Update to Ruby 2.0.0-p353.
- Allow MD5 in OpenSSL for tests. - Fix heap overflow in floating point parsing (CVE-2013-4164).
This commit is contained in:
parent
3a0654b687
commit
eac4c415ba
1
.gitignore
vendored
1
.gitignore
vendored
@ -20,3 +20,4 @@ ruby-rev415a3ef9ab82c65a7abc-ext_tk.tar.gz
|
|||||||
/ruby-2.0.0-p0.tar.gz
|
/ruby-2.0.0-p0.tar.gz
|
||||||
/ruby-2.0.0-p195.tar.bz2
|
/ruby-2.0.0-p195.tar.bz2
|
||||||
/ruby-2.0.0-p247.tar.bz2
|
/ruby-2.0.0-p247.tar.bz2
|
||||||
|
/ruby-2.0.0-p353.tar.bz2
|
||||||
|
@ -1,85 +0,0 @@
|
|||||||
From 5617aafa2d44d0a4bc811830e225463abd01b2b2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
|
||||||
Date: Tue, 21 May 2013 10:01:33 +0200
|
|
||||||
Subject: [PATCH] Fix build against OpenSSL with enabled ECC curves.
|
|
||||||
|
|
||||||
---
|
|
||||||
ext/openssl/ossl_pkey_ec.c | 4 ++++
|
|
||||||
test/openssl/test_pkey_ec.rb | 26 +++++++++++++-------------
|
|
||||||
2 files changed, 17 insertions(+), 13 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
|
|
||||||
index 8e6d88f..29e28ca 100644
|
|
||||||
--- a/ext/openssl/ossl_pkey_ec.c
|
|
||||||
+++ b/ext/openssl/ossl_pkey_ec.c
|
|
||||||
@@ -762,8 +762,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
|
|
||||||
method = EC_GFp_mont_method();
|
|
||||||
} else if (id == s_GFp_nist) {
|
|
||||||
method = EC_GFp_nist_method();
|
|
||||||
+#if !defined(OPENSSL_NO_EC2M)
|
|
||||||
} else if (id == s_GF2m_simple) {
|
|
||||||
method = EC_GF2m_simple_method();
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
if (method) {
|
|
||||||
@@ -817,8 +819,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
|
|
||||||
|
|
||||||
if (id == s_GFp) {
|
|
||||||
new_curve = EC_GROUP_new_curve_GFp;
|
|
||||||
+#if !defined(OPENSSL_NO_EC2M)
|
|
||||||
} else if (id == s_GF2m) {
|
|
||||||
new_curve = EC_GROUP_new_curve_GF2m;
|
|
||||||
+#endif
|
|
||||||
} else {
|
|
||||||
ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
|
|
||||||
}
|
|
||||||
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
|
|
||||||
index f151335..56f3ff7 100644
|
|
||||||
--- a/test/openssl/test_pkey_ec.rb
|
|
||||||
+++ b/test/openssl/test_pkey_ec.rb
|
|
||||||
@@ -7,28 +7,28 @@ class OpenSSL::TestEC < Test::Unit::TestCase
|
|
||||||
@data1 = 'foo'
|
|
||||||
@data2 = 'bar' * 1000 # data too long for DSA sig
|
|
||||||
|
|
||||||
- @group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
|
|
||||||
- @group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
|
|
||||||
- @group3 = OpenSSL::PKey::EC::Group.new('prime256v1')
|
|
||||||
+ @groups = []
|
|
||||||
+ @keys = []
|
|
||||||
|
|
||||||
- @key1 = OpenSSL::PKey::EC.new
|
|
||||||
- @key1.group = @group1
|
|
||||||
- @key1.generate_key
|
|
||||||
+ OpenSSL::PKey::EC.builtin_curves.each do |curve, comment|
|
|
||||||
+ group = OpenSSL::PKey::EC::Group.new(curve)
|
|
||||||
|
|
||||||
- @key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
|
|
||||||
- @key2.generate_key
|
|
||||||
+ key = OpenSSL::PKey::EC.new(group)
|
|
||||||
+ key.generate_key
|
|
||||||
|
|
||||||
- @key3 = OpenSSL::PKey::EC.new(@group3)
|
|
||||||
- @key3.generate_key
|
|
||||||
-
|
|
||||||
- @groups = [@group1, @group2, @group3]
|
|
||||||
- @keys = [@key1, @key2, @key3]
|
|
||||||
+ @groups << group
|
|
||||||
+ @keys << key
|
|
||||||
+ end
|
|
||||||
end
|
|
||||||
|
|
||||||
def compare_keys(k1, k2)
|
|
||||||
assert_equal(k1.to_pem, k2.to_pem)
|
|
||||||
end
|
|
||||||
|
|
||||||
+ def test_builtin_curves
|
|
||||||
+ assert(!OpenSSL::PKey::EC.builtin_curves.empty?)
|
|
||||||
+ end
|
|
||||||
+
|
|
||||||
def test_curve_names
|
|
||||||
@groups.each_with_index do |group, idx|
|
|
||||||
key = @keys[idx]
|
|
||||||
--
|
|
||||||
1.8.2.1
|
|
||||||
|
|
19
ruby.spec
19
ruby.spec
@ -1,7 +1,7 @@
|
|||||||
%global major_version 2
|
%global major_version 2
|
||||||
%global minor_version 0
|
%global minor_version 0
|
||||||
%global teeny_version 0
|
%global teeny_version 0
|
||||||
%global patch_level 247
|
%global patch_level 353
|
||||||
|
|
||||||
%global major_minor_version %{major_version}.%{minor_version}
|
%global major_minor_version %{major_version}.%{minor_version}
|
||||||
|
|
||||||
@ -26,7 +26,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
%global release 15
|
%global release 16
|
||||||
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||||
|
|
||||||
%global rubygems_version 2.0.3
|
%global rubygems_version 2.0.3
|
||||||
@ -139,11 +139,6 @@ Patch13: rubygems-2.0.0-Do-not-modify-global-Specification.dirs-during-insta.pat
|
|||||||
# This prevents issues, when ruby configuration specifies --with-ruby-version=''.
|
# This prevents issues, when ruby configuration specifies --with-ruby-version=''.
|
||||||
# https://github.com/rubygems/rubygems/pull/455
|
# https://github.com/rubygems/rubygems/pull/455
|
||||||
Patch14: rubygems-2.0.0-Fixes-for-empty-ruby-version.patch
|
Patch14: rubygems-2.0.0-Fixes-for-empty-ruby-version.patch
|
||||||
# Although this does not directly affects Fedora ATM, it might be issue when
|
|
||||||
# rebuilding package on different platform (RHEL7). Please keep the patch until
|
|
||||||
# it is resolved in upstream.
|
|
||||||
# https://bugs.ruby-lang.org/issues/8384
|
|
||||||
Patch15: ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch
|
|
||||||
# Adds aarch64 support.
|
# Adds aarch64 support.
|
||||||
# http://bugs.ruby-lang.org/issues/8331
|
# http://bugs.ruby-lang.org/issues/8331
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=926463
|
# https://bugzilla.redhat.com/show_bug.cgi?id=926463
|
||||||
@ -424,7 +419,6 @@ Tcl/Tk interface for the object-oriented scripting language Ruby.
|
|||||||
%patch12 -p1
|
%patch12 -p1
|
||||||
%patch13 -p1
|
%patch13 -p1
|
||||||
%patch14 -p1
|
%patch14 -p1
|
||||||
%patch15 -p1
|
|
||||||
%patch16 -p1
|
%patch16 -p1
|
||||||
%patch17 -p1
|
%patch17 -p1
|
||||||
%patch18 -p1
|
%patch18 -p1
|
||||||
@ -600,7 +594,9 @@ DISABLE_TESTS="-x test_dl2.rb $DISABLE_TESTS"
|
|||||||
# the test suite).
|
# the test suite).
|
||||||
touch abrt.rb
|
touch abrt.rb
|
||||||
|
|
||||||
make check TESTS="-v $DISABLE_TESTS"
|
# Allow MD5 in OpenSSL.
|
||||||
|
# https://bugs.ruby-lang.org/issues/9154
|
||||||
|
OPENSSL_ENABLE_MD5_VERIFY=1 make check TESTS="-v $DISABLE_TESTS"
|
||||||
|
|
||||||
%post libs -p /sbin/ldconfig
|
%post libs -p /sbin/ldconfig
|
||||||
|
|
||||||
@ -893,6 +889,11 @@ make check TESTS="-v $DISABLE_TESTS"
|
|||||||
%{ruby_libdir}/tkextlib
|
%{ruby_libdir}/tkextlib
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 25 2013 Vít Ondruch <vondruch@redhat.com> - 2.0.0.353-16
|
||||||
|
- Update to Ruby 2.0.0-p353.
|
||||||
|
- Allow MD5 in OpenSSL for tests.
|
||||||
|
- Fix heap overflow in floating point parsing (CVE-2013-4164).
|
||||||
|
|
||||||
* Tue Jul 30 2013 Vít Ondruch <vondruch@redhat.com> - 2.0.0.247-15
|
* Tue Jul 30 2013 Vít Ondruch <vondruch@redhat.com> - 2.0.0.247-15
|
||||||
- Move Psych symlinks to vendor dir, to prevent F18 -> F19 upgrade issues
|
- Move Psych symlinks to vendor dir, to prevent F18 -> F19 upgrade issues
|
||||||
(rhbz#988490).
|
(rhbz#988490).
|
||||||
|
@ -44,7 +44,7 @@ diff --git a/lib/rubygems/dependency_installer.rb b/lib/rubygems/dependency_inst
|
|||||||
index dffa8df..841f26a 100644
|
index dffa8df..841f26a 100644
|
||||||
--- a/lib/rubygems/dependency_installer.rb
|
--- a/lib/rubygems/dependency_installer.rb
|
||||||
+++ b/lib/rubygems/dependency_installer.rb
|
+++ b/lib/rubygems/dependency_installer.rb
|
||||||
@@ -57,17 +57,14 @@ class Gem::DependencyInstaller
|
@@ -57,16 +57,14 @@ class Gem::DependencyInstaller
|
||||||
# :build_args:: See Gem::Installer::new
|
# :build_args:: See Gem::Installer::new
|
||||||
|
|
||||||
def initialize(options = {})
|
def initialize(options = {})
|
||||||
@ -54,7 +54,6 @@ index dffa8df..841f26a 100644
|
|||||||
- # HACK shouldn't change the global settings, needed for -i behavior
|
- # HACK shouldn't change the global settings, needed for -i behavior
|
||||||
- # maybe move to the install command? See also github #442
|
- # maybe move to the install command? See also github #442
|
||||||
- Gem::Specification.dirs = @install_dir
|
- Gem::Specification.dirs = @install_dir
|
||||||
- Gem.ensure_gem_subdirectories @install_dir
|
|
||||||
+ Gem.ensure_gem_subdirectories options[:install_dir]
|
+ Gem.ensure_gem_subdirectories options[:install_dir]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
From c9b2eff36728266052ccfff54d3ac0a0624fd0f1 Mon Sep 17 00:00:00 2001
|
From c9b2eff36728266052ccfff54d3ac0a0624fd0f1 Mon Sep 17 00:00:00 2001
|
||||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
||||||
Date: Thu, 14 Feb 2013 11:50:41 +0100
|
Date: Thu, 14 Feb 2013 11:50:41 +0100
|
||||||
Subject: [PATCH 1/2] Use File.join insteado of manual path creation.
|
Subject: [PATCH] Use File.join insteado of manual path creation.
|
||||||
|
|
||||||
This prevents issues, when File.join in #new_default_spec removes
|
This prevents issues, when File.join in #new_default_spec removes
|
||||||
superfluous slashes while they are kept in expected paths. E.g. the test
|
superfluous slashes while they are kept in expected paths. E.g. the test
|
||||||
@ -32,50 +32,3 @@ index 60df53f..35c9631 100644
|
|||||||
--
|
--
|
||||||
1.8.1.2
|
1.8.1.2
|
||||||
|
|
||||||
|
|
||||||
From b022cef7b2e6c2d138388a6c2db02cca8c408cc6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
|
|
||||||
Date: Thu, 14 Feb 2013 13:35:20 +0100
|
|
||||||
Subject: [PATCH 2/2] Do not add last slash to Gem.user_dir if ruby_version
|
|
||||||
string is empty.
|
|
||||||
|
|
||||||
---
|
|
||||||
lib/rubygems/defaults.rb | 4 +++-
|
|
||||||
test/rubygems/test_gem.rb | 6 ++++--
|
|
||||||
2 files changed, 7 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/lib/rubygems/defaults.rb b/lib/rubygems/defaults.rb
|
|
||||||
index ea84e5c..05c35bb 100644
|
|
||||||
--- a/lib/rubygems/defaults.rb
|
|
||||||
+++ b/lib/rubygems/defaults.rb
|
|
||||||
@@ -54,7 +54,9 @@ module Gem
|
|
||||||
# Path for gems in the user's home directory
|
|
||||||
|
|
||||||
def self.user_dir
|
|
||||||
- File.join Gem.user_home, '.gem', ruby_engine, ConfigMap[:ruby_version]
|
|
||||||
+ parts = [Gem.user_home, '.gem', ruby_engine]
|
|
||||||
+ parts << ConfigMap[:ruby_version] unless ConfigMap[:ruby_version].empty?
|
|
||||||
+ File.join parts
|
|
||||||
end
|
|
||||||
|
|
||||||
##
|
|
||||||
diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
|
|
||||||
index bf77009..9ee78f7 100644
|
|
||||||
--- a/test/rubygems/test_gem.rb
|
|
||||||
+++ b/test/rubygems/test_gem.rb
|
|
||||||
@@ -1198,8 +1198,10 @@ class TestGem < Gem::TestCase
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_self_user_dir
|
|
||||||
- assert_equal File.join(@userhome, '.gem', Gem.ruby_engine,
|
|
||||||
- Gem::ConfigMap[:ruby_version]), Gem.user_dir
|
|
||||||
+ parts = [@userhome, '.gem', Gem.ruby_engine]
|
|
||||||
+ parts << Gem::ConfigMap[:ruby_version] unless Gem::ConfigMap[:ruby_version].empty?
|
|
||||||
+
|
|
||||||
+ assert_equal File.join(parts), Gem.user_dir
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_self_user_home
|
|
||||||
--
|
|
||||||
1.8.1.2
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user