe 100644
--- a/lib/net/http.rb
-+++ b/lib/net/http.rb
-@@ -969,6 +969,10 @@ def connect
-         end
-         @ssl_context = OpenSSL::SSL::SSLContext.new
-         @ssl_context.set_params(ssl_parameters)
-+        @ssl_context.session_cache_mode =
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE
-+        @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess }
-         D "starting SSL for #{conn_address}:#{conn_port}..."
-         s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
-         s.sync_close = true
-@@ -976,13 +980,12 @@ def connect
-         s.hostname = @address if s.respond_to? :hostname=
-         if @ssl_session and
-            Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout
-          s.session = @ssl_session if @ssl_session
-+          s.session = @ssl_session
-         end
-         ssl_socket_connect(s, @open_timeout)
-         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
-           s.post_connection_check(@address)
-         end
-        @ssl_session = s.session
-         D "SSL established"
-       end
-       @socket = BufferedIO.new(s, read_timeout: @read_timeout,
-diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb
-index 8004d5c5f29f..a5182a1fe9db 100644
--- a/test/net/http/test_https.rb
-+++ b/test/net/http/test_https.rb
-@@ -71,20 +71,11 @@ def test_session_reuse
-     http.get("/")
-     http.finish
- 
-    http.start
-    http.get("/")
-    http.finish # three times due to possible bug in OpenSSL 0.9.8
-
-    sid = http.instance_variable_get(:@ssl_session).id
-
-     http.start
-     http.get("/")
- 
-     socket = http.instance_variable_get(:@socket).io
-
-    assert socket.session_reused?
-
-    assert_equal sid, http.instance_variable_get(:@ssl_session).id
-+    assert_equal true, socket.session_reused?
- 
-     http.finish
-   rescue SystemCallError
-@@ -101,16 +92,12 @@ def test_session_reuse_but_expire
-     http.get("/")
-     http.finish
- 
-    sid = http.instance_variable_get(:@ssl_session).id
-
-     http.start
-     http.get("/")
- 
-     socket = http.instance_variable_get(:@socket).io
-     assert_equal false, socket.session_reused?
- 
-    assert_not_equal sid, http.instance_variable_get(:@ssl_session).id
-
-     http.finish
-   rescue SystemCallError
-     skip $!
-@@ -160,15 +147,16 @@ def test_certificate_verify_failure
-   end
- 
-   def test_identity_verify_failure
-+    # the certificate's subject has CN=localhost
-     http = Net::HTTP.new("127.0.0.1", config("port"))
-     http.use_ssl = true
-    http.verify_callback = Proc.new do |preverify_ok, store_ctx|
-      true
-    end
-+    http.cert_store = TEST_STORE
-+    @log_tester = lambda {|_| }
-     ex = assert_raise(OpenSSL::SSL::SSLError){
-       http.request_get("/") {|res| }
-     }
-    assert_match(/hostname \"127.0.0.1\" does not match/, ex.message)
-+    re_msg = /certificate verify failed|hostname \"127.0.0.1\" does not match/
-+    assert_match(re_msg, ex.message)
-   end
- 
-   def test_timeout_during_SSL_handshake
-@@ -193,16 +181,13 @@ def test_timeout_during_SSL_handshake
-   end
- 
-   def test_min_version
-    http = Net::HTTP.new("127.0.0.1", config("port"))
-+    http = Net::HTTP.new("localhost", config("port"))
-     http.use_ssl = true
-     http.min_version = :TLS1
-    http.verify_callback = Proc.new do |preverify_ok, store_ctx|
-      true
-    end
-    ex = assert_raise(OpenSSL::SSL::SSLError){
-      http.request_get("/") {|res| }
-+    http.cert_store = TEST_STORE
-+    http.request_get("/") {|res|
-+      assert_equal($test_net_http_data, res.body)
-     }
-    assert_match(/hostname \"127.0.0.1\" does not match/, ex.message)
-   end
- 
-   def test_max_version
--- a/SOURCES/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch
+++ b/SOURCES/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch
@ -1,34 +0,0 @@
-From d05e6269d4a4dfd701f5ddb3ae34306cba891511 Mon Sep 17 00:00:00 2001
-From: Jun Aruga <jaruga@redhat.com>
-Date: Fri, 3 Aug 2018 11:35:55 +0200
-Subject: [PATCH] Fix indent and typo from moveTimout to moveTimeout.
-
---
- lib/rdoc/generator/template/json_index/js/navigation.js | 7 +++----
- 1 file changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/lib/rdoc/generator/template/json_index/js/navigation.js b/lib/rdoc/generator/template/json_index/js/navigation.js
-index e4126812..43c5118a 100644
--- a/lib/rdoc/generator/template/json_index/js/navigation.js
-+++ b/lib/rdoc/generator/template/json_index/js/navigation.js
-@@ -59,9 +59,8 @@ Navigation = new function() {
-         }
-         break;
-       case 13: //Event.KEY_RETURN:
-        if (this.$current)
-          e.preventDefault();
-          this.select(this.$current);
-+        if (this.$current) e.preventDefault();
-+        this.select(this.$current);
-         break;
-     }
-     if (e.ctrlKey && e.shiftKey) this.select(this.$current);
-@@ -80,7 +79,7 @@ Navigation = new function() {
-     var go = function() {
-       if (!_this.moveTimeout) return;
-       _this[isDown ? 'moveDown' : 'moveUp']();
-      _this.moveTimout = setTimeout(go, 100);
-+      _this.moveTimeout = setTimeout(go, 100);
-     }
-     this.moveTimeout = setTimeout(go, 200);
-   }
--- a/SOURCES/ruby-2.6.0-rdoc-6.0.2-check-nil-text-token.patch
+++ b/SOURCES/ruby-2.6.0-rdoc-6.0.2-check-nil-text-token.patch
@ -0,0 +1,69 @@
+From 9d98bfe7f1abdeda5aedf9404588104980ee7a86 Mon Sep 17 00:00:00 2001
+From: aycabta <aycabta@gmail.com>
+Date: Mon, 15 Jan 2018 22:32:56 +0900
+Subject: [PATCH] Check nil text token
+
+Sometimes :on_ignored_nl token has nil text. This commit checks and
+bypasses the token.
+---
+ lib/rdoc/parser/ripper_state_lex.rb |  4 +++-
+ test/test_rdoc_parser_ruby.rb       | 30 +++++++++++++++++++++++++++++
+ 2 files changed, 33 insertions(+), 1 deletion(-)
+
+diff --git a/lib/rdoc/parser/ripper_state_lex.rb b/lib/rdoc/parser/ripper_state_lex.rb
+index 2a285b97a4..c56cef46ee 100644
+--- a/lib/rdoc/parser/ripper_state_lex.rb
+++ b/lib/rdoc/parser/ripper_state_lex.rb
+@@ -330,8 +330,10 @@ class RDoc::RipperStateLex
+       @heredoc_queue << retrieve_heredoc_info(tk)
+       @inner_lex.lex_state = EXPR_END unless RIPPER_HAS_LEX_STATE
+     when :on_nl, :on_ignored_nl, :on_comment, :on_heredoc_end then
+-      unless @heredoc_queue.empty?
+      if !@heredoc_queue.empty?
+         get_heredoc_tk(*@heredoc_queue.shift)
+      elsif tk[:text].nil? # :on_ignored_nl sometimes gives nil
+        tk[:text] = ''
+       end
+     when :on_words_beg then
+       tk = get_words_tk(tk)
+diff --git a/test/rdoc/test_rdoc_parser_ruby.rb b/test/rdoc/test_rdoc_parser_ruby.rb
+index 833ed2cc74..c9d57021ce 100644
+--- a/test/rdoc/test_rdoc_parser_ruby.rb
+++ b/test/rdoc/test_rdoc_parser_ruby.rb
+@@ -306,6 +306,36 @@ def sum(n)
+     assert_equal @top_level, sum.file
+   end
+
+  def test_parse_on_ignored_nl_with_nil_text
+    util_parser <<ruby
+class Foo
+  def meth
+    variable # comment
+      .chain
+  end
+end
+ruby
+
+    expected = <<EXPECTED
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">meth</span>
+  <span class="ruby-identifier">variable</span> <span class="ruby-comment"># comment</span>
+    .<span class="ruby-identifier">chain</span>
+<span class="ruby-keyword">end</span>
+EXPECTED
+    expected = expected.rstrip
+
+    @parser.scan
+
+    foo = @store.find_class_named 'Foo'
+    meth = foo.method_list.first
+
+    assert_equal 'meth',     meth.name
+    assert_equal @top_level, meth.file
+
+    markup_code = meth.markup_code.sub(/^.*\n/, '')
+    assert_equal expected, markup_code
+  end
+
+   def test_parse_alias
+     klass = RDoc::NormalClass.new 'Foo'
+     klass.parent = @top_level
--- a/SOURCES/ruby-2.6.0-rdoc-6.0.2-fix-different-js-gz-pages-across-multilib.patch
+++ b/SOURCES/ruby-2.6.0-rdoc-6.0.2-fix-different-js-gz-pages-across-multilib.patch
@ -0,0 +1,214 @@
+From 091459248d3ce814e10d50cc4421f0c0454ef61f Mon Sep 17 00:00:00 2001
+From: "Bernhard M. Wiedemann" <bwiedemann@suse.de>
+Date: Sun, 30 Apr 2017 22:47:40 +0200
+Subject: [PATCH 1/4] created.rid: use SOURCE_DATE_EPOCH
+
+use SOURCE_DATE_EPOCH instead of current time in created.rid top line
+to enable reproducible builds of ruby docs
+
+See https://reproducible-builds.org/ for why this is good
+and https://reproducible-builds.org/specs/source-date-epoch/
+for the definition of this variable.
+---
+ lib/rdoc/rdoc.rb | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
+index 68775c8be1..a2711fbbd1 100644
+--- a/lib/rdoc/rdoc.rb
+++ b/lib/rdoc/rdoc.rb
+@@ -232,6 +232,9 @@ def store= store
+ 
+   def update_output_dir(op_dir, time, last = {})
+     return if @options.dry_run or not @options.update_output_dir
+    unless ENV['SOURCE_DATE_EPOCH'].nil?
+      time = Time.at(ENV['SOURCE_DATE_EPOCH'].to_i).gmtime
+    end
+ 
+     open output_flag_file(op_dir), "w" do |f|
+       f.puts time.rfc2822
+-- 
+2.21.0
+
+From 73a935e9fa63b056ea0be69c0c923afdfb4d88da Mon Sep 17 00:00:00 2001
+From: "Bernhard M. Wiedemann" <bwiedemann@suse.de>
+Date: Thu, 14 Dec 2017 10:54:54 +0100
+Subject: [PATCH 2/4] Do not store current timestamps in gz headers
+
+to enable reproducible builds of rdoc
+
+Normally, 0 would be the preferred value to indicate "no date"
+but that value is handled differently in Zlib::GzipWriter
+to put in the current time
+---
+ lib/rdoc/generator/json_index.rb | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/rdoc/generator/json_index.rb b/lib/rdoc/generator/json_index.rb
+index e4cfe967c6..a059a5d4d0 100644
+--- a/lib/rdoc/generator/json_index.rb
+++ b/lib/rdoc/generator/json_index.rb
+@@ -175,7 +175,7 @@ def generate_gzipped
+     debug_msg "Writing gzipped search index to %s" % outfile
+ 
+     Zlib::GzipWriter.open(outfile) do |gz|
+-      gz.mtime = File.mtime(search_index_file)
+      gz.mtime = 1 # make output reproducible
+       gz.orig_name = search_index_file.basename.to_s
+       gz.write search_index
+       gz.close
+@@ -193,7 +193,7 @@ def generate_gzipped
+         debug_msg "Writing gzipped file to %s" % outfile
+ 
+         Zlib::GzipWriter.open(outfile) do |gz|
+-          gz.mtime = File.mtime(dest)
+          gz.mtime = 1 # make output reproducible
+           gz.orig_name = dest.basename.to_s
+           gz.write data
+           gz.close
+-- 
+2.21.0
+
+From 1b34b337b72918e83c3b952eed6998ad47974960 Mon Sep 17 00:00:00 2001
+From: aycabta <aycabta@gmail.com>
+Date: Sat, 27 Jan 2018 14:37:42 +0900
+Subject: [PATCH 3/4] Improve reproducible builds for .js and .js.gz files
+
+The mtime for search_index.js.gz should be updated because it's
+generated dynamically. So uses SOURCE_DATE_EPOCH after
+RDoc::Generator::JsonIndex#generate creates index file.
+
+FileUtils.install in RDoc::Generator::JsonIndex#generate with :preserve
+option because the mtime value is based on original .js file.
+---
+ lib/rdoc/generator/json_index.rb            |  9 +++++---
+ test/rdoc/test_rdoc_generator_json_index.rb | 25 ++++++++++++++++++++-
+ 2 files changed, 30 insertions(+), 4 deletions(-)
+
+diff --git a/lib/rdoc/generator/json_index.rb b/lib/rdoc/generator/json_index.rb
+index a059a5d4d0..3a1000033d 100644
+--- a/lib/rdoc/generator/json_index.rb
+++ b/lib/rdoc/generator/json_index.rb
+@@ -147,12 +147,15 @@ def generate
+ 
+       JSON.dump data, io, 0
+     end
+    unless ENV['SOURCE_DATE_EPOCH'].nil?
+      index_file.utime index_file.atime, Time.at(ENV['SOURCE_DATE_EPOCH'].to_i).gmtime
+    end
+ 
+     Dir.chdir @template_dir do
+       Dir['**/*.js'].each do |source|
+         dest = File.join out_dir, source
+ 
+-        FileUtils.install source, dest, :mode => 0644, :verbose => $DEBUG_RDOC
+        FileUtils.install source, dest, :mode => 0644, :preserve => true, :verbose => $DEBUG_RDOC
+       end
+     end
+   end
+@@ -175,7 +178,7 @@ def generate_gzipped
+     debug_msg "Writing gzipped search index to %s" % outfile
+ 
+     Zlib::GzipWriter.open(outfile) do |gz|
+-      gz.mtime = 1 # make output reproducible
+      gz.mtime = File.mtime(search_index_file)
+       gz.orig_name = search_index_file.basename.to_s
+       gz.write search_index
+       gz.close
+@@ -193,7 +196,7 @@ def generate_gzipped
+         debug_msg "Writing gzipped file to %s" % outfile
+ 
+         Zlib::GzipWriter.open(outfile) do |gz|
+-          gz.mtime = 1 # make output reproducible
+          gz.mtime = File.mtime(dest)
+           gz.orig_name = dest.basename.to_s
+           gz.write data
+           gz.close
+diff --git a/test/rdoc/test_rdoc_generator_json_index.rb b/test/rdoc/test_rdoc_generator_json_index.rb
+index 6cb5463d29..65e7f087cc 100644
+--- a/test/rdoc/test_rdoc_generator_json_index.rb
+++ b/test/rdoc/test_rdoc_generator_json_index.rb
+@@ -8,7 +8,7 @@ class TestRDocGeneratorJsonIndex < RDoc::TestCase
+   def setup
+     super
+ 
+-    @tmpdir = File.join Dir.tmpdir, "test_rdoc_generator_darkfish_#{$$}"
+    @tmpdir = Dir.mktmpdir "test_rdoc_generator_darkfish_#{$$}_"
+     FileUtils.mkdir_p @tmpdir
+ 
+     @options = RDoc::Options.new
+@@ -89,12 +89,21 @@ def test_file_dir
+   end
+ 
+   def test_generate
+    now = Time.now
+     @g.generate
+ 
+     assert_file 'js/searcher.js'
+     assert_file 'js/navigation.js'
+     assert_file 'js/search_index.js'
+ 
+    orig_file = Pathname(File.join @pwd, 'lib/rdoc/generator/template/json_index/js/navigation.js')
+    generated_file = Pathname(File.join @tmpdir, 'js/navigation.js')
+    assert_equal orig_file.mtime, generated_file.mtime
+    assert generated_file.mtime < now, '.js files should be the same timestamp'
+
+    generated_search_index = Pathname(File.join @tmpdir, 'js/search_index.js')
+    assert generated_search_index.mtime > (now - 1), 'search_index.js should be generated timestamp'
+
+     json = File.read 'js/search_index.js'
+ 
+     json =~ /\Avar search_data = /
+@@ -137,6 +146,20 @@ def test_generate
+     assert_equal expected, index
+   end
+ 
+  def test_generate_search_index_with_reproducible_builds
+    backup_epoch = ENV['SOURCE_DATE_EPOCH']
+    ruby_birthday = Time.parse 'Wed, 24 Feb 1993 21:00:00 +0900'
+    ENV['SOURCE_DATE_EPOCH'] = ruby_birthday.to_i.to_s
+
+    @g.generate
+
+    assert_file 'js/search_index.js'
+    generated_search_index = Pathname(File.join @tmpdir, 'js/search_index.js')
+    assert_equal ruby_birthday, generated_search_index.mtime
+
+    ENV['SOURCE_DATE_EPOCH'] = backup_epoch
+  end
+
+   def test_generate_gzipped
+     begin
+       require 'zlib'
+-- 
+2.21.0
+
+From 74c1e201f2146e7175e74d6fc0b9386c2e95210f Mon Sep 17 00:00:00 2001
+From: aycabta <aycabta@gmail.com>
+Date: Sat, 27 Jan 2018 17:54:31 +0900
+Subject: [PATCH 4/4] Use dirty hack on JRuby for MiniTest 4
+
+---
+ test/rdoc/test_rdoc_generator_json_index.rb | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/test/rdoc/test_rdoc_generator_json_index.rb b/test/rdoc/test_rdoc_generator_json_index.rb
+index 65e7f087cc..714d496195 100644
+--- a/test/rdoc/test_rdoc_generator_json_index.rb
+++ b/test/rdoc/test_rdoc_generator_json_index.rb
+@@ -98,7 +98,11 @@ def test_generate
+ 
+     orig_file = Pathname(File.join @pwd, 'lib/rdoc/generator/template/json_index/js/navigation.js')
+     generated_file = Pathname(File.join @tmpdir, 'js/navigation.js')
+-    assert_equal orig_file.mtime, generated_file.mtime
+
+    # This is dirty hack on JRuby for MiniTest 4
+    assert orig_file.mtime.inspect == generated_file.mtime.inspect,
+      '.js files should be tha same timestamp of original'
+
+     assert generated_file.mtime < now, '.js files should be the same timestamp'
+ 
+     generated_search_index = Pathname(File.join @tmpdir, 'js/search_index.js')
+-- 
+2.21.0
+
--- a/SOURCES/ruby-2.6.10-Fix-CVE-2022-28739-Buffer-overrun-in-str2float.patch
+++ b/SOURCES/ruby-2.6.10-Fix-CVE-2022-28739-Buffer-overrun-in-str2float.patch
@ -0,0 +1,73 @@
+From 8e2ed0b9d965a526b29f9dc3bff8e9fe33dae98d Mon Sep 17 00:00:00 2001
+From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Tue, 12 Apr 2022 11:49:45 +0000
+Subject: [PATCH] Fix CVE-2022-28739 Buffer overrun in str2float.
+
+CVE-2022-28739: Buffer overrun in String-to-Float conversion
+Backported from upstream Ruby 2.6.10,
+Git commit:
+https://github.com/ruby/ruby/commit/69f9992ed41920389d4185141a14f02f89a4d306
+
+==== Original commit message
+
+Fix dtoa buffer overrun
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67957 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+---
+ test/ruby/test_float.rb | 18 ++++++++++++++++++
+ util.c                  |  3 ++-
+ 2 files changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/test/ruby/test_float.rb b/test/ruby/test_float.rb
+index 7fabfd3..78c63c2 100644
+--- a/test/ruby/test_float.rb
+++ b/test/ruby/test_float.rb
+@@ -171,6 +171,24 @@ class TestFloat < Test::Unit::TestCase
+       assert_raise(ArgumentError, n += z + "A") {Float(n)}
+       assert_raise(ArgumentError, n += z + ".0") {Float(n)}
+     end
+
+    x = nil
+    2000.times do
+      x = Float("0x"+"0"*30)
+      break unless x == 0.0
+    end
+    assert_equal(0.0, x, ->{"%a" % x})
+    x = nil
+    2000.times do
+      begin
+        x = Float("0x1."+"0"*270)
+      rescue ArgumentError => e
+        raise unless /"0x1\.0{270}"/ =~ e.message
+      else
+        break
+      end
+    end
+    assert_nil(x, ->{"%a" % x})
+   end
+ 
+   def test_divmod
+diff --git a/util.c b/util.c
+index 2222744..f1d910f 100644
+--- a/util.c
+++ b/util.c
+@@ -2046,6 +2046,7 @@ break2:
+ 	    if (!*++s || !(s1 = strchr(hexdigit, *s))) goto ret0;
+ 	    if (*s == '0') {
+ 		while (*++s == '0');
+		if (!*s) goto ret;
+ 		s1 = strchr(hexdigit, *s);
+ 	    }
+ 	    if (s1 != NULL) {
+@@ -2068,7 +2069,7 @@ break2:
+ 		for (; *s && (s1 = strchr(hexdigit, *s)); ++s) {
+ 		    adj += aadj * ((s1 - hexdigit) & 15);
+ 		    if ((aadj /= 16) == 0.0) {
+-			while (strchr(hexdigit, *++s));
+			while (*++s && strchr(hexdigit, *s));
+ 			break;
+ 		    }
+ 		}
+-- 
+2.41.0
+
--- a/SOURCES/ruby-2.6.3-fiddle-1.0.0-ffi-closure-alloc-default.patch
+++ b/SOURCES/ruby-2.6.3-fiddle-1.0.0-ffi-closure-alloc-default.patch
@ -0,0 +1,61 @@
+diff --git a/ext/fiddle/closure.c b/ext/fiddle/closure.c
+index 1a80b2b..b997e23 100644
+--- a/ext/fiddle/closure.c
+++ b/ext/fiddle/closure.c
+@@ -13,25 +13,11 @@ typedef struct {
+     ffi_type **argv;
+ } fiddle_closure;
+ 
+-#if defined(USE_FFI_CLOSURE_ALLOC)
+-#elif defined(__OpenBSD__) || defined(__APPLE__) || defined(__linux__)
+-# define USE_FFI_CLOSURE_ALLOC 0
+-#elif defined(RUBY_LIBFFI_MODVERSION) && RUBY_LIBFFI_MODVERSION < 3000005 && \
+-	(defined(__i386__) || defined(__x86_64__) || defined(_M_IX86) || defined(_M_AMD64))
+-# define USE_FFI_CLOSURE_ALLOC 0
+-#else
+-# define USE_FFI_CLOSURE_ALLOC 1
+-#endif
+-
+ static void
+ dealloc(void * ptr)
+ {
+     fiddle_closure * cls = (fiddle_closure *)ptr;
+-#if USE_FFI_CLOSURE_ALLOC
+     ffi_closure_free(cls->pcl);
+-#else
+-    munmap(cls->pcl, sizeof(*cls->pcl));
+-#endif
+     if (cls->argv) xfree(cls->argv);
+     xfree(cls);
+ }
+@@ -205,12 +191,7 @@ allocate(VALUE klass)
+     VALUE i = TypedData_Make_Struct(klass, fiddle_closure,
+ 	    &closure_data_type, closure);
+ 
+-#if USE_FFI_CLOSURE_ALLOC
+     closure->pcl = ffi_closure_alloc(sizeof(ffi_closure), &closure->code);
+-#else
+-    closure->pcl = mmap(NULL, sizeof(ffi_closure), PROT_READ | PROT_WRITE,
+-        MAP_ANON | MAP_PRIVATE, -1, 0);
+-#endif
+ 
+     return i;
+ }
+@@ -257,17 +238,8 @@ initialize(int rbargc, VALUE argv[], VALUE self)
+     if (FFI_OK != result)
+ 	rb_raise(rb_eRuntimeError, "error prepping CIF %d", result);
+ 
+-#if USE_FFI_CLOSURE_ALLOC
+     result = ffi_prep_closure_loc(pcl, cif, callback,
+ 		(void *)self, cl->code);
+-#else
+-    result = ffi_prep_closure(pcl, cif, callback, (void *)self);
+-    cl->code = (void *)pcl;
+-    i = mprotect(pcl, sizeof(*pcl), PROT_READ | PROT_EXEC);
+-    if (i) {
+-	rb_sys_fail("mprotect");
+-    }
+-#endif
+ 
+     if (FFI_OK != result)
+ 	rb_raise(rb_eRuntimeError, "error prepping closure %d", result);
--- a/SOURCES/ruby-2.6.8-net-ftp-pasv-can-connect-to-arbitrary-host.patch
+++ b/SOURCES/ruby-2.6.8-net-ftp-pasv-can-connect-to-arbitrary-host.patch
@ -0,0 +1,247 @@
+commit be5a83e84a34091f2a4e3c6dfb911b20e78e690c
+Author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date:   Wed Jul 7 10:34:08 2021 +0000
+
+    Ignore IP addresses in PASV responses by default, and add new option use_pasv_ip
+    
+    This fixes CVE-2021-31810.
+    Reported by Alexandr Savca.
+    
+    Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
+    
+    
+    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67949 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+
+diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
+index e68d825dcf..c5d669d898 100644
+--- a/lib/net/ftp.rb
+++ b/lib/net/ftp.rb
+@@ -97,6 +97,10 @@ class FTP < Protocol
+     # When +true+, the connection is in passive mode.  Default: +true+.
+     attr_accessor :passive
+ 
+    # When +true+, use the IP address in PASV responses.  Otherwise, it uses
+    # the same IP address for the control connection.  Default: +false+.
+    attr_accessor :use_pasv_ip
+
+     # When +true+, all traffic to and from the server is written
+     # to +$stdout+.  Default: +false+.
+     attr_accessor :debug_mode
+@@ -205,6 +209,9 @@ def FTP.open(host, *args)
+     #                          handshake.
+     #                          See Net::FTP#ssl_handshake_timeout for
+     #                          details.  Default: +nil+.
+    # use_pasv_ip::  When +true+, use the IP address in PASV responses.
+    #                Otherwise, it uses the same IP address for the control
+    #                connection.  Default: +false+.
+     # debug_mode::  When +true+, all traffic to and from the server is
+     #               written to +$stdout+.  Default: +false+.
+     #
+@@ -265,6 +272,7 @@ def initialize(host = nil, user_or_options = {}, passwd = nil, acct = nil)
+       @open_timeout = options[:open_timeout]
+       @ssl_handshake_timeout = options[:ssl_handshake_timeout]
+       @read_timeout = options[:read_timeout] || 60
+      @use_pasv_ip = options[:use_pasv_ip] || false
+       if host
+         connect(host, options[:port] || FTP_PORT)
+         if options[:username]
+@@ -1330,7 +1338,12 @@ def parse227(resp) # :nodoc:
+         raise FTPReplyError, resp
+       end
+       if m = /\((?<host>\d+(,\d+){3}),(?<port>\d+,\d+)\)/.match(resp)
+-        return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
+        if @use_pasv_ip
+          host = parse_pasv_ipv4_host(m["host"])
+        else
+          host = @bare_sock.remote_address.ip_address
+        end
+        return host, parse_pasv_port(m["port"])
+       else
+         raise FTPProtoError, resp
+       end
+diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb
+index a5219644bb..b3fe7774ed 100644
+--- a/test/net/ftp/test_ftp.rb
+++ b/test/net/ftp/test_ftp.rb
+@@ -61,7 +61,7 @@ def test_connect_fail
+   end
+ 
+   def test_parse227
+-    ftp = Net::FTP.new
+    ftp = Net::FTP.new(nil, use_pasv_ip: true)
+     host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
+     assert_equal("192.168.0.1", host)
+     assert_equal(3106, port)
+@@ -80,6 +80,14 @@ def test_parse227
+     assert_raise(Net::FTPProtoError) do
+       ftp.send(:parse227, "227 ) foo bar (")
+     end
+
+    ftp = Net::FTP.new
+    sock = OpenStruct.new
+    sock.remote_address = OpenStruct.new
+    sock.remote_address.ip_address = "10.0.0.1"
+    ftp.instance_variable_set(:@bare_sock, sock)
+    host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
+    assert_equal("10.0.0.1", host)
+   end
+ 
+   def test_parse228
+@@ -2360,10 +2368,155 @@ def test_puttextfile_command_injection
+     end
+   end
+ 
+  def test_ignore_pasv_ip
+    commands = []
+    binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
+    server = create_ftp_server(nil, "127.0.0.1") { |sock|
+      sock.print("220 (test_ftp).\r\n")
+      commands.push(sock.gets)
+      sock.print("331 Please specify the password.\r\n")
+      commands.push(sock.gets)
+      sock.print("230 Login successful.\r\n")
+      commands.push(sock.gets)
+      sock.print("200 Switching to Binary mode.\r\n")
+      line = sock.gets
+      commands.push(line)
+      data_server = TCPServer.new("127.0.0.1", 0)
+      port = data_server.local_address.ip_port
+      sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n",
+                  port.divmod(256).join(","))
+      commands.push(sock.gets)
+      sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
+      conn = data_server.accept
+      binary_data.scan(/.{1,1024}/nm) do |s|
+        conn.print(s)
+      end
+      conn.shutdown(Socket::SHUT_WR)
+      conn.read
+      conn.close
+      data_server.close
+      sock.print("226 Transfer complete.\r\n")
+    }
+    begin
+      begin
+        ftp = Net::FTP.new
+        ftp.passive = true
+        ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
+        ftp.connect("127.0.0.1", server.port)
+        ftp.login
+        assert_match(/\AUSER /, commands.shift)
+        assert_match(/\APASS /, commands.shift)
+        assert_equal("TYPE I\r\n", commands.shift)
+        buf = ftp.getbinaryfile("foo", nil)
+        assert_equal(binary_data, buf)
+        assert_equal(Encoding::ASCII_8BIT, buf.encoding)
+        assert_equal("PASV\r\n", commands.shift)
+        assert_equal("RETR foo\r\n", commands.shift)
+        assert_equal(nil, commands.shift)
+      ensure
+        ftp.close if ftp
+      end
+    ensure
+      server.close
+    end
+  end
+
+  def test_use_pasv_ip
+    commands = []
+    binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
+    server = create_ftp_server(nil, "127.0.0.1") { |sock|
+      sock.print("220 (test_ftp).\r\n")
+      commands.push(sock.gets)
+      sock.print("331 Please specify the password.\r\n")
+      commands.push(sock.gets)
+      sock.print("230 Login successful.\r\n")
+      commands.push(sock.gets)
+      sock.print("200 Switching to Binary mode.\r\n")
+      line = sock.gets
+      commands.push(line)
+      data_server = TCPServer.new("127.0.0.1", 0)
+      port = data_server.local_address.ip_port
+      sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n",
+                  port.divmod(256).join(","))
+      commands.push(sock.gets)
+      sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
+      conn = data_server.accept
+      binary_data.scan(/.{1,1024}/nm) do |s|
+        conn.print(s)
+      end
+      conn.shutdown(Socket::SHUT_WR)
+      conn.read
+      conn.close
+      data_server.close
+      sock.print("226 Transfer complete.\r\n")
+    }
+    begin
+      begin
+        ftp = Net::FTP.new
+        ftp.passive = true
+        ftp.use_pasv_ip = true
+        ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
+        ftp.connect("127.0.0.1", server.port)
+        ftp.login
+        assert_match(/\AUSER /, commands.shift)
+        assert_match(/\APASS /, commands.shift)
+        assert_equal("TYPE I\r\n", commands.shift)
+        buf = ftp.getbinaryfile("foo", nil)
+        assert_equal(binary_data, buf)
+        assert_equal(Encoding::ASCII_8BIT, buf.encoding)
+        assert_equal("PASV\r\n", commands.shift)
+        assert_equal("RETR foo\r\n", commands.shift)
+        assert_equal(nil, commands.shift)
+      ensure
+        ftp.close if ftp
+      end
+    ensure
+      server.close
+    end
+  end
+
+  def test_use_pasv_invalid_ip
+    commands = []
+    binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
+    server = create_ftp_server(nil, "127.0.0.1") { |sock|
+      sock.print("220 (test_ftp).\r\n")
+      commands.push(sock.gets)
+      sock.print("331 Please specify the password.\r\n")
+      commands.push(sock.gets)
+      sock.print("230 Login successful.\r\n")
+      commands.push(sock.gets)
+      sock.print("200 Switching to Binary mode.\r\n")
+      line = sock.gets
+      commands.push(line)
+      sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n")
+      commands.push(sock.gets)
+    }
+    begin
+      begin
+        ftp = Net::FTP.new
+        ftp.passive = true
+        ftp.use_pasv_ip = true
+        ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
+        ftp.connect("127.0.0.1", server.port)
+        ftp.login
+        assert_match(/\AUSER /, commands.shift)
+        assert_match(/\APASS /, commands.shift)
+        assert_equal("TYPE I\r\n", commands.shift)
+        assert_raise(SocketError) do
+          ftp.getbinaryfile("foo", nil)
+        end
+      ensure
+        ftp.close if ftp
+      end
+    ensure
+      server.close
+    end
+  end
+
+   private
+ 
+-  def create_ftp_server(sleep_time = nil)
+-    server = TCPServer.new(SERVER_ADDR, 0)
+  def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR)
+    server = TCPServer.new(addr, 0)
+     @thread = Thread.start do
+       if sleep_time
+         sleep(sleep_time)
--- a/SOURCES/ruby-2.6.8-net-imap-startls-stripping-vulnerability.patch
+++ b/SOURCES/ruby-2.6.8-net-imap-startls-stripping-vulnerability.patch
@ -0,0 +1,101 @@
+commit 95ba9053e20ad8d113af37b3f1f4cbfff1f6a8f1
+Author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date:   Wed Jul 7 10:38:10 2021 +0000
+
+    Fix StartTLS stripping vulnerability
+    
+    Reported by Alexandr Savca in https://hackerone.com/reports/1178562
+    
+    Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
+    
+    
+    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+
+diff --git a/lib/net/imap.rb b/lib/net/imap.rb
+index 1c7e89ba14..91df89b79e 100644
+--- a/lib/net/imap.rb
+++ b/lib/net/imap.rb
+@@ -1213,12 +1213,14 @@ def get_tagged_response(tag, cmd)
+       end
+       resp = @tagged_responses.delete(tag)
+       case resp.name
+      when /\A(?:OK)\z/ni
+        return resp
+       when /\A(?:NO)\z/ni
+         raise NoResponseError, resp
+       when /\A(?:BAD)\z/ni
+         raise BadResponseError, resp
+       else
+-        return resp
+        raise UnknownResponseError, resp
+       end
+     end
+ 
+@@ -3714,6 +3716,10 @@ class BadResponseError < ResponseError
+     class ByeResponseError < ResponseError
+     end
+ 
+    # Error raised upon an unknown response from the server.
+    class UnknownResponseError < ResponseError
+    end
+
+     RESPONSE_ERRORS = Hash.new(ResponseError)
+     RESPONSE_ERRORS["NO"] = NoResponseError
+     RESPONSE_ERRORS["BAD"] = BadResponseError
+diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb
+index 936f4e0f42..81928cb8fe 100644
+--- a/test/net/imap/test_imap.rb
+++ b/test/net/imap/test_imap.rb
+@@ -127,6 +127,24 @@ def test_starttls
+         imap.disconnect
+       end
+     end
+
+    def test_starttls_stripping
+      starttls_stripping_test do |port|
+        imap = Net::IMAP.new("localhost", :port => port)
+        assert_raise(Net::IMAP::UnknownResponseError) do
+          imap.starttls(:ca_file => CA_FILE)
+        end
+        imap
+      end
+    end
+  end
+
+  def start_server
+    th = Thread.new do
+      yield
+    end
+    @threads << th
+    sleep 0.1 until th.stop?
+   end
+ 
+   def test_unexpected_eof
+@@ -760,6 +760,27 @@ def starttls_test
+     end
+   end
+ 
+  def starttls_stripping_test
+    server = create_tcp_server
+    port = server.addr[1]
+    start_server do
+      sock = server.accept
+      begin
+        sock.print("* OK test server\r\n")
+        sock.gets
+        sock.print("RUBY0001 BUG unhandled command\r\n")
+      ensure
+        sock.close
+        server.close
+      end
+    end
+    begin
+      imap = yield(port)
+    ensure
+      imap.disconnect if imap && !imap.disconnected?
+    end
+  end
+
+   def create_tcp_server
+     return TCPServer.new(server_addr, 0)
+   end
--- a/SOURCES/ruby-2.6.8-rdoc-6.1.2.1-command-injection-vulnerability.patch
+++ b/SOURCES/ruby-2.6.8-rdoc-6.1.2.1-command-injection-vulnerability.patch
@ -0,0 +1,88 @@
+commit fe3c49c9baeeab58304ede915b7edd18ecf360fc
+Author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date:   Sat Jul 3 17:10:28 2021 +0000
+
+    merge revision(s) b1c73f23,c9ab8fe2: [Backport #17877]
+    
+            [ruby/rdoc] Use File.open to fix the OS Command Injection vulnerability in CVE-2021-31799
+    
+            https://github.com/ruby/rdoc/commit/a7f5d6ab88
+    
+            The test for command injection on Unix platforms should be omitted on Windows
+    
+    
+    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67947 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+
+diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
+index ca2c1abefd..46aace7839 100644
+--- a/lib/rdoc/rdoc.rb
+++ b/lib/rdoc/rdoc.rb
+@@ -436,7 +436,7 @@ def remove_unparseable files
+     files.reject do |file|
+       file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
+         (file =~ /tags$/i and
+-         open(file, 'rb') { |io|
+         File.open(file, 'rb') { |io|
+            io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
+          })
+     end
+--- a/lib/rdoc/encoding.rb	2022-02-16 16:51:28.080178281 +0100
+++ b/lib/rdoc/encoding.rb	2022-02-16 16:51:37.108160840 +0100
+@@ -18,7 +18,7 @@
+   # unknown character in the target encoding will be replaced with '?'
+ 
+   def self.read_file filename, encoding, force_transcode = false
+-    content = open filename, "rb" do |f| f.read end
+    content = File.open filename, "rb" do |f| f.read end
+     content.gsub!("\r\n", "\n") if RUBY_PLATFORM =~ /mswin|mingw/
+ 
+     utf8 = content.sub!(/\A\xef\xbb\xbf/, '')
+--- a/lib/rdoc/parser.rb	2021-04-05 13:46:35.000000000 +0200
+++ b/lib/rdoc/parser.rb	2022-02-16 15:37:17.904822389 +0100
+@@ -74,7 +74,12 @@
+   def self.binary?(file)
+     return false if file =~ /\.(rdoc|txt)$/
+ 
+-    s = File.read(file, 1024) or return false
+    begin
+      open_file = File.open(file)
+      s = open_file.read(1024) or return false
+    ensure
+      open_file.close if open_file
+    end
+ 
+     return true if s[0, 2] == Marshal.dump('')[0, 2] or s.index("\x00")
+ 
+@@ -92,7 +97,8 @@
+   # http://www.garykessler.net/library/file_sigs.html
+ 
+   def self.zip? file
+-    zip_signature = File.read file, 4
+    zip_signature = ''
+    File.open(file) { |f| zip_signature = f.read(4) }
+ 
+     zip_signature == "PK\x03\x04" or
+       zip_signature == "PK\x05\x06" or
+diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
+index 3bce54b243..123b1a4f87 100644
+--- a/test/rdoc/test_rdoc_rdoc.rb
+++ b/test/rdoc/test_rdoc_rdoc.rb
+@@ -366,6 +366,18 @@ def test_remove_unparseable_tags_vim
+     end
+   end
+ 
+  def test_remove_unparseable_CVE_2021_31799
+    skip 'for Un*x platforms' if Gem.win_platform?
+    temp_dir do
+      file_list = ['| touch evil.txt && echo tags']
+      file_list.each do |f|
+        FileUtils.touch f
+      end
+      assert_equal file_list, @rdoc.remove_unparseable(file_list)
+      assert_equal file_list, Dir.children('.')
+    end
+  end
+
+   def test_setup_output_dir
+     Dir.mktmpdir {|d|
+       path = File.join d, 'testdir'
--- a/SOURCES/ruby-2.6.9-cgi-0.1.1-cookie-parse-not-decode-names.patch
+++ b/SOURCES/ruby-2.6.9-cgi-0.1.1-cookie-parse-not-decode-names.patch
@ -0,0 +1,42 @@
+From e2c0652dff671dc6e16a80887e781edc0abc8454 Mon Sep 17 00:00:00 2001
+From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Wed, 24 Nov 2021 11:41:55 +0000
+Subject: [PATCH 2/2] When parsing cookies, only decode the values
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67953 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+---
+ lib/cgi/cookie.rb           | 1 -
+ test/cgi/test_cgi_cookie.rb | 5 +++++
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cgi/cookie.rb b/lib/cgi/cookie.rb
+index a2155edb77..009566bb92 100644
+--- a/lib/cgi/cookie.rb
+++ b/lib/cgi/cookie.rb
+@@ -165,7 +165,6 @@ def self.parse(raw_cookie)
+       raw_cookie.split(/;\s?/).each do |pairs|
+         name, values = pairs.split('=',2)
+         next unless name and values
+-        name = CGI.unescape(name)
+         values ||= ""
+         values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
+         if cookies.has_key?(name)
+diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb
+index 115a57e4a1..985cc0d7a1 100644
+--- a/test/cgi/test_cgi_cookie.rb
+++ b/test/cgi/test_cgi_cookie.rb
+@@ -101,6 +101,11 @@ def test_cgi_cookie_parse
+     end
+   end
+ 
+  def test_cgi_cookie_parse_not_decode_name
+    cookie_str = "%66oo=baz;foo=bar"
+    cookies = CGI::Cookie.parse(cookie_str)
+    assert_equal({"%66oo" => ["baz"], "foo" => ["bar"]}, cookies)
+  end
+ 
+   def test_cgi_cookie_arrayinterface
+     cookie = CGI::Cookie.new('name1', 'a', 'b', 'c')
+-- 
+2.36.1
+
--- a/SOURCES/ruby-2.6.9-date-2.0.1-parse-length-limit.patch
+++ b/SOURCES/ruby-2.6.9-date-2.0.1-parse-length-limit.patch
@ -0,0 +1,918 @@
+From d5753ec513fa5a4bdcf59fa298642fd0d3a3c364 Mon Sep 17 00:00:00 2001
+From: Yusuke Endoh <mame@ruby-lang.org>
+Date: Fri, 12 Nov 2021 12:11:13 +0900
+Subject: [PATCH 1/2] Add length limit option for methods that parses date
+ strings
+
+This patch fixes CVE-2021-41817 and created from the commit
+<https://github.com/ruby/date/commit/4f9b8e946ba98f0a1774f8e677baa4a45637ebb3>.
+We didn't merge the files included in the original commit below, as those are
+for rebasing date gem version.
+
+* ext/date/date.gemspec
+* ext/date/lib/date.rb
+
+== Original commit message ==
+
+`Date.parse` now raises an ArgumentError when a given date string is
+longer than 128. You can configure the limit by giving `limit` keyword
+arguments like `Date.parse(str, limit: 1000)`. If you pass `limit: nil`,
+the limit is disabled.
+
+Not only `Date.parse` but also the following methods are changed.
+
+* Date._parse
+* Date.parse
+* DateTime.parse
+* Date._iso8601
+* Date.iso8601
+* DateTime.iso8601
+* Date._rfc3339
+* Date.rfc3339
+* DateTime.rfc3339
+* Date._xmlschema
+* Date.xmlschema
+* DateTime.xmlschema
+* Date._rfc2822
+* Date.rfc2822
+* DateTime.rfc2822
+* Date._rfc822
+* Date.rfc822
+* DateTime.rfc822
+* Date._jisx0301
+* Date.jisx0301
+* DateTime.jisx0301
+---
+ ext/date/date_core.c         | 384 +++++++++++++++++++++++++++--------
+ test/date/test_date_parse.rb |  29 +++
+ 2 files changed, 325 insertions(+), 88 deletions(-)
+
+diff --git a/ext/date/date_core.c b/ext/date/date_core.c
+index c250633426..177ea0f6c5 100644
+--- a/ext/date/date_core.c
+++ b/ext/date/date_core.c
+@@ -4290,12 +4290,37 @@ date_s_strptime(int argc, VALUE *argv, VALUE klass)
+ 
+ VALUE date__parse(VALUE str, VALUE comp);
+ 
+static size_t
+get_limit(VALUE opt)
+{
+    if (!NIL_P(opt)) {
+        VALUE limit = rb_hash_aref(opt, ID2SYM(rb_intern("limit")));
+        if (NIL_P(limit)) return SIZE_MAX;
+        return NUM2SIZET(limit);
+    }
+    return 128;
+}
+
+static void
+check_limit(VALUE str, VALUE opt)
+{
+    StringValue(str);
+    size_t slen = RSTRING_LEN(str);
+    size_t limit = get_limit(opt);
+    if (slen > limit) {
+	rb_raise(rb_eArgError,
+		 "string length (%"PRI_SIZE_PREFIX"u) exceeds the limit %"PRI_SIZE_PREFIX"u", slen, limit);
+    }
+}
+
+ static VALUE
+ date_s__parse_internal(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE vstr, vcomp, hash;
+    VALUE vstr, vcomp, hash, opt;
+ 
+-    rb_scan_args(argc, argv, "11", &vstr, &vcomp);
+    rb_scan_args(argc, argv, "11:", &vstr, &vcomp, &opt);
+    if (!NIL_P(opt)) argc--;
+    check_limit(vstr, opt);
+     StringValue(vstr);
+     if (!rb_enc_str_asciicompat_p(vstr))
+ 	rb_raise(rb_eArgError,
+@@ -4320,7 +4345,7 @@ date_s__parse_internal(int argc, VALUE *argv, VALUE klass)
+ 
+ /*
+  * call-seq:
+- *    Date._parse(string[, comp=true])  ->  hash
+ *    Date._parse(string[, comp=true], limit: 128)  ->  hash
+  *
+  * Parses the given representation of date and time, and returns a
+  * hash of parsed elements.  This method does not function as a
+@@ -4331,6 +4356,10 @@ date_s__parse_internal(int argc, VALUE *argv, VALUE klass)
+  * it full.
+  *
+  *    Date._parse('2001-02-03')	#=> {:year=>2001, :mon=>2, :mday=>3}
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s__parse(int argc, VALUE *argv, VALUE klass)
+@@ -4340,7 +4369,7 @@ date_s__parse(int argc, VALUE *argv, VALUE klass)
+ 
+ /*
+  * call-seq:
+- *    Date.parse(string='-4712-01-01'[, comp=true[, start=Date::ITALY]])  ->  date
+ *    Date.parse(string='-4712-01-01'[, comp=true[, start=Date::ITALY]], limit: 128)  ->  date
+  *
+  * Parses the given representation of date and time, and creates a
+  * date object.  This method does not function as a validator.
+@@ -4352,13 +4381,18 @@ date_s__parse(int argc, VALUE *argv, VALUE klass)
+  *    Date.parse('2001-02-03')		#=> #<Date: 2001-02-03 ...>
+  *    Date.parse('20010203')		#=> #<Date: 2001-02-03 ...>
+  *    Date.parse('3rd Feb 2001')	#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_parse(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, comp, sg;
+    VALUE str, comp, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "03", &str, &comp, &sg);
+    rb_scan_args(argc, argv, "03:", &str, &comp, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -4370,11 +4404,12 @@ date_s_parse(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE argv2[2], hash;
+-
+-	argv2[0] = str;
+-	argv2[1] = comp;
+-	hash = date_s__parse(2, argv2, klass);
+        int argc2 = 2;
+	VALUE argv2[3];
+        argv2[0] = str;
+        argv2[1] = comp;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__parse(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+@@ -4388,19 +4423,28 @@ VALUE date__jisx0301(VALUE);
+ 
+ /*
+  * call-seq:
+- *    Date._iso8601(string)  ->  hash
+ *    Date._iso8601(string, limit: 128)  ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__iso8601(VALUE klass, VALUE str)
+date_s__iso8601(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__iso8601(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.iso8601(string='-4712-01-01'[, start=Date::ITALY])  ->  date
+ *    Date.iso8601(string='-4712-01-01'[, start=Date::ITALY], limit: 128)  ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some typical ISO 8601 formats.
+@@ -4408,13 +4452,18 @@ date_s__iso8601(VALUE klass, VALUE str)
+  *    Date.iso8601('2001-02-03')	#=> #<Date: 2001-02-03 ...>
+  *    Date.iso8601('20010203')		#=> #<Date: 2001-02-03 ...>
+  *    Date.iso8601('2001-W05-6')	#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_iso8601(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -4424,38 +4473,56 @@ date_s_iso8601(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__iso8601(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__iso8601(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    Date._rfc3339(string)  ->  hash
+ *    Date._rfc3339(string, limit: 128)  ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__rfc3339(VALUE klass, VALUE str)
+date_s__rfc3339(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__rfc3339(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.rfc3339(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY])  ->  date
+ *    Date.rfc3339(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY], limit: 128)  ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some typical RFC 3339 formats.
+  *
+  *    Date.rfc3339('2001-02-03T04:05:06+07:00')	#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_rfc3339(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -4465,38 +4532,56 @@ date_s_rfc3339(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__rfc3339(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__rfc3339(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    Date._xmlschema(string)  ->  hash
+ *    Date._xmlschema(string, limit: 128)  ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__xmlschema(VALUE klass, VALUE str)
+date_s__xmlschema(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__xmlschema(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.xmlschema(string='-4712-01-01'[, start=Date::ITALY])  ->  date
+ *    Date.xmlschema(string='-4712-01-01'[, start=Date::ITALY], limit: 128)  ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some typical XML Schema formats.
+  *
+  *    Date.xmlschema('2001-02-03')	#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_xmlschema(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -4506,41 +4591,58 @@ date_s_xmlschema(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__xmlschema(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__xmlschema(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    Date._rfc2822(string)  ->  hash
+- *    Date._rfc822(string)   ->  hash
+ *    Date._rfc2822(string, limit: 128)  ->  hash
+ *    Date._rfc822(string, limit: 128)   ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__rfc2822(VALUE klass, VALUE str)
+date_s__rfc2822(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__rfc2822(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.rfc2822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY])  ->  date
+- *    Date.rfc822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY])   ->  date
+ *    Date.rfc2822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY], limit: 128)  ->  date
+ *    Date.rfc822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY], limit: 128)   ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some typical RFC 2822 formats.
+  *
+  *    Date.rfc2822('Sat, 3 Feb 2001 00:00:00 +0000')
+  *						#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_rfc2822(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+ 
+     switch (argc) {
+       case 0:
+@@ -4550,39 +4652,56 @@ date_s_rfc2822(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__rfc2822(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__rfc2822(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    Date._httpdate(string)  ->  hash
+ *    Date._httpdate(string, limit: 128)  ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__httpdate(VALUE klass, VALUE str)
+date_s__httpdate(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__httpdate(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.httpdate(string='Mon, 01 Jan -4712 00:00:00 GMT'[, start=Date::ITALY])  ->  date
+ *    Date.httpdate(string='Mon, 01 Jan -4712 00:00:00 GMT'[, start=Date::ITALY], limit: 128)  ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some RFC 2616 format.
+  *
+  *    Date.httpdate('Sat, 03 Feb 2001 00:00:00 GMT')
+  *						#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_httpdate(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+ 
+     switch (argc) {
+       case 0:
+@@ -4592,38 +4711,56 @@ date_s_httpdate(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__httpdate(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__httpdate(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    Date._jisx0301(string)  ->  hash
+ *    Date._jisx0301(string, limit: 128)  ->  hash
+  *
+  * Returns a hash of parsed elements.
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+-date_s__jisx0301(VALUE klass, VALUE str)
+date_s__jisx0301(int argc, VALUE *argv, VALUE klass)
+ {
+    VALUE str, opt;
+
+    rb_scan_args(argc, argv, "1:", &str, &opt);
+    check_limit(str, opt);
+
+     return date__jisx0301(str);
+ }
+ 
+ /*
+  * call-seq:
+- *    Date.jisx0301(string='-4712-01-01'[, start=Date::ITALY])  ->  date
+ *    Date.jisx0301(string='-4712-01-01'[, start=Date::ITALY], limit: 128)  ->  date
+  *
+  * Creates a new Date object by parsing from a string according to
+  * some typical JIS X 0301 formats.
+  *
+  *    Date.jisx0301('H13.02.03')		#=> #<Date: 2001-02-03 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ date_s_jisx0301(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -4633,7 +4770,11 @@ date_s_jisx0301(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__jisx0301(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        if (!NIL_P(opt)) argv2[argc2++] = opt;
+	VALUE hash = date_s__jisx0301(argc2, argv2, klass);
+ 	return d_new_by_frags(klass, hash, sg);
+     }
+ }
+@@ -7925,7 +8066,7 @@ datetime_s_strptime(int argc, VALUE *argv, VALUE klass)
+ 
+ /*
+  * call-seq:
+- *    DateTime.parse(string='-4712-01-01T00:00:00+00:00'[, comp=true[, start=Date::ITALY]])  ->  datetime
+ *    DateTime.parse(string='-4712-01-01T00:00:00+00:00'[, comp=true[, start=Date::ITALY]], limit: 128)  ->  datetime
+  *
+  * Parses the given representation of date and time, and creates a
+  * DateTime object.  This method does not function as a validator.
+@@ -7939,13 +8080,18 @@ datetime_s_strptime(int argc, VALUE *argv, VALUE klass)
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+  *    DateTime.parse('3rd Feb 2001 04:05:06 PM')
+  *				#=> #<DateTime: 2001-02-03T16:05:06+00:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_parse(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, comp, sg;
+    VALUE str, comp, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "03", &str, &comp, &sg);
+    rb_scan_args(argc, argv, "03:", &str, &comp, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -7957,18 +8103,20 @@ datetime_s_parse(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE argv2[2], hash;
+-
+-	argv2[0] = str;
+-	argv2[1] = comp;
+-	hash = date_s__parse(2, argv2, klass);
+        int argc2 = 2;
+        VALUE argv2[3];
+        argv2[0] = str;
+        argv2[1] = comp;
+        argv2[2] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__parse(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    DateTime.iso8601(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY])  ->  datetime
+ *    DateTime.iso8601(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY], limit: 128)  ->  datetime
+  *
+  * Creates a new DateTime object by parsing from a string according to
+  * some typical ISO 8601 formats.
+@@ -7979,13 +8127,18 @@ datetime_s_parse(int argc, VALUE *argv, VALUE klass)
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+  *    DateTime.iso8601('2001-W05-6T04:05:06+07:00')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_iso8601(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -7995,27 +8148,37 @@ datetime_s_iso8601(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__iso8601(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2--;
+	VALUE hash = date_s__iso8601(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    DateTime.rfc3339(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY])  ->  datetime
+ *    DateTime.rfc3339(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY], limit: 128)  ->  datetime
+  *
+  * Creates a new DateTime object by parsing from a string according to
+  * some typical RFC 3339 formats.
+  *
+  *    DateTime.rfc3339('2001-02-03T04:05:06+07:00')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_rfc3339(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -8025,27 +8188,37 @@ datetime_s_rfc3339(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__rfc3339(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__rfc3339(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    DateTime.xmlschema(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY])  ->  datetime
+ *    DateTime.xmlschema(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY], limit: 128)  ->  datetime
+  *
+  * Creates a new DateTime object by parsing from a string according to
+  * some typical XML Schema formats.
+  *
+  *    DateTime.xmlschema('2001-02-03T04:05:06+07:00')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_xmlschema(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -8055,28 +8228,38 @@ datetime_s_xmlschema(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__xmlschema(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__xmlschema(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    DateTime.rfc2822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY])  ->  datetime
+- *    DateTime.rfc822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY])   ->  datetime
+ *    DateTime.rfc2822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY], limit: 128)  ->  datetime
+ *    DateTime.rfc822(string='Mon, 1 Jan -4712 00:00:00 +0000'[, start=Date::ITALY], limit: 128)   ->  datetime
+  *
+  * Creates a new DateTime object by parsing from a string according to
+  * some typical RFC 2822 formats.
+  *
+  *     DateTime.rfc2822('Sat, 3 Feb 2001 04:05:06 +0700')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_rfc2822(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -8086,7 +8269,12 @@ datetime_s_rfc2822(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__rfc2822(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__rfc2822(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+@@ -8100,13 +8288,18 @@ datetime_s_rfc2822(int argc, VALUE *argv, VALUE klass)
+  *
+  *    DateTime.httpdate('Sat, 03 Feb 2001 04:05:06 GMT')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+00:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_httpdate(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -8116,27 +8309,37 @@ datetime_s_httpdate(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__httpdate(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__httpdate(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+ 
+ /*
+  * call-seq:
+- *    DateTime.jisx0301(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY])  ->  datetime
+ *    DateTime.jisx0301(string='-4712-01-01T00:00:00+00:00'[, start=Date::ITALY], limit: 128)  ->  datetime
+  *
+  * Creates a new DateTime object by parsing from a string according to
+  * some typical JIS X 0301 formats.
+  *
+  *    DateTime.jisx0301('H13.02.03T04:05:06+07:00')
+  *				#=> #<DateTime: 2001-02-03T04:05:06+07:00 ...>
+ *
+ * Raise an ArgumentError when the string length is longer than _limit_.
+ * You can stop this check by passing `limit: nil`, but note that
+ * it may take a long time to parse.
+  */
+ static VALUE
+ datetime_s_jisx0301(int argc, VALUE *argv, VALUE klass)
+ {
+-    VALUE str, sg;
+    VALUE str, sg, opt;
+ 
+-    rb_scan_args(argc, argv, "02", &str, &sg);
+    rb_scan_args(argc, argv, "02:", &str, &sg, &opt);
+    if (!NIL_P(opt)) argc--;
+ 
+     switch (argc) {
+       case 0:
+@@ -8146,7 +8349,12 @@ datetime_s_jisx0301(int argc, VALUE *argv, VALUE klass)
+     }
+ 
+     {
+-	VALUE hash = date_s__jisx0301(klass, str);
+        int argc2 = 1;
+        VALUE argv2[2];
+        argv2[0] = str;
+        argv2[1] = opt;
+        if (!NIL_P(opt)) argc2++;
+	VALUE hash = date_s__jisx0301(argc2, argv2, klass);
+ 	return dt_new_by_frags(klass, hash, sg);
+     }
+ }
+@@ -9297,19 +9505,19 @@ Init_date_core(void)
+     rb_define_singleton_method(cDate, "strptime", date_s_strptime, -1);
+     rb_define_singleton_method(cDate, "_parse", date_s__parse, -1);
+     rb_define_singleton_method(cDate, "parse", date_s_parse, -1);
+-    rb_define_singleton_method(cDate, "_iso8601", date_s__iso8601, 1);
+    rb_define_singleton_method(cDate, "_iso8601", date_s__iso8601, -1);
+     rb_define_singleton_method(cDate, "iso8601", date_s_iso8601, -1);
+-    rb_define_singleton_method(cDate, "_rfc3339", date_s__rfc3339, 1);
+    rb_define_singleton_method(cDate, "_rfc3339", date_s__rfc3339, -1);
+     rb_define_singleton_method(cDate, "rfc3339", date_s_rfc3339, -1);
+-    rb_define_singleton_method(cDate, "_xmlschema", date_s__xmlschema, 1);
+    rb_define_singleton_method(cDate, "_xmlschema", date_s__xmlschema, -1);
+     rb_define_singleton_method(cDate, "xmlschema", date_s_xmlschema, -1);
+-    rb_define_singleton_method(cDate, "_rfc2822", date_s__rfc2822, 1);
+-    rb_define_singleton_method(cDate, "_rfc822", date_s__rfc2822, 1);
+    rb_define_singleton_method(cDate, "_rfc2822", date_s__rfc2822, -1);
+    rb_define_singleton_method(cDate, "_rfc822", date_s__rfc2822, -1);
+     rb_define_singleton_method(cDate, "rfc2822", date_s_rfc2822, -1);
+     rb_define_singleton_method(cDate, "rfc822", date_s_rfc2822, -1);
+-    rb_define_singleton_method(cDate, "_httpdate", date_s__httpdate, 1);
+    rb_define_singleton_method(cDate, "_httpdate", date_s__httpdate, -1);
+     rb_define_singleton_method(cDate, "httpdate", date_s_httpdate, -1);
+-    rb_define_singleton_method(cDate, "_jisx0301", date_s__jisx0301, 1);
+    rb_define_singleton_method(cDate, "_jisx0301", date_s__jisx0301, -1);
+     rb_define_singleton_method(cDate, "jisx0301", date_s_jisx0301, -1);
+ 
+ #ifndef NDEBUG
+diff --git a/test/date/test_date_parse.rb b/test/date/test_date_parse.rb
+index ac0eb85ca7..f9b160ee8c 100644
+--- a/test/date/test_date_parse.rb
+++ b/test/date/test_date_parse.rb
+@@ -1,6 +1,7 @@
+ # frozen_string_literal: true
+ require 'test/unit'
+ require 'date'
+require 'timeout'
+ 
+ class TestDateParse < Test::Unit::TestCase
+ 
+@@ -1122,4 +1123,32 @@ def test_given_string
+     assert_equal(s0, s)
+   end
+ 
+  def test_length_limit
+    assert_raise(ArgumentError) { Date._parse("1" * 1000) }
+    assert_raise(ArgumentError) { Date._iso8601("1" * 1000) }
+    assert_raise(ArgumentError) { Date._rfc3339("1" * 1000) }
+    assert_raise(ArgumentError) { Date._xmlschema("1" * 1000) }
+    assert_raise(ArgumentError) { Date._rfc2822("1" * 1000) }
+    assert_raise(ArgumentError) { Date._rfc822("1" * 1000) }
+    assert_raise(ArgumentError) { Date._jisx0301("1" * 1000) }
+
+    assert_raise(ArgumentError) { Date.parse("1" * 1000) }
+    assert_raise(ArgumentError) { Date.iso8601("1" * 1000) }
+    assert_raise(ArgumentError) { Date.rfc3339("1" * 1000) }
+    assert_raise(ArgumentError) { Date.xmlschema("1" * 1000) }
+    assert_raise(ArgumentError) { Date.rfc2822("1" * 1000) }
+    assert_raise(ArgumentError) { Date.rfc822("1" * 1000) }
+    assert_raise(ArgumentError) { Date.jisx0301("1" * 1000) }
+
+    assert_raise(ArgumentError) { DateTime.parse("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.iso8601("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.rfc3339("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.xmlschema("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.rfc2822("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.rfc822("1" * 1000) }
+    assert_raise(ArgumentError) { DateTime.jisx0301("1" * 1000) }
+
+    assert_raise(ArgumentError) { Date._parse("Jan " + "9" * 1000000) }
+    assert_raise(Timeout::Error) { Timeout.timeout(1) { Date._parse("Jan " + "9" * 1000000, limit: nil) } }
+  end
+ end
+-- 
+2.36.1
+
--- a/SOURCES/ruby-2.7.7-Fix-CVE-2021-33621-HTTP-response-splitting-in-CGI.patch
+++ b/SOURCES/ruby-2.7.7-Fix-CVE-2021-33621-HTTP-response-splitting-in-CGI.patch
@ -0,0 +1,328 @@
+From 8fc4b4792919c627183f4ddb6dc256aae49eb738 Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Tue, 22 Nov 2022 13:48:18 +0900
+Subject: [PATCH] Fix CVE-2021-33621 HTTP response splitting in CGI.
+
+Backported from upstream Ruby, commit:
+https://github.com/ruby/ruby/commit/7cf697179dab52b0d024543304f4d3ab5fa5e847
+
+Test "CGICookieTest#test_cgi_cookie_new_with_domain" was adjusted to
+deal with Ruby 2.5 not allowing String with double splat operator.
+
+==== Original commit message
+Merge CGI-0.1.0.2
+---
+ lib/cgi/cookie.rb           | 51 ++++++++++++++++-------
+ lib/cgi/core.rb             | 45 ++++++++++++--------
+ test/cgi/test_cgi_cookie.rb | 82 +++++++++++++++++++++++++++++++++++++
+ test/cgi/test_cgi_header.rb |  8 ++++
+ 4 files changed, 154 insertions(+), 32 deletions(-)
+
+diff --git a/lib/cgi/cookie.rb b/lib/cgi/cookie.rb
+index 009566b..f26f015 100644
+--- a/lib/cgi/cookie.rb
+++ b/lib/cgi/cookie.rb
+@@ -40,6 +40,10 @@ class CGI
+   class Cookie < Array
+     @@accept_charset="UTF-8" unless defined?(@@accept_charset)
+ 
+    TOKEN_RE = %r"\A[[!-~]&&[^()<>@,;:\\\"/?=\[\]{}]]+\z"
+    PATH_VALUE_RE = %r"\A[[ -~]&&[^;]]*\z"
+    DOMAIN_VALUE_RE = %r"\A(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
+
+     # Create a new CGI::Cookie object.
+     #
+     # :call-seq:
+@@ -72,9 +76,8 @@ class CGI
+       @domain = nil
+       @expires = nil
+       if name.kind_of?(String)
+-        @name = name
+-        %r|^(.*/)|.match(ENV["SCRIPT_NAME"])
+-        @path = ($1 or "")
+        self.name = name
+        self.path = (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
+         @secure = false
+         @httponly = false
+         return super(value)
+@@ -85,16 +88,11 @@ class CGI
+         raise ArgumentError, "`name' required"
+       end
+ 
+-      @name = options["name"]
+      self.name = options["name"]
+       value = Array(options["value"])
+       # simple support for IE
+-      if options["path"]
+-        @path = options["path"]
+-      else
+-        %r|^(.*/)|.match(ENV["SCRIPT_NAME"])
+-        @path = ($1 or "")
+-      end
+-      @domain = options["domain"]
+      self.path = options["path"] || (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
+      self.domain = options["domain"]
+       @expires = options["expires"]
+       @secure = options["secure"] == true
+       @httponly = options["httponly"] == true
+@@ -102,12 +100,35 @@ class CGI
+       super(value)
+     end
+ 
+-    # Name of this cookie, as a +String+
+-    attr_accessor :name
+    attr_reader :name
+    # Set name of this cookie
+    def name=(str)
+      if str and !TOKEN_RE.match?(str)
+        raise ArgumentError, "invalid name: #{str.dump}"
+      end
+      @name = str
+    end
+
+     # Path for which this cookie applies, as a +String+
+-    attr_accessor :path
+    attr_reader :path
+    # Set path for which this cookie applies
+    def path=(str)
+      if str and !PATH_VALUE_RE.match?(str)
+        raise ArgumentError, "invalid path: #{str.dump}"
+      end
+      @path = str
+    end
+
+     # Domain for which this cookie applies, as a +String+
+-    attr_accessor :domain
+    attr_reader :domain
+    # Set domain for which this cookie applies
+    def domain=(str)
+      if str and ((str = str.b).bytesize > 255 or !DOMAIN_VALUE_RE.match?(str))
+        raise ArgumentError, "invalid domain: #{str.dump}"
+      end
+      @domain = str
+    end
+
+     # Time at which this cookie expires, as a +Time+
+     attr_accessor :expires
+     # True if this cookie is secure; false otherwise
+diff --git a/lib/cgi/core.rb b/lib/cgi/core.rb
+index 9bd7798..7d8b223 100644
+--- a/lib/cgi/core.rb
+++ b/lib/cgi/core.rb
+@@ -188,17 +188,28 @@ class CGI
+   # Using #header with the HTML5 tag maker will create a <header> element.
+   alias :header :http_header
+ 
+  def _no_crlf_check(str)
+    if str
+      str = str.to_s
+      raise "A HTTP status or header field must not include CR and LF" if str =~ /[\r\n]/
+      str
+    else
+      nil
+    end
+  end
+  private :_no_crlf_check
+
+   def _header_for_string(content_type) #:nodoc:
+     buf = ''.dup
+     if nph?()
+-      buf << "#{$CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'} 200 OK#{EOL}"
+      buf << "#{_no_crlf_check($CGI_ENV['SERVER_PROTOCOL']) || 'HTTP/1.0'} 200 OK#{EOL}"
+       buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
+-      buf << "Server: #{$CGI_ENV['SERVER_SOFTWARE']}#{EOL}"
+      buf << "Server: #{_no_crlf_check($CGI_ENV['SERVER_SOFTWARE'])}#{EOL}"
+       buf << "Connection: close#{EOL}"
+     end
+-    buf << "Content-Type: #{content_type}#{EOL}"
+    buf << "Content-Type: #{_no_crlf_check(content_type)}#{EOL}"
+     if @output_cookies
+-      @output_cookies.each {|cookie| buf << "Set-Cookie: #{cookie}#{EOL}" }
+      @output_cookies.each {|cookie| buf << "Set-Cookie: #{_no_crlf_check(cookie)}#{EOL}" }
+     end
+     return buf
+   end # _header_for_string
+@@ -213,9 +224,9 @@ class CGI
+     ## NPH
+     options.delete('nph') if defined?(MOD_RUBY)
+     if options.delete('nph') || nph?()
+-      protocol = $CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'
+      protocol = _no_crlf_check($CGI_ENV['SERVER_PROTOCOL']) || 'HTTP/1.0'
+       status = options.delete('status')
+-      status = HTTP_STATUS[status] || status || '200 OK'
+      status = HTTP_STATUS[status] || _no_crlf_check(status) || '200 OK'
+       buf << "#{protocol} #{status}#{EOL}"
+       buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
+       options['server'] ||= $CGI_ENV['SERVER_SOFTWARE'] || ''
+@@ -223,38 +234,38 @@ class CGI
+     end
+     ## common headers
+     status = options.delete('status')
+-    buf << "Status: #{HTTP_STATUS[status] || status}#{EOL}" if status
+    buf << "Status: #{HTTP_STATUS[status] || _no_crlf_check(status)}#{EOL}" if status
+     server = options.delete('server')
+-    buf << "Server: #{server}#{EOL}" if server
+    buf << "Server: #{_no_crlf_check(server)}#{EOL}" if server
+     connection = options.delete('connection')
+-    buf << "Connection: #{connection}#{EOL}" if connection
+    buf << "Connection: #{_no_crlf_check(connection)}#{EOL}" if connection
+     type = options.delete('type')
+-    buf << "Content-Type: #{type}#{EOL}" #if type
+    buf << "Content-Type: #{_no_crlf_check(type)}#{EOL}" #if type
+     length = options.delete('length')
+-    buf << "Content-Length: #{length}#{EOL}" if length
+    buf << "Content-Length: #{_no_crlf_check(length)}#{EOL}" if length
+     language = options.delete('language')
+-    buf << "Content-Language: #{language}#{EOL}" if language
+    buf << "Content-Language: #{_no_crlf_check(language)}#{EOL}" if language
+     expires = options.delete('expires')
+     buf << "Expires: #{CGI.rfc1123_date(expires)}#{EOL}" if expires
+     ## cookie
+     if cookie = options.delete('cookie')
+       case cookie
+       when String, Cookie
+-        buf << "Set-Cookie: #{cookie}#{EOL}"
+        buf << "Set-Cookie: #{_no_crlf_check(cookie)}#{EOL}"
+       when Array
+         arr = cookie
+-        arr.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
+        arr.each {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
+       when Hash
+         hash = cookie
+-        hash.each_value {|c| buf << "Set-Cookie: #{c}#{EOL}" }
+        hash.each_value {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
+       end
+     end
+     if @output_cookies
+-      @output_cookies.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
+      @output_cookies.each {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
+     end
+     ## other headers
+     options.each do |key, value|
+-      buf << "#{key}: #{value}#{EOL}"
+      buf << "#{_no_crlf_check(key)}: #{_no_crlf_check(value)}#{EOL}"
+     end
+     return buf
+   end # _header_for_hash
+diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb
+index 985cc0d..7afff5e 100644
+--- a/test/cgi/test_cgi_cookie.rb
+++ b/test/cgi/test_cgi_cookie.rb
+@@ -60,6 +60,24 @@ class CGICookieTest < Test::Unit::TestCase
+   end
+ 
+ 
+  def test_cgi_cookie_new_with_domain
+    h = {'name'=>'name1', 'value'=>'value1'}
+    cookie = CGI::Cookie.new({'domain' => 'a.example.com'}.merge(h))
+    assert_equal('a.example.com', cookie.domain)
+
+    cookie = CGI::Cookie.new({'domain'=>'1.example.com'}.merge(h))
+    assert_equal('1.example.com', cookie.domain, 'enhanced by RFC 1123')
+
+    assert_raise(ArgumentError) {
+      CGI::Cookie.new({'domain'=>'-a.example.com'}.merge(h))
+    }
+
+    assert_raise(ArgumentError) {
+      CGI::Cookie.new({'domain'=>'a-.example.com'}.merge(h))
+    }
+  end
+
+
+   def test_cgi_cookie_scriptname
+     cookie = CGI::Cookie.new('name1', 'value1')
+     assert_equal('', cookie.path)
+@@ -118,6 +136,70 @@ class CGICookieTest < Test::Unit::TestCase
+   end
+ 
+ 
+  def test_cgi_cookie_domain_injection_into_name
+    name = "a=b; domain=example.com;"
+    path = "/"
+    domain = "example.jp"
+    assert_raise(ArgumentError) do
+      CGI::Cookie.new('name' => name,
+                      'value' => "value",
+                      'domain' => domain,
+                      'path' => path)
+    end
+  end
+
+
+  def test_cgi_cookie_newline_injection_into_name
+    name = "a=b;\r\nLocation: http://example.com#"
+    path = "/"
+    domain = "example.jp"
+    assert_raise(ArgumentError) do
+      CGI::Cookie.new('name' => name,
+                      'value' => "value",
+                      'domain' => domain,
+                      'path' => path)
+    end
+  end
+
+
+  def test_cgi_cookie_multibyte_injection_into_name
+    name = "a=b;\u3042"
+    path = "/"
+    domain = "example.jp"
+    assert_raise(ArgumentError) do
+      CGI::Cookie.new('name' => name,
+                      'value' => "value",
+                      'domain' => domain,
+                      'path' => path)
+    end
+  end
+
+
+  def test_cgi_cookie_injection_into_path
+    name = "name"
+    path = "/; samesite=none"
+    domain = "example.jp"
+    assert_raise(ArgumentError) do
+      CGI::Cookie.new('name' => name,
+                      'value' => "value",
+                      'domain' => domain,
+                      'path' => path)
+    end
+  end
+
+
+  def test_cgi_cookie_injection_into_domain
+    name = "name"
+    path = "/"
+    domain = "example.jp; samesite=none"
+    assert_raise(ArgumentError) do
+      CGI::Cookie.new('name' => name,
+                      'value' => "value",
+                      'domain' => domain,
+                      'path' => path)
+    end
+  end
+
+ 
+   instance_methods.each do |method|
+     private method if method =~ /^test_(.*)/ && $1 != ENV['TEST']
+diff --git a/test/cgi/test_cgi_header.rb b/test/cgi/test_cgi_header.rb
+index bab2d03..ec2f4de 100644
+--- a/test/cgi/test_cgi_header.rb
+++ b/test/cgi/test_cgi_header.rb
+@@ -176,6 +176,14 @@ class CGIHeaderTest < Test::Unit::TestCase
+   end
+ 
+ 
+  def test_cgi_http_header_crlf_injection
+    cgi = CGI.new
+    assert_raise(RuntimeError) { cgi.http_header("text/xhtml\r\nBOO") }
+    assert_raise(RuntimeError) { cgi.http_header("type" => "text/xhtml\r\nBOO") }
+    assert_raise(RuntimeError) { cgi.http_header("status" => "200 OK\r\nBOO") }
+    assert_raise(RuntimeError) { cgi.http_header("location" => "text/xhtml\r\nBOO") }
+  end
+
+ 
+   instance_methods.each do |method|
+     private method if method =~ /^test_(.*)/ && $1 != ENV['TEST']
+-- 
+2.41.0
+
--- a/SOURCES/ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
+++ b/SOURCES/ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
@ -0,0 +1,52 @@
+From 61fb466ea0b492c990fcd2d681c08f2001d7a659 Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Tue, 28 Mar 2023 17:33:19 +0900
+Subject: [PATCH] Fix CVE-2023-28755 ReDos vulnerability in URI.
+
+This patch was backported from Ruby 2.7.8
+
+Backported from upstream Ruby, commit:
+https://github.com/ruby/ruby/commit/6855779d580358a6a0b4c9ee06f20e7cae72955a
+
+===== Original commit message
+
+Merge URI-0.10.0.2
+---
+ lib/uri/rfc3986_parser.rb | 4 ++--
+ test/uri/test_parser.rb   | 7 +++++++
+ 2 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
+index 8712800..ad32368 100644
+--- a/lib/uri/rfc3986_parser.rb
+++ b/lib/uri/rfc3986_parser.rb
+@@ -3,8 +3,8 @@ module URI
+   class RFC3986_Parser # :nodoc:
+     # URI defined in RFC3986
+     # this regexp is modified not to host is not empty string
+-    RFC3986_URI = /\A(?<URI>(?<scheme>[A-Za-z][+\-.0-9A-Za-z]*):(?<hier-part>\/\/(?<authority>(?:(?<userinfo>(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*)@)?(?<host>(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{1,4}?::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:)?\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h+\.[!$&-.0-;=A-Z_a-z~]+))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])+))?(?::(?<port>\d*))?)(?<path-abempty>(?:\/(?<segment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*))*)|(?<path-absolute>\/(?:(?<segment-nz>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])+)(?:\/\g<segment>)*)?)|(?<path-rootless>\g<segment-nz>(?:\/\g<segment>)*)|(?<path-empty>))(?:\?(?<query>[^#]*))?(?:\#(?<fragment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*))?)\z/
+-    RFC3986_relative_ref = /\A(?<relative-ref>(?<relative-part>\/\/(?<authority>(?:(?<userinfo>(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*)@)?(?<host>(?<IP-literal>\[(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{1,4}?::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:){,1}\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h+\.[!$&-.0-;=A-Z_a-z~]+)\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])+))?(?::(?<port>\d*))?)(?<path-abempty>(?:\/(?<segment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*))*)|(?<path-absolute>\/(?:(?<segment-nz>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])+)(?:\/\g<segment>)*)?)|(?<path-noscheme>(?<segment-nz-nc>(?:%\h\h|[!$&-.0-9;=@-Z_a-z~])+)(?:\/\g<segment>)*)|(?<path-empty>))(?:\?(?<query>[^#]*))?(?:\#(?<fragment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*))?)\z/
+    RFC3986_URI = /\A(?<URI>(?<scheme>[A-Za-z][+\-.0-9A-Za-z]*+):(?<hier-part>\/\/(?<authority>(?:(?<userinfo>(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*+)@)?(?<host>(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{1,4}?::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:)?\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h++\.[!$&-.0-;=A-Z_a-z~]++))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])++))?(?::(?<port>\d*+))?)(?<path-abempty>(?:\/(?<segment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*+))*+)|(?<path-absolute>\/(?:(?<segment-nz>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])++)(?:\/\g<segment>)*+)?)|(?<path-rootless>\g<segment-nz>(?:\/\g<segment>)*+)|(?<path-empty>))(?:\?(?<query>[^#]*+))?(?:\#(?<fragment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*+))?)\z/
+    RFC3986_relative_ref = /\A(?<relative-ref>(?<relative-part>\/\/(?<authority>(?:(?<userinfo>(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*+)@)?(?<host>(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{1,4}?::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:){,1}\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h++\.[!$&-.0-;=A-Z_a-z~]++))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])++))?(?::(?<port>\d*+))?)(?<path-abempty>(?:\/(?<segment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])*+))*+)|(?<path-absolute>\/(?:(?<segment-nz>(?:%\h\h|[!$&-.0-;=@-Z_a-z~])++)(?:\/\g<segment>)*+)?)|(?<path-noscheme>(?<segment-nz-nc>(?:%\h\h|[!$&-.0-9;=@-Z_a-z~])++)(?:\/\g<segment>)*+)|(?<path-empty>))(?:\?(?<query>[^#]*+))?(?:\#(?<fragment>(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*+))?)\z/
+     attr_reader :regexp
+ 
+     def initialize
+diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb
+index 757ac86..2f70559 100644
+--- a/test/uri/test_parser.rb
+++ b/test/uri/test_parser.rb
+@@ -45,4 +45,11 @@ class URI::TestParser < Test::Unit::TestCase
+       URI.parse(1)
+     end
+   end
+
+  def test_split
+    assert_equal(["http", nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("http://example.com"))
+    assert_equal(["http", nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("http://[0::0]"))
+    assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com"))
+    assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]"))
+  end
+ end
+-- 
+2.41.0
+
--- a/SOURCES/ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
+++ b/SOURCES/ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
@ -0,0 +1,41 @@
+From 71c37c29defeab2c98ad4291807efe12427a209f Mon Sep 17 00:00:00 2001
+From: Nobuyoshi Nakada <nobu@ruby-lang.org>
+Date: Tue, 29 Nov 2022 16:22:15 +0900
+Subject: [PATCH] Fix CVE-2023-28756 ReDoS vulnerability in Time.
+
+Backported from: Ruby 2.7.8
+Backported from the following commits:
+https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
+https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
+
+Do not include the test case, as assert_linear_time was introduced in Ruby 2.7.
+
+==== Original commit message(s)
+
+Fix quadratic backtracking on invalid time
+
+Make RFC2822 regexp linear
+
+https://hackerone.com/reports/1485501
+---
+ lib/time.rb | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/time.rb b/lib/time.rb
+index eb46a03..cb6f1e4 100644
+--- a/lib/time.rb
+++ b/lib/time.rb
+@@ -474,8 +474,8 @@ class Time
+           (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s+
+           (\d{2,})\s+
+           (\d{2})\s*
+-          :\s*(\d{2})\s*
+-          (?::\s*(\d{2}))?\s+
+          :\s*(\d{2})
+          (?:\s*:\s*(\d\d))?\s+
+           ([+-]\d{4}|
+            UT|GMT|EST|EDT|CST|CDT|MST|MDT|PST|PDT|[A-IK-Z])/ix =~ date
+         # Since RFC 2822 permit comments, the regexp has no right anchor.
+-- 
+2.41.0
+
--- a/SOURCES/ruby-3.0.0-Convert-ip-addresses-to-canonical-form.patch
+++ b/SOURCES/ruby-3.0.0-Convert-ip-addresses-to-canonical-form.patch
@ -0,0 +1,26 @@
+From 2becb920e431110c4afc4fa069b051c5940c2096 Mon Sep 17 00:00:00 2001
+From: Jeremy Evans <code@jeremyevans.net>
+Date: Fri, 29 May 2020 14:13:30 -0700
+Subject: [PATCH] Convert ip addresses to canonical form in
+ Resolv::DNS::Requester::UnconnectedUDP#sender
+
+Otherwise, if the IP address given is not in canonical form, it
+won't match, and Resolv will ignore it.
+
+Fixes [Bug #16439]
+---
+ lib/resolv.rb | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/resolv.rb b/lib/resolv.rb
+index e7b45e785a85..d78531e174fd 100644
+--- a/lib/resolv.rb
+++ b/lib/resolv.rb
+@@ -774,6 +774,7 @@ def recv_reply(readable_socks)
+         end
+ 
+         def sender(msg, data, host, port=Port)
+          host = Addrinfo.ip(host).ip_address
+           lazy_initialize
+           sock = @socks_hash[host.index(':') ? "::" : "0.0.0.0"]
+           return nil if !sock
--- a/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch
+++ b/SOURCES/ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch
@ -0,0 +1,25 @@
+From a267a40be7844224c5f000530bd3e8e906f1acea Mon Sep 17 00:00:00 2001
+From: Jeremy Evans <code@jeremyevans.net>
+Date: Wed, 10 Mar 2021 13:48:00 -0800
+Subject: [PATCH] Do not use a libdir for glibc, it breaks Linux PPC64 (#70)
+
+Fixes [Bug #12666]
+---
+ test/fiddle/helper.rb | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/test/fiddle/helper.rb b/test/fiddle/helper.rb
+index f38f903..a6e2019 100644
+--- a/test/fiddle/helper.rb
+++ b/test/fiddle/helper.rb
+@@ -20,8 +20,8 @@
+     # 64-bit ruby
+     libdir = '/lib64' if File.directory? '/lib64'
+   end
+-  libc_so = File.join(libdir, "libc.so.6")
+-  libm_so = File.join(libdir, "libm.so.6")
+  libc_so = "libc.so.6"
+  libm_so = "libm.so.6"
+ when /mingw/, /mswin/
+   require "rbconfig"
+   crtname = RbConfig::CONFIG["RUBY_SO_NAME"][/msvc\w+/] || 'ucrtbase'
--- a/SOURCES/ruby-3.1.3-Fix-for-tzdata-2022g.patch
+++ b/SOURCES/ruby-3.1.3-Fix-for-tzdata-2022g.patch
@ -0,0 +1,70 @@
+From a1124dc162810f86cb0bff58cde24064cfc561bc Mon Sep 17 00:00:00 2001
+From: nagachika <nagachika@ruby-lang.org>
+Date: Fri, 9 Dec 2022 21:11:47 +0900
+Subject: [PATCH] merge revision(s) 58cc3c9f387dcf8f820b43e043b540fa06248da3:
+ [Backport #19187]
+
+	[Bug #19187] Fix for tzdata-2022g
+
+	---
+	 test/ruby/test_time_tz.rb | 21 +++++++++++++++------
+	 1 file changed, 15 insertions(+), 6 deletions(-)
+---
+ test/ruby/test_time_tz.rb | 21 +++++++++++++++------
+ 1 files changed, 15 insertions(+), 6 deletions(-)
+
+diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
+index b6785f336028d..939f218ed4d10 100644
+--- a/test/ruby/test_time_tz.rb
+++ b/test/ruby/test_time_tz.rb
+@@ -6,9 +6,9 @@ class TestTimeTZ < Test::Unit::TestCase
+   has_lisbon_tz = true
+   force_tz_test = ENV["RUBY_FORCE_TIME_TZ_TEST"] == "yes"
+   case RUBY_PLATFORM
+-  when /linux/
+  when /darwin|linux/
+     force_tz_test = true
+-  when /darwin|freebsd/
+  when /freebsd|openbsd/
+     has_lisbon_tz = false
+     force_tz_test = true
+   end
+@@ -94,6 +94,9 @@ def group_by(e, &block)
+   CORRECT_KIRITIMATI_SKIP_1994 = with_tz("Pacific/Kiritimati") {
+     Time.local(1994, 12, 31, 0, 0, 0).year == 1995
+   }
+  CORRECT_SINGAPORE_1982 = with_tz("Asia/Singapore") {
+    "2022g" if Time.local(1981, 12, 31, 23, 59, 59).utc_offset == 8*3600
+  }
+ 
+   def time_to_s(t)
+     t.to_s
+@@ -139,9 +142,12 @@ def test_america_managua
+ 
+   def test_asia_singapore
+     with_tz(tz="Asia/Singapore") {
+-      assert_time_constructor(tz, "1981-12-31 23:59:59 +0730", :local, [1981,12,31,23,59,59])
+-      assert_time_constructor(tz, "1982-01-01 00:30:00 +0800", :local, [1982,1,1,0,0,0])
+-      assert_time_constructor(tz, "1982-01-01 00:59:59 +0800", :local, [1982,1,1,0,29,59])
+      assert_time_constructor(tz, "1981-12-31 23:29:59 +0730", :local, [1981,12,31,23,29,59])
+      if CORRECT_SINGAPORE_1982
+        assert_time_constructor(tz, "1982-01-01 00:00:00 +0800", :local, [1981,12,31,23,30,00])
+        assert_time_constructor(tz, "1982-01-01 00:00:00 +0800", :local, [1982,1,1,0,0,0])
+        assert_time_constructor(tz, "1982-01-01 00:29:59 +0800", :local, [1982,1,1,0,29,59])
+      end
+       assert_time_constructor(tz, "1982-01-01 00:30:00 +0800", :local, [1982,1,1,0,30,0])
+     }
+   end
+@@ -364,8 +370,11 @@ def self.gen_zdump_test(data)
+ America/Managua  Wed Jan  1 04:59:59 1997 UTC = Tue Dec 31 23:59:59 1996 EST isdst=0 gmtoff=-18000
+ America/Managua  Wed Jan  1 05:00:00 1997 UTC = Tue Dec 31 23:00:00 1996 CST isdst=0 gmtoff=-21600
+ Asia/Singapore  Sun Aug  8 16:30:00 1965 UTC = Mon Aug  9 00:00:00 1965 SGT isdst=0 gmtoff=27000
+-Asia/Singapore  Thu Dec 31 16:29:59 1981 UTC = Thu Dec 31 23:59:59 1981 SGT isdst=0 gmtoff=27000
+Asia/Singapore  Thu Dec 31 15:59:59 1981 UTC = Thu Dec 31 23:29:59 1981 SGT isdst=0 gmtoff=27000
+ Asia/Singapore  Thu Dec 31 16:30:00 1981 UTC = Fri Jan  1 00:30:00 1982 SGT isdst=0 gmtoff=28800
+End
+  gen_zdump_test <<'End' if CORRECT_SINGAPORE_1982
+Asia/Singapore  Thu Dec 31 16:00:00 1981 UTC = Fri Jan  1 00:00:00 1982 SGT isdst=0 gmtoff=28800
+ End
+   gen_zdump_test CORRECT_TOKYO_DST_1951 ? <<'End' + (CORRECT_TOKYO_DST_1951 < "2018f" ? <<'2018e' : <<'2018f') : <<'End'
+ Asia/Tokyo  Sat May  5 14:59:59 1951 UTC = Sat May  5 23:59:59 1951 JST isdst=0 gmtoff=32400
--- a/SOURCES/ruby-3.2.0-git-2.38.1-fix-rubygems-test.patch
+++ b/SOURCES/ruby-3.2.0-git-2.38.1-fix-rubygems-test.patch
@ -0,0 +1,27 @@
+From dae843f6b7502f921a7e66f39e3714a39d860181 Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Wed, 19 Oct 2022 19:40:00 +0900
+Subject: [PATCH] Bypass git submodule add/update with git config
+ protocol.file.allow=always option.
+
+Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org>
+---
+ test/rubygems/test_gem_source_git.rb | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/test/rubygems/test_gem_source_git.rb b/test/rubygems/test_gem_source_git.rb
+index 5702da05974b6..c3b324771fa4d 100644
+--- a/test/rubygems/test_gem_source_git.rb
+++ b/test/rubygems/test_gem_source_git.rb
+@@ -64,6 +64,11 @@ def test_checkout_local_cached
+   end
+ 
+   def test_checkout_submodules
+    # We need to allow to checkout submodules with file:// protocol
+    # CVE-2022-39253
+    # https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@gitster.g/
+    system(@git, *%W"config --global protocol.file.allow always")
+
+     source = Gem::Source::Git.new @name, @repository, 'master', true
+ 
+     git_gem 'b'
--- a/SOURCES/rubygem-cgi-0.3.6-Loosen-the-domain-regex-to-accept-dot.patch
+++ b/SOURCES/rubygem-cgi-0.3.6-Loosen-the-domain-regex-to-accept-dot.patch
@ -0,0 +1,41 @@
+From 5e09d632f3b56d85b2659ab47d5571ae9e270e10 Mon Sep 17 00:00:00 2001
+From: Xenor Chang <tubaxenor@gmail.com>
+Date: Mon, 28 Nov 2022 12:34:06 +0800
+Subject: [PATCH] Loosen the domain regex to accept '.' (#29)
+
+* Loosen the domain regex to accept '.'
+
+Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org>
+Co-authored-by: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+---
+ lib/cgi/cookie.rb           | 2 +-
+ test/cgi/test_cgi_cookie.rb | 3 +++
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cgi/cookie.rb b/lib/cgi/cookie.rb
+index 1a9c1a8..9498e2f 100644
+--- a/lib/cgi/cookie.rb
+++ b/lib/cgi/cookie.rb
+@@ -42,7 +42,7 @@ class Cookie < Array
+
+     TOKEN_RE = %r"\A[[!-~]&&[^()<>@,;:\\\"/?=\[\]{}]]+\z"
+     PATH_VALUE_RE = %r"\A[[ -~]&&[^;]]*\z"
+-    DOMAIN_VALUE_RE = %r"\A(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
+    DOMAIN_VALUE_RE = %r"\A\.?(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
+
+     # Create a new CGI::Cookie object.
+     #
+diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb
+index 6d31932..eadae45 100644
+--- a/test/cgi/test_cgi_cookie.rb
+++ b/test/cgi/test_cgi_cookie.rb
+@@ -65,6 +65,9 @@ class CGICookieTest < Test::Unit::TestCase
+     cookie = CGI::Cookie.new({'domain' => 'a.example.com'}.merge(h))
+     assert_equal('a.example.com', cookie.domain)
+
+    cookie = CGI::Cookie.new(h.merge('domain'=>'.example.com'))
+    assert_equal('.example.com', cookie.domain)
+
+     cookie = CGI::Cookie.new({'domain'=>'1.example.com'}.merge(h))
+     assert_equal('1.example.com', cookie.domain, 'enhanced by RFC 1123')
+
--- a/SPECS/ruby.spec
+++ b/SPECS/ruby.spec
@ -1,6 +1,6 @@
 %global major_version 2
 %global minor_version 5
-%global teeny_version 3
+%global teeny_version 9
 %global major_minor_version %{major_version}.%{minor_version}

 %global ruby_version %{major_minor_version}.%{teeny_version}
@ -21,15 +21,16 @@
 %endif


-%global release 103
+%global release 111
+
 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}

-# The RubyGems library has to stay out of Ruby directory three, since the
+# The RubyGems library has to stay out of Ruby directory tree, since the
 # RubyGems should be share by all Ruby implementations.
 %global rubygems_dir %{_datadir}/rubygems

 # Bundled libraries versions
-%global rubygems_version 2.7.6
+%global rubygems_version 2.7.6.3
 %global molinillo_version 0.5.7

 # TODO: The IRB has strange versioning. Keep the Ruby's versioning ATM.
@ -45,8 +46,8 @@
 %global openssl_version 2.1.2
 %global power_assert_version 1.1.1
 %global psych_version 3.0.2
-%global rake_version 12.3.0
-%global rdoc_version 6.0.1
+%global rake_version 12.3.3
+%global rdoc_version 6.0.1.1
 %global test_unit_version 3.2.7
 %global xmlrpc_version 0.3.0

@ -102,8 +103,8 @@ Source14: test_systemtap.rb

 # The load directive is supported since RPM 4.12, i.e. F21+. The build process
 # fails on older Fedoras.
-%{?load:%{SOURCE4}}
-%{?load:%{SOURCE5}}
+%{load:%{SOURCE4}}
+%{load:%{SOURCE5}}

 # Fix ruby_version abuse.
 # https://bugs.ruby-lang.org/issues/11002
@ -129,10 +130,9 @@ Patch6: ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch
 # Use miniruby to regenerate prelude.c.
 # https://bugs.ruby-lang.org/issues/10554
 Patch7: ruby-2.2.3-Generate-preludes-using-miniruby.patch
-# Workaround "an invalid stdio handle" error on PPC, due to recently introduced
-# hardening features of glibc (rhbz#1361037).
-# https://bugs.ruby-lang.org/issues/12666
-Patch9: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
+# Fix a fiddle import test on an optimized glibc on Power 9.
+# https://bugs.ruby-lang.org/issues/12666#note-13
+Patch9: ruby-3.0.3-fiddle-1.0.8-Rely-on-hard-coded-lib-name-to-detect-glibc.patch
 # Add Gem.operating_system_defaults to allow packagers to override defaults.
 # https://github.com/rubygems/rubygems/pull/2116
 Patch10: ruby-2.5.0-Add-Gem.operating_system_defaults.patch
@ -142,22 +142,15 @@ Patch15: ruby-2.6.0-library-options-to-MAINLIBS.patch
 # Do not require C++ compiler.
 # https://github.com/rubygems/rubygems/pull/2367
 Patch16: ruby-2.5.1-Avoid-need-of-C++-compiler-to-pass-the-test-suite.patch
-# https://github.com/ruby/rdoc/commit/d05e6269d4a4dfd701f5ddb3ae34306cba891511
-Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch
 # Properly harden package using -fstack-protector-strong.
 # https://bugs.ruby-lang.org/issues/15053
 Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch
-# Fix Tokyo TZ tests.
-# https://github.com/ruby/ruby/commit/e71ca6cdcf108e6a2fa47ec9fadefe7554717908
-Patch25: ruby-2.6.0-Update-for-tzdata-2018f.patch
-# Refresh expired certificates.
-# https://bugs.ruby-lang.org/issues/15502
-# https://github.com/ruby/ruby/commit/6f9b40ea53d8f3fb2a5b1c7ac55c207d42c77ef4
-Patch11: ruby-2.6.0-Try-to-update-cert.patch
+# Fix CovScan issues.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1628592
+# https://bugs.ruby-lang.org/issues/15116
+# https://github.com/ruby/ruby/commit/893949167bdb911c7db9fd59de85f288c09741e1
+Patch25: ruby-2.6.0-Fix-issues-detected-by-code-analysis-tool.patch

-# Fix some OpenSSL 1.1.1 test failures.
-# https://github.com/ruby/ruby/commit/1dfc377ae3b174b043d3f0ed36de57b0296b34d0
-Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
 # Add support for .include directive used by OpenSSL config files.
 # https://github.com/ruby/openssl/pull/216
 Patch22: ruby-2.6.0-config-support-include-directive.patch
@ -165,6 +158,80 @@ Patch22: ruby-2.6.0-config-support-include-directive.patch
 # https://github.com/ruby/openssl/pull/217
 Patch23: ruby-2.6.0-use-larger-keys-for-SSL-tests.patch

+# Use ffi_closure_alloc to avoid segmentation fault by libffi on aarch64.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1727832
+# https://bugzilla.redhat.com/show_bug.cgi?id=1721569
+# https://github.com/ruby/fiddle/pull/20
+Patch26: ruby-2.6.3-fiddle-1.0.0-ffi-closure-alloc-default.patch
+# Fix rdoc gzipped javascript pages are not the same across multilib.
+# https://github.com/ruby/ruby/commit/98c7058bf7b3eab91c62a77cb10b09f6c8ed368e
+# https://github.com/ruby/rdoc/commit/524a8ffc7efbc10b09234f7ac3f81d30a3f9f65c
+# https://github.com/ruby/rdoc/commit/2df261bb8a9336438508bba94e22e0f968f88983
+# https://github.com/ruby/rdoc/commit/8e1916b89ef1d50930c2c863119ddb6ce6c796ed
+# https://github.com/ruby/rdoc/commit/5a8dc7ce883b24539918c75a460a740943c46970
+Patch27: ruby-2.6.0-rdoc-6.0.2-fix-different-js-gz-pages-across-multilib.patch
+# Revert: Stop the error due to openssl 1.1.1h, which causes an error in Ruby 2.5.
+# https://github.com/ruby/ruby/commit/93e6364a848f00b34647b13063dceb854dfaa11e.
+Patch28: ruby-2.5.9-revert-stop-the-error-due-to-openssl-1-1-1h.patch
+# Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
+# contains leading zero
+# https://bugzilla.redhat.com/show_bug.cgi?id=1950308
+Patch29: ruby-3.0.0-Convert-ip-addresses-to-canonical-form.patch
+# Fix CVE-2021-31799 rdoc: Command injection vulnerability in RDoc.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1980839
+Patch30: ruby-2.6.8-rdoc-6.1.2.1-command-injection-vulnerability.patch
+# Fix CVE-2021-32066 StartTLS stripping vulnerability in Net::IMAP.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1980830
+Patch31: ruby-2.6.8-net-imap-startls-stripping-vulnerability.patch
+# Fix CVE-2021-31810 FTP PASV command response can cause Net::FTP to connect
+# to arbitrary host.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1980825
+Patch32: ruby-2.6.8-net-ftp-pasv-can-connect-to-arbitrary-host.patch
+# CVE-2021-41817: Fix by adding a length limit option for methods that parses
+# date strings.
+# https://bugzilla.redhat.com/show_bug.cgi?id=2025104
+# https://github.com/ruby/date/commit/4f9b8e946ba98f0a1774f8e677baa4a45637ebb3
+Patch33: ruby-2.6.9-date-2.0.1-parse-length-limit.patch
+# CVE-2021-41819: CGI::Cookie.parse that no longer decodes cookie names to
+# prevent spoofing security prefixes in cookie names.
+# https://bugzilla.redhat.com/show_bug.cgi?id=2026757
+# https://github.com/ruby/ruby/commit/02c341c9bc5879eae568ed2ba02cf227ed948199
+# https://github.com/ruby/cgi/commit/84dedc6fbb2a210ec070c35bc607b89003701fa2
+Patch34: ruby-2.6.9-cgi-0.1.1-cookie-parse-not-decode-names.patch
+# Fix rdoc nil token parsing
+# https://github.com/ruby/rdoc/commit/a1631aa98a67112d96ac101c72909fdeec6f84f9
+Patch35: ruby-2.6.0-rdoc-6.0.2-check-nil-text-token.patch
+# Fix Time Zone Database 2022g.
+# https://bugs.ruby-lang.org/issues/19187
+# https://github.com/ruby/ruby/commit/a1124dc162810f86cb0bff58cde24064cfc561bc
+Patch36: ruby-3.1.3-Fix-for-tzdata-2022g.patch
+# Bypass git submodule test failure on Git >= 2.38.1.
+# https://github.com/ruby/ruby/pull/6587
+Patch37: ruby-3.2.0-git-2.38.1-fix-rubygems-test.patch
+# CVE-2021-33621: HTTP response splitting in CGI.
+# Backported from:
+# https://github.com/ruby/ruby/commit/7cf697179dab52b0d024543304f4d3ab5fa5e847
+Patch38: ruby-2.7.7-Fix-CVE-2021-33621-HTTP-response-splitting-in-CGI.patch
+# Let cookies use leading dot in the domain after fixing CVE-2021-33621
+# to retain compatibility.
+# https://github.com/ruby/cgi/commit/5e09d632f3b56d85b2659ab47d5571ae9e270e10
+Patch39: rubygem-cgi-0.3.6-Loosen-the-domain-regex-to-accept-dot.patch
+# CVE-2022-28739: Buffer overrun in String-to-Float conversion.
+# Backported from:
+# https://github.com/ruby/ruby/commit/69f9992ed41920389d4185141a14f02f89a4d306
+Patch40: ruby-2.6.10-Fix-CVE-2022-28739-Buffer-overrun-in-str2float.patch
+# CVE-2023-28755 ReDoS vulnerability in URI.
+# Backported from:
+# https://github.com/ruby/ruby/commit/6855779d580358a6a0b4c9ee06f20e7cae72955a
+Patch41: ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
+# CVE-2023-28756 ReDoS vulnerability in Time.
+# Tests not included as assert_linear_time was introduced in Ruby 2.7.
+# Backported from:
+# https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
+# https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
+Patch42: ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
+
+
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Suggests: rubypick
 Recommends: ruby(rubygems) >= %{rubygems_version}
@ -189,6 +256,7 @@ BuildRequires: procps
 %{?with_hardening_test:BuildRequires: %{_bindir}/checksec}
 BuildRequires: multilib-rpm-config
 BuildRequires: gcc
+BuildRequires: zlib-devel

 # This package provides %%{_bindir}/ruby-mri therefore it is marked by this
 # virtual provide. It can be installed as dependency of rubypick.
@ -536,6 +604,12 @@ HTTP.
 rm -rf ext/psych/yaml
 rm -rf ext/fiddle/libffi*

+# Remove file with non-commercial license
+# https://bugzilla.redhat.com/show_bug.cgi?id=1846113
+sed -i 's/"evaluation\/incorrect_words.yaml"\.freeze, //' \
+  gems/did_you_mean-1.2.0/did_you_mean.gemspec
+
+
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
@ -546,15 +620,29 @@ rm -rf ext/fiddle/libffi*
 %patch7 -p1
 %patch9 -p1
 %patch10 -p1
-%patch11 -p1
 %patch15 -p1
 %patch16 -p1
-%patch19 -p1
-%patch20 -p1
 %patch22 -p1
 %patch23 -p1
 %patch24 -p1
 %patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch28 -p1 -R
+%patch29 -p1
+%patch30 -p1
+%patch31 -p1
+%patch32 -p1
+%patch33 -p1
+%patch34 -p1
+%patch35 -p1
+%patch36 -p1
+%patch37 -p1
+%patch38 -p1
+%patch39 -p1
+%patch40 -p1
+%patch41 -p1
+%patch42 -p1

 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@ -608,13 +696,13 @@ make install DESTDIR=%{buildroot}
 sed -i 's/Version: \${ruby_version}/Version: %{ruby_version}/' %{buildroot}%{_libdir}/pkgconfig/%{name}.pc

 # Kill bundled certificates, as they should be part of ca-certificates.
+# This can fail because certificates can be in the same directory.
 for cert in \
-  rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem \
-  rubygems.org/AddTrustExternalCARoot.pem \
-  index.rubygems.org/GlobalSignRootCA.pem
+  rubygems.org/GlobalSignRootCA.pem \
+  rubygems.org/GlobalSignRootCA_R3.pem
 do
-  rm %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert
-  rm -r $(dirname %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert)
+  rm %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert ||:
+  rm -r $(dirname %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert) ||:
 done
 # Ensure there is not forgotten any certificate.
 test ! "$(ls -A  %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/ 2>/dev/null)"
@ -714,12 +802,14 @@ sed -i '/^end$/ i\
 # Move man pages into proper location
 mv %{buildroot}%{gem_dir}/gems/rake-%{rake_version}/doc/rake.1 %{buildroot}%{_mandir}/man1

+%if %{with systemtap}
 # Install a tapset and fix up the path to the library.
 mkdir -p %{buildroot}%{tapset_dir}
 sed -e "s|@LIBRARY_PATH@|%{tapset_libdir}/libruby.so.%{major_minor_version}|" \
  %{SOURCE2} > %{buildroot}%{tapset_dir}/libruby.so.%{major_minor_version}.stp
 # Escape '*/' in comment.
 sed -i -r "s|( \*.*\*)\/(.*)|\1\\\/\2|" %{buildroot}%{tapset_dir}/libruby.so.%{major_minor_version}.stp
+%endif

 # Prepare -doc subpackage file lists.
 find doc -maxdepth 1 -type f ! -name '.*' ! -name '*.ja*' > .ruby-doc.en
@ -958,7 +1048,7 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
 %{ruby_libarchdir}/syslog.so
 %{ruby_libarchdir}/zlib.so

-%{tapset_root}
+%{?with_systemtap:%{tapset_root}}

 %files -n rubygems
 %{_bindir}/gem
@ -996,7 +1086,7 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
 %{gem_dir}/specifications/default/sdbm-1.0.0.gemspec
 %{gem_dir}/specifications/default/stringio-0.0.1.gemspec
 %{gem_dir}/specifications/default/strscan-1.0.0.gemspec
-%{gem_dir}/specifications/default/webrick-1.4.2.gemspec
+%{gem_dir}/specifications/default/webrick-1.4.2.1.gemspec
 %{gem_dir}/specifications/default/zlib-1.0.0.gemspec

 %files -n rubygems-devel
@ -1028,7 +1118,7 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
 %files doc -f .ruby-doc.en -f .ruby-doc.ja
 %doc README.md
 %doc ChangeLog
-%doc ruby-exercise.stp
+%{?with_systemtap:%doc ruby-exercise.stp}
 %{_datadir}/ri

 %files -n rubygem-bigdecimal
@ -1105,6 +1195,73 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
 %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec

 %changelog
+* Mon Jun 12 2023 Jarek Prokop <jprokop@redhat.com> - 2.5.9-111
+- Fix HTTP response splitting in CGI.
+  Resolves: CVE-2021-33621
+- Fix Buffer overrun in String-to-Float conversion.
+  Resolves: CVE-2022-28739
+- Fix ReDoS vulnerability in URI.
+  Resolves: CVE-2023-28755
+- Fix ReDoS vulnerability in Time.
+  Resolves: CVE-2023-28756
+
+* Thu May 25 2023 Todd Zullinger <tmz@pobox.com> - 2.5.9-111
+- Fix rdoc parsing of nil text tokens.
+  Resolves: rhbz#2210326
+
+* Fri Jul 08 2022 Jun Aruga <jaruga@redhat.com> - 2.5.9-110
+- Fix FTBFS due to an incompatible load directive.
+- Fix a fiddle import test on an optimized glibc on Power 9.
+- Fix by adding length limit option for methods that parses date strings.
+  Resolves: CVE-2021-41817
+- CGI::Cookie.parse no longer decodes cookie names to prevent spoofing security
+  prefixes in cookie names.
+  Resolves: CVE-2021-41819
+
+* Wed Feb 16 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-109
+- Properly fix command injection vulnerability in Rdoc.
+  Related: CVE-2021-31799
+
+* Wed Feb 09 2022 Jarek Prokop <jprokop@redhat.com> - 2.5.9-108
+- Fix command injection vulnerability in RDoc.
+  Resolves: CVE-2021-31799
+- Fix StartTLS stripping vulnerability in Net::IMAP
+  Resolves: CVE-2021-32066
+- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
+  Resolves: CVE-2021-31810
+
+* Mon Apr 19 2021 Pavel Valena <pvalena@redhat.com> - 2.5.9-107
+- Update to Ruby 2.5.9.
+  * Remove Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch; subsumed
+  Resolves: rhbz#1757844
+- Resolv::DNS: timeouts if multiple IPv6 name servers are given and address
+  contains leading zero
+  Resolves: rhbz#1950308
+
+* Mon Jun 22 2020 Pavel Valena <pvalena@redhat.com> - 2.5.5-106
+- Remove file with non-commercial license from did_you_mean gem.
+  Resolves: rhbz#1846113
+
+* Thu Jul 04 2019 Jun Aruga <jaruga@redhat.com> - 2.5.5-105
+- Use ffi_closure_alloc to avoid segmentation fault by libffi on aarch64.
+  Resolves: rhbz#1727832
+- Properly support %%prerelease in %%gemspec_ macros.
+  Related: rhbz#1688758
+- Fix rdoc gzipped javascript pages are not the same across multilib.
+  Resolves: rhbz#1719647
+
+* Wed Apr 17 2019 Vít Ondruch <vondruch@redhat.com> - 2.5.5-104
+- Update to Ruby 2.5.5.
+  * Remove Patch25: ruby-2.6.0-Update-for-tzdata-2018f.patch; subsumed
+  * Remove Patch11: ruby-2.6.0-Try-to-update-cert.patch; subsumed
+  * Remove Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with
+      -TLS-1.3.patch; subsumed
+  Resolves: rhbz#1688758
+- Don't ship .stp files when SystemTap support is disabled.
+  Related: rhbz#1657915
+- Fix CovScan issues.
+  Resolves: rhbz#1628592
+
 * Fri Jan 11 2019 Jun Aruga <jaruga@redhat.com> - 2.5.3-103
 - Refresh expired certificates to fix FTBFS.
Author	SHA1	Message	Date
eabdullin	f8b15c13de	import UBI ruby-2.5.9-111.module+el8.9.0+19193+435404ae	2023-11-15 03:49:17 +00:00
CentOS Sources	0902bc0a52	import ruby-2.5.9-110.module+el8.6.0+15956+aa803fc1	2022-08-01 09:06:38 +00:00
CentOS Sources	833b077660	import ruby-2.5.9-109.module+el8.5.0+14275+d9c243ca	2022-02-24 15:14:42 +00:00
CentOS Sources	4220e71242	import ruby-2.5.9-107.module+el8.5.0+13840+ec418553	2022-02-16 11:08:29 +00:00
CentOS Sources	afea8c5c1d	import ruby-2.5.9-107.module+el8.4.0+10822+fe4fffb1	2021-09-10 18:57:46 +00:00
CentOS Sources	e043d55b8f	import ruby-2.5.5-106.module+el8.3.0+7153+c6f6daa5	2021-09-10 18:57:32 +00:00
CentOS Sources	16b59d08fa	import ruby-2.5.5-105.module+el8.1.0+3656+f80bfa1d	2021-09-10 18:57:23 +00:00
CentOS Sources	d9ae0772ec	import ruby-2.5.3-104.module+el8.0.0+3250+4b7d6d43	2021-09-10 18:57:14 +00:00