diff --git a/CVE-2019-15845.patch b/CVE-2019-15845.patch
deleted file mode 100644
index c0d7d6c177a802ad81db5ba36bbf67654fc0b768..0000000000000000000000000000000000000000
--- a/CVE-2019-15845.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From a0a2640b398cffd351f87d3f6243103add66575b Mon Sep 17 00:00:00 2001
-From: Nobuyoshi Nakada <nobu@ruby-lang.org>
-Date: Wed, 12 Dec 2018 14:38:09 +0900
-Subject: [PATCH] Fix for wrong fnmatch patttern
-
-* dir.c (file_s_fnmatch): ensure that pattern does not contain a
-  NUL character.  https://hackerone.com/reports/449617
----
- dir.c                     | 2 +-
- test/ruby/test_fnmatch.rb | 6 ++++++
- 2 files changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/dir.c b/dir.c
-index 6d1f50192743..d20cf60a7f4e 100644
---- a/dir.c
-+++ b/dir.c
-@@ -3211,7 +3211,7 @@ file_s_fnmatch(int argc, VALUE *argv, VALUE obj)
-     else
- 	flags = 0;
- 
--    StringValue(pattern);
-+    StringValueCStr(pattern);
-     FilePathStringValue(path);
- 
-     if (flags & FNM_EXTGLOB) {
-diff --git a/test/ruby/test_fnmatch.rb b/test/ruby/test_fnmatch.rb
-index f594a00ad3d6..16f1076e48cc 100644
---- a/test/ruby/test_fnmatch.rb
-+++ b/test/ruby/test_fnmatch.rb
-@@ -160,4 +160,10 @@ def test_unicode
-     assert_file.fnmatch("[a-\u3042]*", "\u3042")
-     assert_file.not_fnmatch("[a-\u3042]*", "\u3043")
-   end
-+
-+  def test_nullchar
-+    assert_raise(ArgumentError) {
-+      File.fnmatch("a\0z", "a")
-+    }
-+  end
- end
diff --git a/CVE-2019-16201.patch b/CVE-2019-16201.patch
deleted file mode 100644
index 135b3584f4232de27306fec5d3fcddead96f570f..0000000000000000000000000000000000000000
--- a/CVE-2019-16201.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-From 36e057e26ef2104bc2349799d6c52d22bb1c7d03 Mon Sep 17 00:00:00 2001
-From: Nobuyoshi Nakada <nobu@ruby-lang.org>
-Date: Tue, 13 Aug 2019 12:14:28 +0900
-Subject: [PATCH] Loop with String#scan without creating substrings
-
-Create the substrings necessary parts only, instead of cutting the
-rest of the buffer.  Also removed a useless, probable typo, regexp.
----
- lib/webrick/httpauth/digestauth.rb | 19 ++-----------------
- test/webrick/test_httpauth.rb      | 22 ++++++++++++++++++++++
- 2 files changed, 24 insertions(+), 17 deletions(-)
-
-diff --git a/lib/webrick/httpauth/digestauth.rb b/lib/webrick/httpauth/digestauth.rb
-index 6416a40998f5..3cf12899d2f2 100644
---- a/lib/webrick/httpauth/digestauth.rb
-+++ b/lib/webrick/httpauth/digestauth.rb
-@@ -290,23 +290,8 @@ def _authenticate(req, res)
- 
-       def split_param_value(string)
-         ret = {}
--        while string.bytesize != 0
--          case string
--          when /^\s*([\w\-\.\*\%\!]+)=\s*\"((\\.|[^\"])*)\"\s*,?/
--            key = $1
--            matched = $2
--            string = $'
--            ret[key] = matched.gsub(/\\(.)/, "\\1")
--          when /^\s*([\w\-\.\*\%\!]+)=\s*([^,\"]*),?/
--            key = $1
--            matched = $2
--            string = $'
--            ret[key] = matched.clone
--          when /^s*^,/
--            string = $'
--          else
--            break
--          end
-+        string.scan(/\G\s*([\w\-.*%!]+)=\s*(?:\"((?>\\.|[^\"])*)\"|([^,\"]*))\s*,?/) do
-+          ret[$1] = $3 || $2.gsub(/\\(.)/, "\\1")
-         end
-         ret
-       end
-diff --git a/test/webrick/test_httpauth.rb b/test/webrick/test_httpauth.rb
-index 4df7141e857a..9fe8af8be215 100644
---- a/test/webrick/test_httpauth.rb
-+++ b/test/webrick/test_httpauth.rb
-@@ -310,6 +310,28 @@ def test_digest_auth_int
-     }
-   end
- 
-+  def test_digest_auth_invalid
-+    digest_auth = WEBrick::HTTPAuth::DigestAuth.new(Realm: 'realm', UserDB: '')
-+
-+    def digest_auth.error(fmt, *)
-+    end
-+
-+    def digest_auth.try_bad_request(len)
-+      request = {"Authorization" => %[Digest a="#{'\b'*len}]}
-+      authenticate request, nil
-+    end
-+
-+    bad_request = WEBrick::HTTPStatus::BadRequest
-+    t0 = Process.clock_gettime(Process::CLOCK_MONOTONIC)
-+    assert_raise(bad_request) {digest_auth.try_bad_request(10)}
-+    limit = (Process.clock_gettime(Process::CLOCK_MONOTONIC) - t0)
-+    [20, 50, 100, 200].each do |len|
-+      assert_raise(bad_request) do
-+        Timeout.timeout(len*limit) {digest_auth.try_bad_request(len)}
-+      end
-+    end
-+  end
-+
-   private
-   def credentials_for_request(user, password, params, body = nil)
-     cnonce = "hoge"
diff --git a/CVE-2019-16254.patch b/CVE-2019-16254.patch
deleted file mode 100644
index 5bd05e791bfe04883e8c2c971b921e558f46adbe..0000000000000000000000000000000000000000
--- a/CVE-2019-16254.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-From f98b3023bd786b4e7dfdb94b573a5f5d3d37d145 Mon Sep 17 00:00:00 2001
-From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Tue, 1 Oct 2019 11:01:05 +0000
-Subject: [PATCH] merge revision(s) 3ce238b5f9795581eb84114dcfbdf4aa086bfecc
-
-WEBrick: prevent response splitting and header injection
-
-This is a follow up to d9d4a28.
-The commit prevented CRLR, but did not address an isolated CR or an
-isolated LF.
-
-Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
-
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67813 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- lib/webrick/httpresponse.rb       |  3 +-
- test/webrick/test_httpresponse.rb | 46 +++++++++++++++++++++++++++++--
- 2 files changed, 46 insertions(+), 3 deletions(-)
-
-diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
-index 6d77692140f0..d26324c54a11 100644
---- a/lib/webrick/httpresponse.rb
-+++ b/lib/webrick/httpresponse.rb
-@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
-     private
- 
-     def check_header(header_value)
--      if header_value =~ /\r\n/
-+      header_value = header_value.to_s
-+      if /[\r\n]/ =~ header_value
-         raise InvalidHeader
-       else
-         header_value
-diff --git a/test/webrick/test_httpresponse.rb b/test/webrick/test_httpresponse.rb
-index 6263e0a71044..24a6968582e9 100644
---- a/test/webrick/test_httpresponse.rb
-+++ b/test/webrick/test_httpresponse.rb
-@@ -29,7 +29,7 @@ def setup
-       @res.keep_alive  = true
-     end
- 
--    def test_prevent_response_splitting_headers
-+    def test_prevent_response_splitting_headers_crlf
-       res['X-header'] = "malicious\r\nCookie: hack"
-       io = StringIO.new
-       res.send_response io
-@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
-       refute_match 'hack', io.string
-     end
- 
--    def test_prevent_response_splitting_cookie_headers
-+    def test_prevent_response_splitting_cookie_headers_crlf
-       user_input = "malicious\r\nCookie: hack"
-       res.cookies << WEBrick::Cookie.new('author', user_input)
-       io = StringIO.new
-@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
-       refute_match 'hack', io.string
-     end
- 
-+    def test_prevent_response_splitting_headers_cr
-+      res['X-header'] = "malicious\rCookie: hack"
-+      io = StringIO.new
-+      res.send_response io
-+      io.rewind
-+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
-+      assert_equal '500', res.code
-+      refute_match 'hack', io.string
-+    end
-+
-+    def test_prevent_response_splitting_cookie_headers_cr
-+      user_input = "malicious\rCookie: hack"
-+      res.cookies << WEBrick::Cookie.new('author', user_input)
-+      io = StringIO.new
-+      res.send_response io
-+      io.rewind
-+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
-+      assert_equal '500', res.code
-+      refute_match 'hack', io.string
-+    end
-+
-+    def test_prevent_response_splitting_headers_lf
-+      res['X-header'] = "malicious\nCookie: hack"
-+      io = StringIO.new
-+      res.send_response io
-+      io.rewind
-+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
-+      assert_equal '500', res.code
-+      refute_match 'hack', io.string
-+    end
-+
-+    def test_prevent_response_splitting_cookie_headers_lf
-+      user_input = "malicious\nCookie: hack"
-+      res.cookies << WEBrick::Cookie.new('author', user_input)
-+      io = StringIO.new
-+      res.send_response io
-+      io.rewind
-+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
-+      assert_equal '500', res.code
-+      refute_match 'hack', io.string
-+    end
-+
-     def test_304_does_not_log_warning
-       res.status      = 304
-       res.setup_header
-
diff --git a/CVE-2019-16255.patch b/CVE-2019-16255.patch
deleted file mode 100644
index a4fc20ae4370c7a250dd0e3c213f8e9cd1e1a996..0000000000000000000000000000000000000000
--- a/CVE-2019-16255.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 3af01ae1101e0b8815ae5a106be64b0e82a58640 Mon Sep 17 00:00:00 2001
-From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Tue, 1 Oct 2019 11:01:53 +0000
-Subject: [PATCH] lib/shell/command-processor.rb (Shell#[]): prevent unknown
- command
-
-`FileTest.send(command, ...)` allows to call not only FileTest-related
-methods but also any method that belongs to Kernel, Object, etc.
-patched by <mame@ruby-lang.org>
-
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67814 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- lib/shell/command-processor.rb       |  3 +++
- test/shell/test_command_processor.rb | 18 ++++++++++++++++++
- 2 files changed, 21 insertions(+)
-
-diff --git a/lib/shell/command-processor.rb b/lib/shell/command-processor.rb
-index b52cb0043f75..08ea5c874c12 100644
---- a/lib/shell/command-processor.rb
-+++ b/lib/shell/command-processor.rb
-@@ -180,6 +180,9 @@ def test(command, file1, file2=nil)
-             top_level_test(command, file1)
-           end
-         else
-+          unless FileTest.methods(false).include?(command.to_sym)
-+            raise "unsupported command: #{ command }"
-+          end
-           if file2
-             FileTest.send(command, file1, file2)
-           else
-diff --git a/test/shell/test_command_processor.rb b/test/shell/test_command_processor.rb
-index 06b5ecc1d9b4..51e14b5a6954 100644
---- a/test/shell/test_command_processor.rb
-+++ b/test/shell/test_command_processor.rb
-@@ -67,6 +67,24 @@ def test_system_directory
-     Dir.rmdir(path)
-   end
- 
-+  def test_test
-+    name = "foo#{exeext}"
-+    path = File.join(@tmpdir, name)
-+    open(path, "w", 0644) {}
-+
-+    assert_equal(true, @shell[?e, path])
-+    assert_equal(true, @shell[:e, path])
-+    assert_equal(true, @shell["e", path])
-+    assert_equal(true, @shell[:exist?, path])
-+    assert_equal(true, @shell["exist?", path])
-+    assert_raise_with_message(RuntimeError, /unsupported command/) do
-+      assert_equal(true, @shell[:instance_eval, path])
-+    end
-+  ensure
-+    Process.waitall
-+    File.unlink(path)
-+  end
-+
-   def test_option_type
-     name = 'foo.cmd'
-     path = File.join(@tmpdir, name)
diff --git a/CVE-2019-8322-8323-8324-8325.patch b/CVE-2019-8322-8323-8324-8325.patch
deleted file mode 100644
index 911505cbc00736cc1defd4bcaa8e67ca79be83c6..0000000000000000000000000000000000000000
--- a/CVE-2019-8322-8323-8324-8325.patch
+++ /dev/null
@@ -1,355 +0,0 @@
---- ruby-2.5.1/lib/rubygems/command_manager.rb	2017-10-07 21:32:18.000000000 -0400
-+++ ruby-2.5.1-old/lib/rubygems/command_manager.rb	2019-05-20 09:09:51.814000000 -0400
-@@ -7,7 +7,7 @@
- 
- require 'rubygems/command'
- require 'rubygems/user_interaction'
--
-+require 'rubygems/text'
- ##
- # The command manager registers and installs all the individual sub-commands
- # supported by the gem command.
-@@ -31,7 +31,7 @@ require 'rubygems/user_interaction'
- # See Gem::Command for instructions on writing gem commands.
- 
- class Gem::CommandManager
--
-+  include Gem::Text
-   include Gem::UserInteraction
- 
-   BUILTIN_COMMANDS = [ # :nodoc:
-@@ -140,12 +140,12 @@ class Gem::CommandManager
-   def run(args, build_args=nil)
-     process_args(args, build_args)
-   rescue StandardError, Timeout::Error => ex
--    alert_error "While executing gem ... (#{ex.class})\n    #{ex}"
-+    alert_error clean_text("While executing gem ... (#{ex.class})\n    #{ex}")
-     ui.backtrace ex
- 
-     terminate_interaction(1)
-   rescue Interrupt
--    alert_error "Interrupted"
-+    alert_error clean_text("Interrupted")
-     terminate_interaction(1)
-   end
- 
-@@ -163,7 +163,7 @@ class Gem::CommandManager
-       say Gem::VERSION
-       terminate_interaction 0
-     when /^-/ then
--      alert_error "Invalid option: #{args.first}. See 'gem --help'."
-+      alert_error clean_text("Invalid option: #{args.first}. See 'gem --help'.")
-       terminate_interaction 1
-     else
-       cmd_name = args.shift.downcase
-@@ -212,7 +212,7 @@ class Gem::CommandManager
-     rescue Exception => e
-       e = load_error if load_error
- 
--      alert_error "Loading command: #{command_name} (#{e.class})\n\t#{e}"
-+      alert_error clean_text("Loading command: #{command_name} (#{e.class})\n\t#{e}")
-       ui.backtrace e
-     end
-   end
---- ruby-2.5.1/lib/rubygems/commands/owner_command.rb	2018-03-19 04:27:04.000000000 -0400
-+++ ruby-2.5.1-old/lib/rubygems/commands/owner_command.rb	2019-05-20 09:10:50.674000000 -0400
-@@ -2,8 +2,11 @@
- require 'rubygems/command'
- require 'rubygems/local_remote_options'
- require 'rubygems/gemcutter_utilities'
-+require 'rubygems/text'
- 
- class Gem::Commands::OwnerCommand < Gem::Command
-+
-+  include Gem::Text
-   include Gem::LocalRemoteOptions
-   include Gem::GemcutterUtilities
- 
-@@ -64,7 +67,7 @@ permission to.
-     end
- 
-     with_response response do |resp|
--      owners = Gem::SafeYAML.load resp.body
-+      owners = Gem::SafeYAML.load clean_text(resp.body)
- 
-       say "Owners for gem: #{name}"
-       owners.each do |owner|
---- ruby-2.5.1/lib/rubygems/gemcutter_utilities.rb	2016-03-03 19:29:40.000000000 -0500
-+++ ruby-2.5.1-old/lib/rubygems/gemcutter_utilities.rb	2019-05-20 09:13:08.502000000 -0400
-@@ -1,10 +1,12 @@
- # frozen_string_literal: true
- require 'rubygems/remote_fetcher'
-+require 'rubygems/text'
- 
- ##
- # Utility methods for using the RubyGems API.
- 
- module Gem::GemcutterUtilities
-+  include Gem::Text
- 
-   # TODO: move to Gem::Command
-   OptionParser.accept Symbol do |value|
-@@ -145,13 +147,13 @@ module Gem::GemcutterUtilities
-       if block_given? then
-         yield response
-       else
--        say response.body
-+        say clean_text(response.body)
-       end
-     else
-       message = response.body
-       message = "#{error_prefix}: #{message}" if error_prefix
- 
--      say message
-+      say clean_text(message)
-       terminate_interaction 1 # TODO: question this
-     end
-   end
---- ruby-2.5.1/lib/rubygems/installer.rb	2018-03-19 04:27:04.000000000 -0400
-+++ ruby-2.5.1-old/lib/rubygems/installer.rb	2019-05-20 09:17:16.858000000 -0400
-@@ -707,9 +707,26 @@ class Gem::Installer
-       unpack or File.writable?(gem_home)
-   end
- 
--  def verify_spec_name
--    return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
--    raise Gem::InstallError, "#{spec} has an invalid name"
-+  def verify_spec
-+    unless spec.name =~ Gem::Specification::VALID_NAME_PATTERN
-+      raise Gem::InstallError, "#{spec} has an invalid name"
-+    end
-+
-+    if spec.raw_require_paths.any?{|path| path =~ /\r\n|\r|\n/ }
-+      raise Gem::InstallError, "#{spec} has an invalid require_paths"
-+    end
-+
-+    if spec.extensions.any?{|ext| ext =~ /\r\n|\r|\n/ }
-+       raise Gem::InstallError, "#{spec} has an invalid extensions"
-+    end
-+
-+    unless spec.specification_version.to_s =~ /\A\d+\z/
-+      raise Gem::InstallError, "#{spec} has an invalid specification_version"
-+    end
-+
-+    if spec.dependencies.any? {|dep| dep.type =~ /\r\n|\r|\n/ || dep.name =~ /\r\n|\r|\n/ }
-+      raise Gem::InstallError, "#{spec} has an invalid dependencies"
-+    end
-   end
- 
-   ##
-@@ -835,11 +852,12 @@ TEXT
- 
-   def pre_install_checks
-     verify_gem_home options[:unpack]
-+    # The name and require_paths must be verified first, since it could contain
-+    # ruby code that would be eval'ed in #ensure_loadable_spec
-+    verify_spec
- 
-     ensure_loadable_spec
- 
--    verify_spec_name
--
-     if options[:install_as_default]
-       Gem.ensure_default_gem_subdirectories gem_home
-     else
---- ruby-2.5.1/lib/rubygems/package.rb	2018-03-19 04:27:04.000000000 -0400
-+++ ruby-2.5.1-old/lib/rubygems/package.rb	2019-05-20 09:18:49.772000000 -0400
-@@ -425,6 +425,16 @@ EOM
-     raise Gem::Package::PathError.new(destination, destination_dir) unless
-       destination.start_with? destination_dir + '/'
- 
-+    begin
-+      real_destination = File.expand_path(File.realpath(destination))
-+    rescue
-+      # it's fine if the destination doesn't exist, because rm -rf'ing it can't cause any damage
-+      nil
-+    else
-+      raise Gem::Package::PathError.new(real_destination, destination_dir) unless
-+        real_destination.start_with? destination_dir + '/'
-+    end
-+
-     destination.untaint
-     destination
-   end
---- ruby-2.5.1/lib/rubygems/user_interaction.rb	2017-10-07 21:32:18.000000000 -0400
-+++ ruby-2.5.1-old/lib/rubygems/user_interaction.rb	2019-05-20 09:20:18.208000000 -0400
-@@ -6,13 +6,14 @@
- #++
- 
- require 'rubygems/util'
--
-+require 'rubygems/text'
- ##
- # Module that defines the default UserInteraction.  Any class including this
- # module will have access to the +ui+ method that returns the default UI.
- 
- module Gem::DefaultUserInteraction
- 
-+  include Gem::Text
-   ##
-   # The default UI is a class variable of the singleton class for this
-   # module.
-@@ -160,8 +161,8 @@ module Gem::UserInteraction
-   # Calls +say+ with +msg+ or the results of the block if really_verbose
-   # is true.
- 
--  def verbose msg = nil
--    say(msg || yield) if Gem.configuration.really_verbose
-+  def verbose(msg = nil)
-+    say(clean_text(msg || yield)) if Gem.configuration.really_verbose
-   end
- end
- 
---- ruby-2.5.1/test/rubygems/test_gem_installer.rb	2018-03-19 04:27:04.000000000 -0400
-+++ ruby-2.5.1-old/test/rubygems/test_gem_installer.rb	2019-05-20 09:21:08.061000000 -0400
-@@ -1474,6 +1474,94 @@ gem 'other', version
-     end
-   end
- 
-+  def test_pre_install_checks_malicious_name_before_eval
-+    spec = util_spec "malicious\n::Object.const_set(:FROM_EVAL, true)#", '1'
-+    def spec.full_name # so the spec is buildable
-+      "malicious-1"
-+    end
-+    def spec.validate(*args); end
-+    util_build_gem spec
-+    gem = File.join(@gemhome, 'cache', spec.file_name)
-+    use_ui @ui do
-+      @installer = Gem::Installer.at gem
-+      e = assert_raises Gem::InstallError do
-+        @installer.pre_install_checks
-+      end
-+      assert_equal "#<Gem::Specification name=malicious\n::Object.const_set(:FROM_EVAL, true)# version=1> has an invalid name", e.message
-+    end
-+    refute defined?(::Object::FROM_EVAL)
-+  end
-+  def test_pre_install_checks_malicious_require_paths_before_eval
-+    spec = util_spec "malicious", '1'
-+    def spec.full_name # so the spec is buildable
-+      "malicious-1"
-+    end
-+    def spec.validate(*args); end
-+    spec.require_paths = ["malicious\n``"]
-+    util_build_gem spec
-+    gem = File.join(@gemhome, 'cache', spec.file_name)
-+    use_ui @ui do
-+      @installer = Gem::Installer.at gem
-+      e = assert_raises Gem::InstallError do
-+        @installer.pre_install_checks
-+      end
-+      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid require_paths", e.message
-+    end
-+  end
-+  def test_pre_install_checks_malicious_extensions_before_eval
-+    skip "mswin environment disallow to create file contained the carriage return code." if Gem.win_platform?
-+    spec = util_spec "malicious", '1'
-+    def spec.full_name # so the spec is buildable
-+      "malicious-1"
-+    end
-+    def spec.validate(*args); end
-+    spec.extensions = ["malicious\n``"]
-+    util_build_gem spec
-+    gem = File.join(@gemhome, 'cache', spec.file_name)
-+    use_ui @ui do
-+      @installer = Gem::Installer.at gem
-+      e = assert_raises Gem::InstallError do
-+        @installer.pre_install_checks
-+      end
-+      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid extensions", e.message
-+    end
-+  end
-+  def test_pre_install_checks_malicious_specification_version_before_eval
-+    spec = util_spec "malicious", '1'
-+    def spec.full_name # so the spec is buildable
-+      "malicious-1"
-+    end
-+    def spec.validate(*args); end
-+    spec.specification_version = "malicious\n``"
-+    util_build_gem spec
-+    gem = File.join(@gemhome, 'cache', spec.file_name)
-+    use_ui @ui do
-+      @installer = Gem::Installer.at gem
-+      e = assert_raises Gem::InstallError do
-+        @installer.pre_install_checks
-+      end
-+      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid specification_version", e.message
-+    end
-+  end
-+  def test_pre_install_checks_malicious_dependencies_before_eval
-+    spec = util_spec "malicious", '1'
-+    def spec.full_name # so the spec is buildable
-+      "malicious-1"
-+    end
-+    def spec.validate(*args); end
-+    spec.add_dependency "b\nfoo", '> 5'
-+    util_build_gem spec
-+    gem = File.join(@gemhome, 'cache', spec.file_name)
-+    use_ui @ui do
-+      @installer = Gem::Installer.at gem
-+      @installer.ignore_dependencies = true
-+      e = assert_raises Gem::InstallError do
-+        @installer.pre_install_checks
-+      end
-+      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid dependencies", e.message
-+    end
-+  end
-+
-   def test_shebang
-     util_make_exec @spec, "#!/usr/bin/ruby"
- 
---- ruby-2.5.1/test/rubygems/test_gem_package.rb	2018-03-19 04:27:04.000000000 -0400
-+++ ruby-2.5.1-old/test/rubygems/test_gem_package.rb	2019-05-20 09:23:11.311000000 -0400
-@@ -480,6 +480,41 @@ class TestGemPackage < Gem::Package::Tar
-                  "#{destination_subdir} is not allowed", e.message)
-   end
- 
-+  def test_extract_symlink_parent_doesnt_delete_user_dir
-+    skip if RUBY_VERSION <= "1.8.7"
-+    package = Gem::Package.new @gem
-+
-+    # Extract into a subdirectory of @destination; if this test fails it writes
-+    # a file outside destination_subdir, but we want the file to remain inside
-+    # @destination so it will be cleaned up.
-+    destination_subdir = File.join @destination, 'subdir'
-+    FileUtils.mkdir_p destination_subdir
-+
-+    destination_user_dir = File.join @destination, 'user'
-+    destination_user_subdir = File.join destination_user_dir, 'dir'
-+    FileUtils.mkdir_p destination_user_subdir
-+
-+    tgz_io = util_tar_gz do |tar|
-+      tar.add_symlink 'link', destination_user_dir, 16877
-+      tar.add_symlink 'link/dir', '.', 16877
-+    end
-+
-+    e = assert_raises(Gem::Package::PathError, Errno::EACCES) do
-+      package.extract_tar_gz tgz_io, destination_subdir
-+    end
-+
-+    assert_path_exists destination_user_subdir
-+
-+    if Gem::Package::PathError === e
-+      assert_equal("installing into parent path #{destination_user_subdir} of " +
-+                  "#{destination_subdir} is not allowed", e.message)
-+    elsif win_platform?
-+      skip "symlink - must be admin with no UAC on Windows"
-+    else
-+      raise e
-+    end
-+  end
-+
-   def test_extract_tar_gz_directory
-     package = Gem::Package.new @gem
- 
---- ruby-2.5.1/test/rubygems/test_gem_text.rb	2017-08-28 04:31:28.000000000 -0400
-+++ ruby-2.5.1-old/test/rubygems/test_gem_text.rb	2019-05-20 09:23:59.928000000 -0400
-@@ -85,4 +85,9 @@ Without the wrapping, the text might not
-     s = "ab" * 500_001
-     assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
-   end
-+
-+  def test_clean_text
-+    assert_equal ".]2;nyan.", clean_text("\e]2;nyan\a")
-+  end
-+
- end
diff --git a/CVE-2020-10663.patch b/CVE-2020-10663.patch
deleted file mode 100644
index ee73ad6d132d7f60553da31e9cc95878ae66d50d..0000000000000000000000000000000000000000
--- a/CVE-2020-10663.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 85487773ba69ec2179cac77ed725cec1b6cdffc8 Mon Sep 17 00:00:00 2001
-Subject: [PATCH] fix CVE-2020-10663
-
----
- ext/json/parser/parser.c  | 2 +-
- ext/json/parser/parser.rl | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/ext/json/parser/parser.c b/ext/json/parser/parser.c
-index d2e4eb6..ae90b2e 100644
---- a/ext/json/parser/parser.c
-+++ b/ext/json/parser/parser.c
-@@ -1815,7 +1815,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
-     } else {
-         json->max_nesting = 100;
-         json->allow_nan = 0;
--        json->create_additions = 1;
-+        json->create_additions = 0;
-         json->create_id = rb_funcall(mJSON, i_create_id, 0);
-         json->object_class = Qnil;
-         json->array_class = Qnil;
-diff --git a/ext/json/parser/parser.rl b/ext/json/parser/parser.rl
-index 29900a4..f7dbcff 100644
---- a/ext/json/parser/parser.rl
-+++ b/ext/json/parser/parser.rl
-@@ -710,7 +710,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
-     } else {
-         json->max_nesting = 100;
-         json->allow_nan = 0;
--        json->create_additions = 1;
-+        json->create_additions = 0;
-         json->create_id = rb_funcall(mJSON, i_create_id, 0);
-         json->object_class = Qnil;
-         json->array_class = Qnil;
--- 
-2.23.0
-
diff --git a/CVE-2020-10933.patch b/CVE-2020-10933.patch
deleted file mode 100644
index 27be38bd6a6163dce55306ec4b92b9739b493ddd..0000000000000000000000000000000000000000
--- a/CVE-2020-10933.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 61b7f86248bd121be2e83768be71ef289e8e5b90 Mon Sep 17 00:00:00 2001
-From: Yusuke Endoh <mame@ruby-lang.org>
-Date: Tue, 31 Mar 2020 20:18:21 +0900
-Subject: [PATCH] ext/socket/init.c: do not return uninitialized buffer
-
-Resize string buffer only if some data is received in
-BasicSocket#read_nonblock and some methods.
-
-Co-Authored-By: Samuel Williams <samuel.williams@oriontransfer.co.nz>
----
- ext/socket/init.c | 17 ++++++++---------
- 1 file changed, 8 insertions(+), 9 deletions(-)
-
-diff --git a/ext/socket/init.c b/ext/socket/init.c
-index 0675194d7442..6d17ecfb4e2f 100644
---- a/ext/socket/init.c
-+++ b/ext/socket/init.c
-@@ -121,6 +121,7 @@ rsock_send_blocking(void *data)
- struct recvfrom_arg {
-     int fd, flags;
-     VALUE str;
-+    size_t length;
-     socklen_t alen;
-     union_sockaddr buf;
- };
-@@ -131,10 +132,11 @@ recvfrom_blocking(void *data)
-     struct recvfrom_arg *arg = data;
-     socklen_t len0 = arg->alen;
-     ssize_t ret;
--    ret = recvfrom(arg->fd, RSTRING_PTR(arg->str), RSTRING_LEN(arg->str),
-+    ret = recvfrom(arg->fd, RSTRING_PTR(arg->str), arg->length,
-                    arg->flags, &arg->buf.addr, &arg->alen);
-     if (ret != -1 && len0 < arg->alen)
-         arg->alen = len0;
-+
-     return (VALUE)ret;
- }
- 
-@@ -152,7 +154,6 @@ rsock_strbuf(VALUE str, long buflen)
-     } else {
- 	rb_str_modify_expand(str, buflen - len);
-     }
--    rb_str_set_len(str, buflen);
-     return str;
- }
- 
-@@ -188,6 +189,7 @@ rsock_s_recvfrom(VALUE sock, int argc, VALUE *argv, enum sock_recv_type from)
-     arg.fd = fptr->fd;
-     arg.alen = (socklen_t)sizeof(arg.buf);
-     arg.str = str;
-+    arg.length = buflen;
- 
-     while (rb_io_check_closed(fptr),
- 	   rsock_maybe_wait_fd(arg.fd),
-@@ -198,9 +200,8 @@ rsock_s_recvfrom(VALUE sock, int argc, VALUE *argv, enum sock_recv_type from)
-         }
-     }
- 
--    if (slen != RSTRING_LEN(str)) {
--	rb_str_set_len(str, slen);
--    }
-+    /* Resize the string to the amount of data received */
-+    rb_str_set_len(str, slen);
-     rb_obj_taint(str);
-     switch (from) {
-       case RECV_RECV:
-@@ -330,6 +331,7 @@ rsock_read_nonblock(VALUE sock, VALUE length, VALUE buf, VALUE ex)
-     GetOpenFile(sock, fptr);
- 
-     if (len == 0) {
-+	rb_str_set_len(str, 0);
- 	return str;
-     }
- 
-@@ -347,12 +349,9 @@ rsock_read_nonblock(VALUE sock, VALUE length, VALUE buf, VALUE ex)
- 	    rb_syserr_fail_path(e, fptr->pathv);
- 	}
-     }
--    if (len != n) {
-+    if (n != RSTRING_LEN(str)) {
- 	rb_str_modify(str);
- 	rb_str_set_len(str, n);
--	if (str != buf) {
--	    rb_str_resize(str, n);
--	}
-     }
-     if (n == 0) {
- 	if (ex == Qfalse) return Qnil;
diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch
index cc4574158f971d9e389e7db9b5defe4699969dcf..7b7c724a7ee8ec8f8e75a20c26c669a7b98db055 100644
--- a/ruby-2.1.0-custom-rubygems-location.patch
+++ b/ruby-2.1.0-custom-rubygems-location.patch
@@ -11,11 +11,10 @@ Subject: [PATCH] Allow to install RubyGems into custom location, outside of
  tool/rbinstall.rb       | 7 +++++++
  4 files changed, 19 insertions(+)
 
-diff --git a/configure.ac b/configure.ac
-index 6bba453e3c..028ef7ca3e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -4287,6 +4287,10 @@ AC_ARG_WITH(vendorarchdir,
+diff -Naur a/configure.ac b/configure.ac
+--- a/configure.ac	2020-07-27 16:38:47.589749033 +0800
++++ b/configure.ac	2020-07-27 16:24:09.948494621 +0800
+@@ -4288,6 +4288,10 @@
              [vendorarchdir=$withval],
              [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
  
@@ -26,7 +25,7 @@ index 6bba453e3c..028ef7ca3e 100644
  AS_IF([test "${LOAD_RELATIVE+set}"], [
      AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
      RUBY_EXEC_PREFIX=''
-@@ -4311,6 +4315,7 @@ AC_SUBST(sitearchdir)dnl
+@@ -4312,6 +4316,7 @@
  AC_SUBST(vendordir)dnl
  AC_SUBST(vendorlibdir)dnl
  AC_SUBST(vendorarchdir)dnl
@@ -34,11 +33,11 @@ index 6bba453e3c..028ef7ca3e 100644
  
  AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
  AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
-diff --git a/loadpath.c b/loadpath.c
-index 623dc9d..74c5d9e 100644
---- a/loadpath.c
-+++ b/loadpath.c
-@@ -94,6 +94,10 @@ const char ruby_initial_load_paths[] =
+
+diff -Naur a/loadpath.c b/loadpath.c
+--- a/loadpath.c	2020-07-27 16:38:47.589749033 +0800
++++ b/loadpath.c	2020-07-27 16:24:09.948494621 +0800
+@@ -94,6 +94,10 @@
  #endif
  #endif
  
@@ -49,10 +48,10 @@ index 623dc9d..74c5d9e 100644
      RUBY_LIB "\0"
  #ifdef RUBY_THINARCH
      RUBY_ARCH_LIB_FOR(RUBY_THINARCH) "\0"
-diff --git a/template/verconf.h.tmpl b/template/verconf.h.tmpl
-index 79c003e..34f2382 100644
---- a/template/verconf.h.tmpl
-+++ b/template/verconf.h.tmpl
+
+diff -Naur a/template/verconf.h.tmpl b/template/verconf.h.tmpl
+--- a/template/verconf.h.tmpl	2020-07-27 16:38:47.589749033 +0800
++++ b/template/verconf.h.tmpl	2020-07-27 16:24:09.948494621 +0800
 @@ -36,6 +36,9 @@
  % if C["RUBY_SEARCH_PATH"]
  #define RUBY_SEARCH_PATH		"${RUBY_SEARCH_PATH}"
@@ -63,19 +62,19 @@ index 79c003e..34f2382 100644
  %
  % R = {}
  % R["ruby_version"] = '"RUBY_LIB_VERSION"'
-diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb
-index b47b6e1..0b99408 100755
---- a/tool/rbinstall.rb
-+++ b/tool/rbinstall.rb
-@@ -331,6 +331,7 @@ def CONFIG.[](name, mandatory = false)
- sitearchlibdir = CONFIG["sitearchdir"]
- vendorlibdir = CONFIG["vendorlibdir"]
- vendorarchlibdir = CONFIG["vendorarchdir"]
+
+diff -Naur a/tool/rbinstall.rb b/tool/rbinstall.rb
+--- a/tool/rbinstall.rb	2020-07-27 16:22:12.328326341 +0800
++++ b/tool/rbinstall.rb	2020-07-27 16:31:57.009162449 +0800
+@@ -335,6 +335,7 @@
+   vendorlibdir = CONFIG["vendorlibdir"]
+   vendorarchlibdir = CONFIG["vendorarchdir"]
+ end
 +rubygemsdir = CONFIG["rubygemsdir"]
  mandir = CONFIG["mandir", true]
  docdir = CONFIG["docdir", true]
  configure_args = Shellwords.shellwords(CONFIG["configure_args"])
-@@ -537,7 +538,13 @@ def install(src, cmd)
+@@ -541,7 +542,13 @@
  install?(:local, :comm, :lib) do
    prepare "library scripts", rubylibdir
    noinst = %w[*.txt *.rdoc *.gemspec]
@@ -89,6 +88,3 @@ index b47b6e1..0b99408 100755
  end
  
  install?(:local, :comm, :hdr, :'comm-hdr') do
--- 
-1.8.3.1
-
diff --git a/ruby-2.5.1-Test-fixes-for-OpenSSL-1.1.1.patch b/ruby-2.5.1-Test-fixes-for-OpenSSL-1.1.1.patch
deleted file mode 100644
index 919fb005b5580d471c60a3de1a9bbeba7237283e..0000000000000000000000000000000000000000
--- a/ruby-2.5.1-Test-fixes-for-OpenSSL-1.1.1.patch
+++ /dev/null
@@ -1,112 +0,0 @@
-From 71057ca5963108bac1e2c31bd0e8e205ba74cc19 Mon Sep 17 00:00:00 2001
-From: Kazuki Yamaguchi <k@rhe.jp>
-Date: Fri, 11 May 2018 13:43:32 +0900
-Subject: [PATCH 1/2] test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
-
-OpenSSL 1.1.1 raised the minimum size for RSA keys to 512 bits.
----
- test/openssl/test_pkey_rsa.rb | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
-index c1205563..b4393e68 100644
---- a/test/openssl/test_pkey_rsa.rb
-+++ b/test/openssl/test_pkey_rsa.rb
-@@ -60,6 +60,13 @@ def test_new_with_exponent
-     end
-   end
- 
-+  def test_generate
-+    key = OpenSSL::PKey::RSA.generate(512, 17)
-+    assert_equal 512, key.n.num_bits
-+    assert_equal 17, key.e
-+    assert_not_nil key.d
-+  end
-+
-   def test_new_break
-     assert_nil(OpenSSL::PKey::RSA.new(1024) { break })
-     assert_raise(RuntimeError) do
-@@ -256,7 +263,7 @@ def test_pem_passwd
-   end
- 
-   def test_dup
--    key = OpenSSL::PKey::RSA.generate(256, 17)
-+    key = Fixtures.pkey("rsa1024")
-     key2 = key.dup
-     assert_equal key.params, key2.params
-     key2.set_key(key2.n, 3, key2.d)
-
-From a5e26bc1345fe325bdc619f9b1768b7ad3c94214 Mon Sep 17 00:00:00 2001
-From: Kazuki Yamaguchi <k@rhe.jp>
-Date: Fri, 11 May 2018 14:12:39 +0900
-Subject: [PATCH 2/2] test/test_ssl_session: set client protocol version
- explicitly
-
-Clients that implement TLS 1.3's Middlebox Compatibility Mode will
-always provide a non-empty session ID in the ClientHello. This means
-the "get" callback for the server-side session caching may be called
-for the initial connection.
----
- test/openssl/test_ssl_session.rb | 14 +++++++++-----
- 1 file changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb
-index af8c65b1..6db0c2d1 100644
---- a/test/openssl/test_ssl_session.rb
-+++ b/test/openssl/test_ssl_session.rb
-@@ -198,7 +198,9 @@ def test_server_session_cache
-       first_session = nil
-       10.times do |i|
-         connections = i
--        server_connect_with_session(port, nil, first_session) { |ssl|
-+        cctx = OpenSSL::SSL::SSLContext.new
-+        cctx.ssl_version = :TLSv1_2
-+        server_connect_with_session(port, cctx, first_session) { |ssl|
-           ssl.puts("abc"); assert_equal "abc\n", ssl.gets
-           first_session ||= ssl.session
- 
-@@ -257,6 +259,8 @@ def test_ctx_server_session_cb
- 
-     connections = nil
-     called = {}
-+    cctx = OpenSSL::SSL::SSLContext.new
-+    cctx.ssl_version = :TLSv1_2
-     sctx = nil
-     ctx_proc = Proc.new { |ctx|
-       sctx = ctx
-@@ -292,7 +296,7 @@ def test_ctx_server_session_cb
-     }
-     start_server(ctx_proc: ctx_proc) do |port|
-       connections = 0
--      sess0 = server_connect_with_session(port, nil, nil) { |ssl|
-+      sess0 = server_connect_with_session(port, cctx, nil) { |ssl|
-         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
-         assert_equal false, ssl.session_reused?
-         ssl.session
-@@ -307,7 +311,7 @@ def test_ctx_server_session_cb
- 
-       # Internal cache hit
-       connections = 1
--      server_connect_with_session(port, nil, sess0.dup) { |ssl|
-+      server_connect_with_session(port, cctx, sess0.dup) { |ssl|
-         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
-         assert_equal true, ssl.session_reused?
-         ssl.session
-@@ -328,7 +332,7 @@ def test_ctx_server_session_cb
- 
-       # External cache hit
-       connections = 2
--      sess2 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
-+      sess2 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
-         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
-         if !ssl.session_reused? && openssl?(1, 1, 0) && !openssl?(1, 1, 0, 7)
-           # OpenSSL >= 1.1.0, < 1.1.0g
-@@ -355,7 +359,7 @@ def test_ctx_server_session_cb
- 
-       # Cache miss
-       connections = 3
--      sess3 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
-+      sess3 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
-         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
-         assert_equal false, ssl.session_reused?
-         ssl.session
diff --git a/ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch b/ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch
deleted file mode 100644
index fa5ad3eeebde2911316ddfb6c3a83604a7c158ff..0000000000000000000000000000000000000000
--- a/ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch
+++ /dev/null
@@ -1,115 +0,0 @@
-From 584b5929f9b769c4d0b03e322a9fddf2b2dd3454 Mon Sep 17 00:00:00 2001
-From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Sun, 1 Apr 2018 13:02:11 +0000
-Subject: [PATCH] test_time_tz.rb: Kiritimati tzdata fix
-
-* test/ruby/test_time_tz.rb (gen_zdump_test): fix the expected
-  data at the Kiritimati's skip of New Year's Eve 1994.
-  [Bug #14655]
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- test/ruby/test_time_tz.rb | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
-index dfe139033ed3..ac5f81892878 100644
---- a/test/ruby/test_time_tz.rb
-+++ b/test/ruby/test_time_tz.rb
-@@ -364,9 +364,18 @@ def self.gen_zdump_test(data)
- Europe/London  Sun Aug 10 01:00:00 1947 UTC = Sun Aug 10 02:00:00 1947 BST isdst=1 gmtoff=3600
- Europe/London  Sun Nov  2 01:59:59 1947 UTC = Sun Nov  2 02:59:59 1947 BST isdst=1 gmtoff=3600
- Europe/London  Sun Nov  2 02:00:00 1947 UTC = Sun Nov  2 02:00:00 1947 GMT isdst=0 gmtoff=0
-+End
-+  if CORRECT_KIRITIMATI_SKIP_1994
-+    gen_zdump_test <<'End'
-+Pacific/Kiritimati  Sat Dec 31 09:59:59 1994 UTC = Fri Dec 30 23:59:59 1994 LINT isdst=0 gmtoff=-36000
-+Pacific/Kiritimati  Sat Dec 31 10:00:00 1994 UTC = Sun Jan  1 00:00:00 1995 LINT isdst=0 gmtoff=50400
-+End
-+  else
-+    gen_zdump_test <<'End'
- Pacific/Kiritimati  Sun Jan  1 09:59:59 1995 UTC = Sat Dec 31 23:59:59 1994 LINT isdst=0 gmtoff=-36000
- Pacific/Kiritimati  Sun Jan  1 10:00:00 1995 UTC = Mon Jan  2 00:00:00 1995 LINT isdst=0 gmtoff=50400
- End
-+  end
-   gen_zdump_test <<'End' if has_right_tz
- right/America/Los_Angeles  Fri Jun 30 23:59:60 1972 UTC = Fri Jun 30 16:59:60 1972 PDT isdst=1 gmtoff=-25200
- right/America/Los_Angeles  Wed Dec 31 23:59:60 2008 UTC = Wed Dec 31 15:59:60 2008 PST isdst=0 gmtoff=-28800
---
-
-From 2965c2d4df78e6f5acf8759f84c88ce14a4e70f1 Mon Sep 17 00:00:00 2001
-From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Sun, 1 Apr 2018 02:00:36 +0000
-Subject: [PATCH] test_time_tz.rb: Kiritimati tzdata fix
-
-* test/ruby/test_time_tz.rb (TestTimeTZ#test_pacific_kiritimati):
-  fix the expected data at the skip of New Year's Eve 1994.
-  [Bug #14655]
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63054 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- test/ruby/test_time_tz.rb | 17 ++++++++++++++---
- 1 file changed, 14 insertions(+), 3 deletions(-)
-
-diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
-index 39b830d28a3d..dfe139033ed3 100644
---- a/test/ruby/test_time_tz.rb
-+++ b/test/ruby/test_time_tz.rb
-@@ -89,6 +89,9 @@ def group_by(e, &block)
-       Time.local(1951, 5, 6, 1, 0, 0).dst?   # DST with fixed tzdata
-     end
-   }
-+  CORRECT_KIRITIMATI_SKIP_1994 = with_tz("Pacific/Kiritimati") {
-+    Time.local(1994, 12, 31, 0, 0, 0).year == 1995
-+  }
- 
-   def time_to_s(t)
-     t.to_s
-@@ -178,9 +181,17 @@ def test_europe_lisbon
- 
-   def test_pacific_kiritimati
-     with_tz(tz="Pacific/Kiritimati") {
--      assert_time_constructor(tz, "1994-12-31 23:59:59 -1000", :local, [1994,12,31,23,59,59])
--      assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,1,0,0,0])
--      assert_time_constructor(tz, "1995-01-02 23:59:59 +1400", :local, [1995,1,1,23,59,59])
-+      assert_time_constructor(tz, "1994-12-30 00:00:00 -1000", :local, [1994,12,30,0,0,0])
-+      assert_time_constructor(tz, "1994-12-30 23:59:59 -1000", :local, [1994,12,30,23,59,59])
-+      if CORRECT_KIRITIMATI_SKIP_1994
-+        assert_time_constructor(tz, "1995-01-01 00:00:00 +1400", :local, [1994,12,31,0,0,0])
-+        assert_time_constructor(tz, "1995-01-01 23:59:59 +1400", :local, [1994,12,31,23,59,59])
-+        assert_time_constructor(tz, "1995-01-01 00:00:00 +1400", :local, [1995,1,1,0,0,0])
-+      else
-+        assert_time_constructor(tz, "1994-12-31 23:59:59 -1000", :local, [1994,12,31,23,59,59])
-+        assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,1,0,0,0])
-+        assert_time_constructor(tz, "1995-01-02 23:59:59 +1400", :local, [1995,1,1,23,59,59])
-+      end
-       assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,2,0,0,0])
-     }
-   end
---
-
-From a0e6607a8172f9eaf9a15f03065736deb2035771 Mon Sep 17 00:00:00 2001
-From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Sun, 1 Apr 2018 13:16:14 +0000
-Subject: [PATCH] test_time_tz.rb: Lisbon tzdata fix
-
-* test/ruby/test_time_tz.rb (gen_variational_zdump_test): Update
-  Lisbon zdump data, which fixed the 1912-01-01 transition for
-  Portugual and its colonies.  [Bug #14655]
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63056 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- test/ruby/test_time_tz.rb | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
-index ac5f81892878..b32caff9c539 100644
---- a/test/ruby/test_time_tz.rb
-+++ b/test/ruby/test_time_tz.rb
-@@ -434,5 +434,6 @@ def self.gen_variational_zdump_test(hint, data)
-   gen_variational_zdump_test "lisbon", <<'End' if has_lisbon_tz
- Europe/Lisbon  Mon Jan  1 00:36:31 1912 UTC = Sun Dec 31 23:59:59 1911 LMT isdst=0 gmtoff=-2192
- Europe/Lisbon  Mon Jan  1 00:36:44 1912 UT = Sun Dec 31 23:59:59 1911 LMT isdst=0 gmtoff=-2205
-+Europe/Lisbon  Sun Dec 31 23:59:59 1911 UT = Sun Dec 31 23:23:14 1911 LMT isdst=0 gmtoff=-2205
- End
- end
diff --git a/ruby-2.5.1.tar.xz b/ruby-2.5.8.tar.xz
similarity index 57%
rename from ruby-2.5.1.tar.xz
rename to ruby-2.5.8.tar.xz
index 13f57b7ee481db128ab1a2fccfb458b9cad53ef9..fdb92ecfe24c803234a58622df9277ad4680710e 100644
Binary files a/ruby-2.5.1.tar.xz and b/ruby-2.5.8.tar.xz differ
diff --git a/ruby-2.6.0-Try-to-update-cert.patch b/ruby-2.6.0-Try-to-update-cert.patch
deleted file mode 100644
index fff6349dbc7dec96b0c3002ddbf894e291df8f5d..0000000000000000000000000000000000000000
--- a/ruby-2.6.0-Try-to-update-cert.patch
+++ /dev/null
@@ -1,501 +0,0 @@
-From f234e6c3d3170f37508e214cdaef78d4b2584e5a Mon Sep 17 00:00:00 2001
-From: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 2 Jan 2019 03:08:20 +0000
-Subject: [PATCH 1/2] Try to update cert
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- test/net/fixtures/cacert.pem |  86 +++++++-------------------
- test/net/fixtures/server.crt | 113 +++++++++++++++++++++++------------
- test/net/fixtures/server.key |  43 ++++++++-----
- 3 files changed, 124 insertions(+), 118 deletions(-)
-
-diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
-index 7073387877..f623bd62ed 100644
---- a/test/net/fixtures/cacert.pem
-+++ b/test/net/fixtures/cacert.pem
-@@ -1,66 +1,24 @@
--Certificate:
--    Data:
--        Version: 3 (0x2)
--        Serial Number:
--            b9:90:a2:bf:62:69:17:9c
--        Signature Algorithm: sha1WithRSAEncryption
--        Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
--        Validity
--            Not Before: Jan  3 01:34:17 2014 GMT
--            Not After : Jan  2 01:34:17 2019 GMT
--        Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
--        Subject Public Key Info:
--            Public Key Algorithm: rsaEncryption
--            RSA Public Key: (1024 bit)
--                Modulus (1024 bit):
--                    00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6:
--                    bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be:
--                    9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13:
--                    9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5:
--                    b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40:
--                    0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d:
--                    a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89:
--                    af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6:
--                    d0:fc:d6:eb:fc:06:82:10:fb
--                Exponent: 65537 (0x10001)
--        X509v3 extensions:
--            X509v3 Subject Key Identifier: 
--                E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2
--            X509v3 Authority Key Identifier: 
--                keyid:E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2
--                DirName:/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org
--                serial:B9:90:A2:BF:62:69:17:9C
--
--            X509v3 Basic Constraints: 
--                CA:TRUE
--    Signature Algorithm: sha1WithRSAEncryption
--        8f:77:06:4e:31:72:12:ee:68:09:70:27:d4:31:85:ef:10:95:
--        f9:0f:2b:66:63:08:37:88:6e:b7:9b:40:3e:18:77:33:86:e8:
--        61:6a:b7:3c:cb:c7:a6:d6:d5:92:6a:1f:56:d0:9f:5c:32:56:
--        d3:37:52:fe:0e:20:c2:7a:0d:fe:2d:3c:81:da:b8:7f:4d:6a:
--        08:01:d9:be:7a:a2:15:be:a6:ce:49:64:90:8c:9a:ca:6e:2e:
--        84:48:1d:94:19:56:94:46:aa:25:9b:68:c2:80:60:bf:cb:2e:
--        35:03:ea:0a:65:5a:33:38:c6:cc:81:46:c0:bc:36:86:96:39:
--        10:7d
- -----BEGIN CERTIFICATE-----
--MIIDjTCCAvagAwIBAgIJALmQor9iaRecMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD
--VQQGEwJKUDEQMA4GA1UECBMHU2hpbWFuZTEUMBIGA1UEBxMLTWF0ei1lIGNpdHkx
--FzAVBgNVBAoTDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDEwxSdWJ5IFRlc3QgQ0Ex
--JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTQwMTAz
--MDEzNDE3WhcNMTkwMTAyMDEzNDE3WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT
--B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv
--cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
--ZWN1cml0eUBydWJ5LWxhbmcub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
--gQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv70BpBrLJE51+
--66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl9Ny7XaVBYOep
--dLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQABo4H0MIHxMB0G
--A1UdDgQWBBToflisE3sDIo2erzILhImAgAwewjCBwQYDVR0jBIG5MIG2gBToflis
--E3sDIo2erzILhImAgAwewqGBkqSBjzCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT
--B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv
--cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
--ZWN1cml0eUBydWJ5LWxhbmcub3JnggkAuZCiv2JpF5wwDAYDVR0TBAUwAwEB/zAN
--BgkqhkiG9w0BAQUFAAOBgQCPdwZOMXIS7mgJcCfUMYXvEJX5DytmYwg3iG63m0A+
--GHczhuhharc8y8em1tWSah9W0J9cMlbTN1L+DiDCeg3+LTyB2rh/TWoIAdm+eqIV
--vqbOSWSQjJrKbi6ESB2UGVaURqolm2jCgGC/yy41A+oKZVozOMbMgUbAvDaGljkQ
--fQ==
-+MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
-+VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
-+MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
-+B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
-+cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
-+ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-+CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
-+SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
-+3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
-+BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
-+2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
-+WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
-+I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
-+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
-+of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
-+aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
-+2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
-+uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
-+K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
-+mA==
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
-index fa4f99493a..817ecc222c 100644
---- a/test/net/fixtures/server.crt
-+++ b/test/net/fixtures/server.crt
-@@ -1,48 +1,83 @@
- Certificate:
-     Data:
--        Version: 1 (0x0)
--        Serial Number: 0 (0x0)
--        Signature Algorithm: sha1WithRSAEncryption
-+        Version: 3 (0x2)
-+        Serial Number: 1 (0x1)
-+    Signature Algorithm: sha256WithRSAEncryption
-         Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Validity
--            Not Before: Jan  3 01:34:17 2014 GMT
--            Not After : Jan  2 01:34:17 2019 GMT
--        Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
-+            Not Before: Jan  2 03:06:53 2019 GMT
-+            Not After : Jan  1 03:06:53 2024 GMT
-+        Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Subject Public Key Info:
-             Public Key Algorithm: rsaEncryption
--            RSA Public Key: (1024 bit)
--                Modulus (1024 bit):
--                    00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6:
--                    bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be:
--                    9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13:
--                    9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5:
--                    b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40:
--                    0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d:
--                    a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89:
--                    af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6:
--                    d0:fc:d6:eb:fc:06:82:10:fb
-+                Public-Key: (2048 bit)
-+                Modulus:
-+                    00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86:
-+                    c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68:
-+                    7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87:
-+                    e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71:
-+                    3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be:
-+                    c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3:
-+                    7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd:
-+                    0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57:
-+                    d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc:
-+                    90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84:
-+                    0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0:
-+                    7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f:
-+                    72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1:
-+                    dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd:
-+                    fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e:
-+                    14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de:
-+                    ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82:
-+                    96:a9
-                 Exponent: 65537 (0x10001)
--    Signature Algorithm: sha1WithRSAEncryption
--        85:f5:d3:05:8b:8c:f4:43:1c:88:f2:8f:b2:f2:93:77:b7:3d:
--        95:c6:a0:34:bc:33:6a:d8:85:5f:3e:86:08:10:c5:5c:c1:76:
--        a3:53:3c:dc:38:98:23:97:e7:da:21:ac:e8:4d:3c:96:70:29:
--        ff:ff:1e:4a:9a:17:2b:db:04:62:b9:ef:ab:ea:a7:a5:e8:7c:
--        b1:d5:ed:30:a8:6c:78:de:51:7e:e3:8a:c2:a4:64:a8:63:a2:
--        bc:fd:43:9c:f3:55:7d:54:c9:6a:d8:53:1c:4b:6b:03:aa:b6:
--        19:e6:a4:4f:47:00:96:c5:42:59:85:4e:c3:4e:cd:41:82:53:
--        10:f8
-+        X509v3 extensions:
-+            X509v3 Basic Constraints: 
-+                CA:FALSE
-+            Netscape Comment: 
-+                OpenSSL Generated Certificate
-+            X509v3 Subject Key Identifier: 
-+                F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43
-+            X509v3 Authority Key Identifier: 
-+                keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
-+
-+    Signature Algorithm: sha256WithRSAEncryption
-+         02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19:
-+         3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4:
-+         28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42:
-+         08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7:
-+         fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea:
-+         86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75:
-+         26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45:
-+         ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87:
-+         2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06:
-+         5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d:
-+         bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27:
-+         f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07:
-+         fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5:
-+         8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87:
-+         9d:64:28:ce
- -----BEGIN CERTIFICATE-----
--MIICXDCCAcUCAQAwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
--VQQIEwdTaGltYW5lMRQwEgYDVQQHEwtNYXR6LWUgY2l0eTEXMBUGA1UEChMOUnVi
--eSBDb3JlIFRlYW0xFTATBgNVBAMTDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
--ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0xNDAxMDMwMTM0MTdaFw0xOTAx
--MDIwMTM0MTdaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIEwdTaGltYW5lMRcwFQYD
--VQQKEw5SdWJ5IENvcmUgVGVhbTESMBAGA1UECxMJUnVieSBUZXN0MRIwEAYDVQQD
--Ewlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANt10EXesd+/
--caAOsKXmvPQcneUlZ2TFe8vxr8a+mqrqfg/MBa/vQGkGsskTnX7rogbi6n0Hx8eZ
--x/vVuOtjd2IrGBLDU1jQ9cdADAHRJoI0Fgnj3GX03LtdpUFg56l0utdMtqOcxYyJ
--r8vonwX+6v5kJL/n7eP20PzW6/wGghD7AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEA
--hfXTBYuM9EMciPKPsvKTd7c9lcagNLwzatiFXz6GCBDFXMF2o1M83DiYI5fn2iGs
--6E08lnAp//8eSpoXK9sEYrnvq+qnpeh8sdXtMKhseN5RfuOKwqRkqGOivP1DnPNV
--fVTJathTHEtrA6q2GeakT0cAlsVCWYVOw07NQYJTEPg=
-+MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
-+EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
-+DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
-+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX
-+DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG
-+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m
-+u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W
-+vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI
-+Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT
-+Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI
-+BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5
-+MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl
-+cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME
-+GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK
-+Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx
-+DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2
-+Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN
-+/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS
-+SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm
-+gJGByxo9tY6HnWQozg==
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
-index 7c57546ece..1e73232728 100644
---- a/test/net/fixtures/server.key
-+++ b/test/net/fixtures/server.key
-@@ -1,15 +1,28 @@
-------BEGIN RSA PRIVATE KEY-----
--MIICXQIBAAKBgQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv
--70BpBrLJE51+66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl
--9Ny7XaVBYOepdLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQAB
--AoGAGtYHR+P5gFDaxiXFuCPFC1zMeg7e29XCU6gURIteQnQ2QhxCvcbV64HkLu51
--HeYWhB0Pa4aeCWxmpgb2e+JH4MEoIjeJSGyZQeqwkQLgWJDdvkgWx5am58QzA60I
--ipkZ9QHcPffSs5RiGx4yfr58KqAmwFphGCY8W7v4LqaENdECQQD9H5VTW9g4gj1c
--j3uNYvSI/D7a9P7gfI+ziczuwMm5xsBx3D/t5TAr3SJKNne3sl1E6ZERCUbzxf+C
--k58EiHx1AkEA3fRLGqDOq7EcQhbjTcA/v/t5MwlGEUsS9+XrqOWn50YuoIwRZJ3v
--qHRQzfQfFNklGtfBvwQ4md3irXjMeGVprwJBAMEAuwiDiHuV+xm/ofKtmE13IKot
--ksYy1BOOp/8IawhHXueyi+BmF/PqOkIiA+jCjNGF0oIN89beizPSQbbgJx0CQG/K
--qL1bu1ys0y/SeWBi8XkP/0aeaCUzq/UiYCTsrzoEll2UzvnftqMhGsXxLGqCyHaR
--r2s3hA6zvIVlL4+AfM8CQQClq+WDrC5VKciLYakZNWJjV1m+H2Ut/0fXdUjKHajE
--FWLcsrOhADf6bkTb71GwPxnKRkkRmud5upP0ZYYTqM4X
-------END RSA PRIVATE KEY-----
-+-----BEGIN PRIVATE KEY-----
-+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k
-+339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu
-+cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l
-+//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT
-+XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP
-+CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym
-+WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM
-+BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9
-+fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j
-+hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T
-+uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q
-+8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB
-+s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z
-+AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl
-+lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x
-+u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm
-+gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr
-+45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN
-+W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM
-+spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3
-+bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW
-+uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox
-+kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+
-+XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE
-+bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml
-+uCiVeqoPl+JIg4m8Tz76XWo=
-+-----END PRIVATE KEY-----
--- 
-2.20.1
-
-
-From 1e0b49a293d3792826c67b7e05c5fcbd09c9ea6e Mon Sep 17 00:00:00 2001
-From: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 2 Jan 2019 03:29:01 +0000
-Subject: [PATCH 2/2] Try to update cert (2nd try)
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- test/net/fixtures/server.crt | 115 +++++++++++++++++------------------
- test/net/fixtures/server.key |  52 ++++++++--------
- 2 files changed, 83 insertions(+), 84 deletions(-)
-
-diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
-index 817ecc222c..5ca78a6d14 100644
---- a/test/net/fixtures/server.crt
-+++ b/test/net/fixtures/server.crt
-@@ -1,35 +1,35 @@
- Certificate:
-     Data:
-         Version: 3 (0x2)
--        Serial Number: 1 (0x1)
-+        Serial Number: 2 (0x2)
-     Signature Algorithm: sha256WithRSAEncryption
-         Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-         Validity
--            Not Before: Jan  2 03:06:53 2019 GMT
--            Not After : Jan  1 03:06:53 2024 GMT
--        Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
-+            Not Before: Jan  2 03:27:13 2019 GMT
-+            Not After : Jan  1 03:27:13 2024 GMT
-+        Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
-         Subject Public Key Info:
-             Public Key Algorithm: rsaEncryption
-                 Public-Key: (2048 bit)
-                 Modulus:
--                    00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86:
--                    c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68:
--                    7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87:
--                    e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71:
--                    3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be:
--                    c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3:
--                    7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd:
--                    0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57:
--                    d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc:
--                    90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84:
--                    0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0:
--                    7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f:
--                    72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1:
--                    dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd:
--                    fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e:
--                    14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de:
--                    ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82:
--                    96:a9
-+                    00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
-+                    9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
-+                    e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
-+                    7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
-+                    cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
-+                    0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
-+                    bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
-+                    74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
-+                    8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
-+                    40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
-+                    47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
-+                    79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
-+                    02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
-+                    de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
-+                    86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
-+                    e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
-+                    74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
-+                    4f:41
-                 Exponent: 65537 (0x10001)
-         X509v3 extensions:
-             X509v3 Basic Constraints: 
-@@ -37,47 +37,46 @@ Certificate:
-             Netscape Comment: 
-                 OpenSSL Generated Certificate
-             X509v3 Subject Key Identifier: 
--                F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43
-+                ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
-             X509v3 Authority Key Identifier: 
-                 keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
- 
-     Signature Algorithm: sha256WithRSAEncryption
--         02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19:
--         3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4:
--         28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42:
--         08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7:
--         fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea:
--         86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75:
--         26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45:
--         ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87:
--         2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06:
--         5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d:
--         bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27:
--         f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07:
--         fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5:
--         8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87:
--         9d:64:28:ce
-+         1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
-+         ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
-+         2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
-+         fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
-+         56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
-+         04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
-+         89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
-+         93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
-+         d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
-+         1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
-+         1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
-+         5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
-+         63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
-+         da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
-+         fd:be:bd:6e
- -----BEGIN CERTIFICATE-----
--MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
-+MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
- EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
- DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
--hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX
--DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
--FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
--JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG
--SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m
--u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W
--vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI
--Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT
--Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI
--BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5
--MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl
--cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME
--GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK
--Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx
--DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2
--Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN
--/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS
--SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm
--gJGByxo9tY6HnWQozg==
-+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
-+DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
-+BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-+AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
-+zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
-+VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
-+wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
-+sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
-+dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
-+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
-+wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
-++J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
-+y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
-+EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
-+Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
-+oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
-+28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
- -----END CERTIFICATE-----
-diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
-index 1e73232728..7f2380e71e 100644
---- a/test/net/fixtures/server.key
-+++ b/test/net/fixtures/server.key
-@@ -1,28 +1,28 @@
- -----BEGIN PRIVATE KEY-----
--MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k
--339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu
--cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l
--//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT
--XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP
--CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym
--WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM
--BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9
--fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j
--hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T
--uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q
--8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB
--s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z
--AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl
--lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x
--u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm
--gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr
--45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN
--W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM
--spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3
--bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW
--uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox
--kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+
--XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE
--bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml
--uCiVeqoPl+JIg4m8Tz76XWo=
-+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
-+XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
-+Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
-+6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
-+cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
-+n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
-+/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
-+DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
-+LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
-+QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
-+hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
-+1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
-+liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
-+U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
-+pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
-+A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
-+ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
-+oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
-+gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
-+xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
-+kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
-+uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
-+y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
-+g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
-+wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
-+2whRF0FEjKA8ehrNhAq+VFfFNw==
- -----END PRIVATE KEY-----
--- 
-2.20.1
diff --git a/ruby-2.6.0-fix-test-failure-with-TLS-1.3.patch b/ruby-2.6.0-fix-test-failure-with-TLS-1.3.patch
deleted file mode 100644
index 3e62a5b702de820dbd5ae720683ce087c2944c2b..0000000000000000000000000000000000000000
--- a/ruby-2.6.0-fix-test-failure-with-TLS-1.3.patch
+++ /dev/null
@@ -1,203 +0,0 @@
-From 6fcc6c0efc42d1c6325cf4bb0ca16e2a448cdbed Mon Sep 17 00:00:00 2001
-From: Kazuki Yamaguchi <k@rhe.jp>
-Date: Mon, 6 Aug 2018 20:51:42 +0900
-Subject: [PATCH] test/test_ssl: fix test failure with TLS 1.3
-
-SSL_connect() on the client side may return before SSL_accept() on
-server side returns. This will fix test failures with OpenSSL's current
-master.
----
- test/openssl/test_ssl.rb         | 45 ++++++++++++++++++++++++++--------------
- test/openssl/test_ssl_session.rb |  1 +
- 2 files changed, 31 insertions(+), 15 deletions(-)
-
-diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
-index 7bb32adf..408c7d82 100644
---- a/test/openssl/test_ssl.rb
-+++ b/test/openssl/test_ssl.rb
-@@ -47,6 +47,8 @@ def test_ssl_with_server_cert
-         assert_equal 2, ssl.peer_cert_chain.size
-         assert_equal @svr_cert.to_der, ssl.peer_cert_chain[0].to_der
-         assert_equal @ca_cert.to_der, ssl.peer_cert_chain[1].to_der
-+
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       ensure
-         ssl&.close
-         sock&.close
-@@ -157,6 +159,7 @@ def test_sync_close
-         sock = TCPSocket.new("127.0.0.1", port)
-         ssl = OpenSSL::SSL::SSLSocket.new(sock)
-         ssl.connect
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-         ssl.close
-         assert_not_predicate sock, :closed?
-       ensure
-@@ -168,6 +171,7 @@ def test_sync_close
-         ssl = OpenSSL::SSL::SSLSocket.new(sock)
-         ssl.sync_close = true  # !!
-         ssl.connect
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-         ssl.close
-         assert_predicate sock, :closed?
-       ensure
-@@ -259,7 +263,10 @@ def test_client_ca
-         client_ca_from_server = sslconn.client_ca
-         [@cli_cert, @cli_key]
-       end
--      server_connect(port, ctx) { |ssl| assert_equal([@ca], client_ca_from_server) }
-+      server_connect(port, ctx) { |ssl|
-+        assert_equal([@ca], client_ca_from_server)
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-+      }
-     }
-   end
- 
-@@ -356,21 +363,16 @@ def test_verify_result
-     }
- 
-     start_server { |port|
--      sock = TCPSocket.new("127.0.0.1", port)
-       ctx = OpenSSL::SSL::SSLContext.new
-       ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
-       ctx.verify_callback = Proc.new do |preverify_ok, store_ctx|
-         store_ctx.error = OpenSSL::X509::V_OK
-         true
-       end
--      ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
--      ssl.sync_close = true
--      begin
--        ssl.connect
-+      server_connect(port, ctx) { |ssl|
-         assert_equal(OpenSSL::X509::V_OK, ssl.verify_result)
--      ensure
--        ssl.close
--      end
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-+      }
-     }
- 
-     start_server(ignore_listener_error: true) { |port|
-@@ -455,6 +457,8 @@ def test_post_connection_check
- 
-     start_server { |port|
-       server_connect(port) { |ssl|
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-+
-         assert_raise(sslerr){ssl.post_connection_check("localhost.localdomain")}
-         assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
-         assert(ssl.post_connection_check("localhost"))
-@@ -476,6 +482,8 @@ def test_post_connection_check
-     @svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
-     start_server { |port|
-       server_connect(port) { |ssl|
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-+
-         assert(ssl.post_connection_check("localhost.localdomain"))
-         assert(ssl.post_connection_check("127.0.0.1"))
-         assert_raise(sslerr){ssl.post_connection_check("localhost")}
-@@ -496,6 +502,8 @@ def test_post_connection_check
-     @svr_cert = issue_cert(@svr, @svr_key, 5, exts, @ca_cert, @ca_key)
-     start_server { |port|
-       server_connect(port) { |ssl|
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-+
-         assert(ssl.post_connection_check("localhost.localdomain"))
-         assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
-         assert_raise(sslerr){ssl.post_connection_check("localhost")}
-@@ -722,6 +730,8 @@ def test_tlsext_hostname
-         ssl.connect
-         assert_equal @cli_cert.serial, ssl.peer_cert.serial
-         assert_predicate fooctx, :frozen?
-+
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       ensure
-         ssl&.close
-         sock.close
-@@ -733,6 +743,8 @@ def test_tlsext_hostname
-         ssl.hostname = "bar.example.com"
-         ssl.connect
-         assert_equal @svr_cert.serial, ssl.peer_cert.serial
-+
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       ensure
-         ssl&.close
-         sock.close
-@@ -805,7 +817,8 @@ def test_verify_hostname_on_connect
-           ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
-           ssl.hostname = name
-           if expected_ok
--            assert_nothing_raised { ssl.connect }
-+            ssl.connect
-+            ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-           else
-             assert_handshake_error { ssl.connect }
-           end
-@@ -1086,6 +1099,7 @@ def test_renegotiation_cb
-     start_server_version(:SSLv23, ctx_proc) { |port|
-       server_connect(port) { |ssl|
-         assert_equal(1, num_handshakes)
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       }
-     }
-   end
-@@ -1104,6 +1118,7 @@ def test_alpn_protocol_selection_ary
-       ctx.alpn_protocols = advertised
-       server_connect(port, ctx) { |ssl|
-         assert_equal(advertised.first, ssl.alpn_protocol)
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       }
-     }
-   end
-@@ -1226,14 +1241,11 @@ def test_npn_selected_protocol_too_long
-   end
- 
-   def test_close_after_socket_close
--    server_proc = proc { |ctx, ssl|
--      # Do nothing
--    }
--    start_server(server_proc: server_proc) { |port|
-+    start_server { |port|
-       sock = TCPSocket.new("127.0.0.1", port)
-       ssl = OpenSSL::SSL::SSLSocket.new(sock)
--      ssl.sync_close = true
-       ssl.connect
-+      ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       sock.close
-       assert_nothing_raised do
-         ssl.close
-@@ -1298,6 +1310,7 @@ def test_get_ephemeral_key
-         ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
-         server_connect(port, ctx) { |ssl|
-           assert_instance_of OpenSSL::PKey::EC, ssl.tmp_key
-+          ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-         }
-       end
-     end
-@@ -1440,6 +1453,7 @@ def test_ecdh_curves
-             assert_equal "secp384r1", ssl.tmp_key.group.curve_name
-           end
-         end
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-       }
- 
-       if openssl?(1, 0, 2) || libressl?(2, 5, 1)
-@@ -1455,6 +1469,7 @@ def test_ecdh_curves
- 
-         server_connect(port, ctx) { |ssl|
-           assert_equal "secp521r1", ssl.tmp_key.group.curve_name
-+          ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-         }
-       end
-     end
-diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb
-index 6db0c2d1..78b160ed 100644
---- a/test/openssl/test_ssl_session.rb
-+++ b/test/openssl/test_ssl_session.rb
-@@ -113,6 +113,7 @@ def test_resumption
-     non_resumable = nil
-     start_server { |port|
-       server_connect_with_session(port, nil, nil) { |ssl|
-+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
-         non_resumable = ssl.session
-       }
-     }
diff --git a/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch b/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
deleted file mode 100644
index 707dbd771b24ef8fdb2eb3f699e0263defec50cc..0000000000000000000000000000000000000000
--- a/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
+++ /dev/null
@@ -1,157 +0,0 @@
-From 1dfc377ae3b174b043d3f0ed36de57b0296b34d0 Mon Sep 17 00:00:00 2001
-From: rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Wed, 8 Aug 2018 14:13:55 +0000
-Subject: [PATCH] net/http, net/ftp: fix session resumption with TLS 1.3
-
-When TLS 1.3 is in use, the session ticket may not have been sent yet
-even though a handshake has finished. Also, the ticket could change if
-multiple session ticket messages are sent by the server. Use
-SSLContext#session_new_cb instead of calling SSLSocket#session
-immediately after a handshake. This way also works with earlier protocol
-versions.
-
-git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
----
- lib/net/ftp.rb              |  5 ++++-
- lib/net/http.rb             |  7 +++++--
- test/net/http/test_https.rb | 35 ++++++++++-------------------------
- 3 files changed, 19 insertions(+), 28 deletions(-)
-
-diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
-index c3ee47ef4d36..9902f9dc657a 100644
---- a/lib/net/ftp.rb
-+++ b/lib/net/ftp.rb
-@@ -230,6 +230,10 @@ def initialize(host = nil, user_or_options = {}, passwd = nil, acct = nil)
-         if defined?(VerifyCallbackProc)
-           @ssl_context.verify_callback = VerifyCallbackProc
-         end
-+        @ssl_context.session_cache_mode =
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE
-+        @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess }
-         @ssl_session = nil
-         if options[:private_data_connection].nil?
-           @private_data_connection = true
-@@ -349,7 +353,6 @@ def start_tls_session(sock)
-       if @ssl_context.verify_mode != VERIFY_NONE
-         ssl_sock.post_connection_check(@host)
-       end
--      @ssl_session = ssl_sock.session
-       return ssl_sock
-     end
-     private :start_tls_session
-diff --git a/lib/net/http.rb b/lib/net/http.rb
-index 281b15cedff0..683a884f5dbe 100644
---- a/lib/net/http.rb
-+++ b/lib/net/http.rb
-@@ -983,6 +983,10 @@ def connect
-         end
-         @ssl_context = OpenSSL::SSL::SSLContext.new
-         @ssl_context.set_params(ssl_parameters)
-+        @ssl_context.session_cache_mode =
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
-+          OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE
-+        @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess }
-         D "starting SSL for #{conn_address}:#{conn_port}..."
-         s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
-         s.sync_close = true
-@@ -990,13 +994,12 @@ def connect
-         s.hostname = @address if s.respond_to? :hostname=
-         if @ssl_session and
-            Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout
--          s.session = @ssl_session if @ssl_session
-+          s.session = @ssl_session
-         end
-         ssl_socket_connect(s, @open_timeout)
-         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
-           s.post_connection_check(@address)
-         end
--        @ssl_session = s.session
-         D "SSL established"
-       end
-       @socket = BufferedIO.new(s, read_timeout: @read_timeout,
-diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb
-index 8004d5c5f29f..a5182a1fe9db 100644
---- a/test/net/http/test_https.rb
-+++ b/test/net/http/test_https.rb
-@@ -71,20 +71,11 @@ def test_session_reuse
-     http.get("/")
-     http.finish
- 
--    http.start
--    http.get("/")
--    http.finish # three times due to possible bug in OpenSSL 0.9.8
--
--    sid = http.instance_variable_get(:@ssl_session).id
--
-     http.start
-     http.get("/")
- 
-     socket = http.instance_variable_get(:@socket).io
--
--    assert socket.session_reused?
--
--    assert_equal sid, http.instance_variable_get(:@ssl_session).id
-+    assert_equal true, socket.session_reused?
- 
-     http.finish
-   rescue SystemCallError
-@@ -101,16 +92,12 @@ def test_session_reuse_but_expire
-     http.get("/")
-     http.finish
- 
--    sid = http.instance_variable_get(:@ssl_session).id
--
-     http.start
-     http.get("/")
- 
-     socket = http.instance_variable_get(:@socket).io
-     assert_equal false, socket.session_reused?
- 
--    assert_not_equal sid, http.instance_variable_get(:@ssl_session).id
--
-     http.finish
-   rescue SystemCallError
-     skip $!
-@@ -160,15 +147,16 @@ def test_certificate_verify_failure
-   end
- 
-   def test_identity_verify_failure
-+    # the certificate's subject has CN=localhost
-     http = Net::HTTP.new("127.0.0.1", config("port"))
-     http.use_ssl = true
--    http.verify_callback = Proc.new do |preverify_ok, store_ctx|
--      true
--    end
-+    http.cert_store = TEST_STORE
-+    @log_tester = lambda {|_| }
-     ex = assert_raise(OpenSSL::SSL::SSLError){
-       http.request_get("/") {|res| }
-     }
--    assert_match(/hostname \"127.0.0.1\" does not match/, ex.message)
-+    re_msg = /certificate verify failed|hostname \"127.0.0.1\" does not match/
-+    assert_match(re_msg, ex.message)
-   end
- 
-   def test_timeout_during_SSL_handshake
-@@ -193,16 +181,13 @@ def test_timeout_during_SSL_handshake
-   end
- 
-   def test_min_version
--    http = Net::HTTP.new("127.0.0.1", config("port"))
-+    http = Net::HTTP.new("localhost", config("port"))
-     http.use_ssl = true
-     http.min_version = :TLS1
--    http.verify_callback = Proc.new do |preverify_ok, store_ctx|
--      true
--    end
--    ex = assert_raise(OpenSSL::SSL::SSLError){
--      http.request_get("/") {|res| }
-+    http.cert_store = TEST_STORE
-+    http.request_get("/") {|res|
-+      assert_equal($test_net_http_data, res.body)
-     }
--    assert_match(/hostname \"127.0.0.1\" does not match/, ex.message)
-   end
- 
-   def test_max_version
diff --git a/ruby-CVE-2018-16395.patch b/ruby-CVE-2018-16395.patch
deleted file mode 100644
index 040510b8e6ed8e43ad51cc389b9c0ec649bcddd9..0000000000000000000000000000000000000000
--- a/ruby-CVE-2018-16395.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From cbe558bbcc1f20573fd2667f210a44eb83dec241 Mon Sep 17 00:00:00 2001
-From: shenyining <shenyining@huawei.com>
-Date: Thu, 21 Mar 2019 19:42:01 +0800
-Subject: [PATCH] fix CVE-2018-16395
-patch url:
-https://github.com/ruby/ruby/commit/93bc10272734cbbb9197470ca629cc4ea019f6f0
-https://hackerone.com/reports/387250
-CVE:
-https://nvd.nist.gov/vuln/detail/CVE-2018-16395
-https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/
-
-Signed-off-by: shenyining <shenyining@huawei.com>
----
- ext/openssl/ossl_x509name.c   |  2 +-
- test/openssl/test_x509name.rb | 14 ++++++++++++++
- 2 files changed, 15 insertions(+), 1 deletion(-)
-
-diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c
-index c900bcb..15e4bb0 100644
---- a/ext/openssl/ossl_x509name.c
-+++ b/ext/openssl/ossl_x509name.c
-@@ -400,7 +400,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
- 
-     result = ossl_x509name_cmp0(self, other);
-     if (result < 0) return INT2FIX(-1);
--    if (result > 1) return INT2FIX(1);
-+    if (result > 0) return INT2FIX(1);
- 
-     return INT2FIX(0);
- }
-diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb
-index 2d92e64..ae8a8fb 100644
---- a/test/openssl/test_x509name.rb
-+++ b/test/openssl/test_x509name.rb
-@@ -426,10 +426,24 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
-     name0 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]])
-     name1 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]])
-     name2 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "baz.ruby-lang.org"]])
-+    name3 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-langg.org"]])
-+    name4 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bbz.ruby-lang.org"]])
-     assert_equal true, name0 == name1
-     assert_equal true, name0.eql?(name1)
-+    assert_equal true, name1 == name0
-+    assert_equal true, name1.eql?(name0)
-     assert_equal false, name0 == name2
-     assert_equal false, name0.eql?(name2)
-+    assert_equal false, name2 == name0
-+    assert_equal false, name2.eql?(name0)
-+    assert_equal false, name0 == name3
-+    assert_equal false, name0.eql?(name3)
-+    assert_equal false, name3 == name0
-+    assert_equal false, name3.eql?(name0)
-+    assert_equal false, name0 == name4
-+    assert_equal false, name0.eql?(name4)
-+    assert_equal false, name4 == name0
-+    assert_equal false, name4.eql?(name0)
-   end
- 
-   def test_dup
--- 
-1.8.3.1
-
diff --git a/ruby-CVE-2018-16396.patch b/ruby-CVE-2018-16396.patch
deleted file mode 100644
index 7c0c36b3ac86a07ef7b4e31dd73e15bd6649373d..0000000000000000000000000000000000000000
--- a/ruby-CVE-2018-16396.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From 24dc9891be7e97ca351c58bce00c488f5ba7b398 Mon Sep 17 00:00:00 2001
-From: shenyining <shenyining@huawei.com>
-Date: Thu, 21 Mar 2019 20:11:44 +0800
-Subject: [PATCH] fix CVE-2018-16396
-patch url:
-https://github.com/ruby/ruby/commit/4989bad4387ee2e9a7309d51840bc0705a248460
-CVE:
-https://nvd.nist.gov/vuln/detail/CVE-2018-16396
-https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/
-
-Signed-off-by: shenyining <shenyining@huawei.com>
----
- pack.c                 |  7 +++++++
- test/ruby/test_pack.rb | 16 ++++++++++++++++
- 2 files changed, 23 insertions(+)
-
-diff --git a/pack.c b/pack.c
-index 11d26bd..50f3dce 100644
---- a/pack.c
-+++ b/pack.c
-@@ -749,6 +749,7 @@ pack_pack(int argc, VALUE *argv, VALUE ary)
- 	    StringValue(from);
- 	    ptr = RSTRING_PTR(from);
- 	    plen = RSTRING_LEN(from);
-+	    OBJ_INFECT(res, from);
- 
- 	    if (len == 0 && type == 'm') {
- 		encodes(res, ptr, plen, type, 0);
-@@ -776,6 +777,7 @@ pack_pack(int argc, VALUE *argv, VALUE ary)
- 
- 	  case 'M':		/* quoted-printable encoded string */
- 	    from = rb_obj_as_string(NEXTFROM);
-+	    OBJ_INFECT(res, from);
- 	    if (len <= 1)
- 		len = 72;
- 	    qpencode(res, from, len);
-@@ -801,6 +803,7 @@ pack_pack(int argc, VALUE *argv, VALUE ary)
- 		}
- 		else {
- 		    t = StringValuePtr(from);
-+		    OBJ_INFECT(res, from);
- 		    rb_obj_taint(from);
- 		}
- 		if (!associates) {
-@@ -1184,6 +1187,7 @@ pack_unpack_internal(VALUE str, VALUE fmt, int mode)
- 		    len = (send - s) * 8;
- 		bits = 0;
- 		bitstr = rb_usascii_str_new(0, len);
-+		OBJ_INFECT(bitstr, str);
- 		t = RSTRING_PTR(bitstr);
- 		for (i=0; i<len; i++) {
- 		    if (i & 7) bits >>= 1;
-@@ -1205,6 +1209,7 @@ pack_unpack_internal(VALUE str, VALUE fmt, int mode)
- 		    len = (send - s) * 8;
- 		bits = 0;
- 		bitstr = rb_usascii_str_new(0, len);
-+		OBJ_INFECT(bitstr, str);
- 		t = RSTRING_PTR(bitstr);
- 		for (i=0; i<len; i++) {
- 		    if (i & 7) bits <<= 1;
-@@ -1226,6 +1231,7 @@ pack_unpack_internal(VALUE str, VALUE fmt, int mode)
- 		    len = (send - s) * 2;
- 		bits = 0;
- 		bitstr = rb_usascii_str_new(0, len);
-+		OBJ_INFECT(bitstr, str);
- 		t = RSTRING_PTR(bitstr);
- 		for (i=0; i<len; i++) {
- 		    if (i & 1)
-@@ -1249,6 +1255,7 @@ pack_unpack_internal(VALUE str, VALUE fmt, int mode)
- 		    len = (send - s) * 2;
- 		bits = 0;
- 		bitstr = rb_usascii_str_new(0, len);
-+		OBJ_INFECT(bitstr, str);
- 		t = RSTRING_PTR(bitstr);
- 		for (i=0; i<len; i++) {
- 		    if (i & 1)
-diff --git a/test/ruby/test_pack.rb b/test/ruby/test_pack.rb
-index a872bf3..aec4189 100644
---- a/test/ruby/test_pack.rb
-+++ b/test/ruby/test_pack.rb
-@@ -860,4 +860,20 @@ EXPECTED
-     assert_equal "hogefuga", "aG9nZWZ1Z2E=".unpack1("m")
-     assert_equal "01000001", "A".unpack1("B*")
-   end
-+
-+  def test_pack_infection
-+    tainted_array_string = ["123456"]
-+    tainted_array_string.first.taint
-+    ['a', 'A', 'Z', 'B', 'b', 'H', 'h', 'u', 'M', 'm', 'P', 'p'].each do |f|
-+      assert_predicate(tainted_array_string.pack(f), :tainted?)
-+    end
-+  end
-+
-+  def test_unpack_infection
-+    tainted_string = "123456"
-+    tainted_string.taint
-+    ['a', 'A', 'Z', 'B', 'b', 'H', 'h', 'u', 'M', 'm'].each do |f|
-+      assert_predicate(tainted_string.unpack(f).first, :tainted?)
-+    end
-+  end
- end
--- 
-1.8.3.1
diff --git a/ruby.spec b/ruby.spec
index 03b999b9552ee482b382c4abc81ea84bd1b32b0e..78703aeb01aca352ba3f3d172eab8795bf7ab998 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -1,11 +1,11 @@
 Name:      ruby
-Version:   2.5.1
-Release:   107
+Version:   2.5.8
+Release:   1
 Summary:   Object-oriented scripting language interpreter
 License:   (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
-URL:       http://ruby-lang.org/
+URL:       https://www.ruby-lang.org/en/
 
-Source0:   http://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.1.tar.xz
+Source0:   http://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.8.tar.xz
 Source1:   operating_system.rb
 Source2:   libruby.stp
 Source3:   ruby-exercise.stp
@@ -32,26 +32,11 @@ Patch0007: ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch
 Patch0008: ruby-2.2.3-Generate-preludes-using-miniruby.patch
 Patch0009: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
 Patch0010: ruby-2.5.0-Add-Gem.operating_system_defaults.patch
-Patch0011: ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch
-Patch0012: ruby-2.6.0-library-options-to-MAINLIBS.patch
-Patch0013: ruby-2.5.1-Avoid-need-of-C++-compiler-to-pass-the-test-suite.patch
-Patch0014: ruby-2.5.1-Test-fixes-for-OpenSSL-1.1.1.patch
-Patch0015: ruby-2.6.0-fix-test-failure-with-TLS-1.3.patch
-Patch0016: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
-
-Patch6000: ruby-CVE-2018-16395.patch
-Patch6001: ruby-CVE-2018-16396.patch
-Patch6002: ruby-2.6.0-Try-to-update-cert.patch
-Patch6003: CVE-2019-8322-8323-8324-8325.patch
-Patch6004: CVE-2019-15845.patch
-Patch6005: CVE-2019-16201.patch
-Patch6006: CVE-2019-16254.patch
-Patch6007: CVE-2019-16255.patch 
-Patch6008: CVE-2019-19204.patch
-Patch6009: CVE-2019-19246.patch
-Patch6010: CVE-2019-16163.patch
-Patch6011: CVE-2020-10933.patch
-Patch6012: CVE-2020-10663.patch
+Patch0011: ruby-2.6.0-library-options-to-MAINLIBS.patch
+Patch0012: ruby-2.5.1-Avoid-need-of-C++-compiler-to-pass-the-test-suite.patch
+Patch6000: CVE-2019-19204.patch
+Patch6001: CVE-2019-19246.patch
+Patch6002: CVE-2019-16163.patch
 
 Provides:  %{name}-libs = %{version}-%{release}
 Obsoletes: %{name}-libs < %{version}-%{release}
@@ -267,7 +252,7 @@ BuildArch:  noarch
 This package is a lightweight protocol which can enable remote procedure calls over HTTP.
 
 %prep
-%autosetup -n ruby-2.5.1 -p1
+%autosetup -n ruby-2.5.8 -p1
 
 rm -rf ext/psych/yaml
 rm -rf ext/fiddle/libffi*
@@ -321,7 +306,7 @@ install -d %{buildroot}%{_exec_prefix}/lib{,64}/gems/%{name}
 install -d %{buildroot}%{gem_dir}/gems/rdoc-6.0.1/lib
 
 mv %{buildroot}%{ruby_libdir}/rdoc* %{buildroot}%{gem_dir}/gems/rdoc-6.0.1/lib
-mv %{buildroot}%{gem_dir}/specifications/default/rdoc-6.0.1.gemspec %{buildroot}%{gem_dir}/specifications
+mv %{buildroot}%{gem_dir}/specifications/default/rdoc-6.0.1.1.gemspec %{buildroot}%{gem_dir}/specifications
 
 install -d %{buildroot}%{gem_dir}/gems/bigdecimal-1.3.4/lib
 install -d %{buildroot}%{_libdir}/gems/%{name}/bigdecimal-1.3.4
@@ -352,7 +337,7 @@ install -d %{buildroot}%{gem_dir}/gems/openssl-2.1.0/lib
 install -d %{buildroot}%{_libdir}/gems/%{name}/openssl-2.1.0
 mv %{buildroot}%{ruby_libdir}/openssl* %{buildroot}%{gem_dir}/gems/openssl-2.1.0/lib
 mv %{buildroot}%{ruby_libarchdir}/openssl.so %{buildroot}%{_libdir}/gems/%{name}/openssl-2.1.0/
-mv %{buildroot}%{gem_dir}/specifications/default/openssl-2.1.0.gemspec %{buildroot}%{gem_dir}/specifications
+#mv %{buildroot}%{gem_dir}/specifications/default/openssl-2.1.0.gemspec %{buildroot}%{gem_dir}/specifications
 
 install -d %{buildroot}%{ruby_libdir}/openssl
 find %{buildroot}%{gem_dir}/gems/openssl-2.1.0/lib/openssl -maxdepth 1 -type f -exec \
@@ -375,7 +360,7 @@ find %{buildroot}%{gem_dir}/extensions/*-%{_target_os}/2.5.1/* -maxdepth 0 \
 sed -i '/^end$/ i\
   s.extensions = ["json/ext/parser.so", "json/ext/generator.so"]' %{buildroot}%{gem_dir}/specifications/json-2.1.0.gemspec
 
-mv %{buildroot}%{gem_dir}/gems/rake-12.3.0/doc/rake.1 %{buildroot}%{_mandir}/man1
+mv %{buildroot}%{gem_dir}/gems/rake-12.3.3/doc/rake.1 %{buildroot}%{_mandir}/man1
 
 install -d %{buildroot}%{_datadir}/systemtap/tapset
 sed -e "s|@LIBRARY_PATH@|%(echo %{_libdir} | sed 's/64//')*/libruby.so.2.5|" \
@@ -396,7 +381,7 @@ sed -i 's/^/%lang(ja) /' .ruby-doc.ja
 
 %check
 
-[ "`make runruby TESTRUN_SCRIPT='bin/gem -v' | tail -1`" == '2.7.6' ]
+[ "`make runruby TESTRUN_SCRIPT='bin/gem -v' | tail -1`" == '2.7.6.2' ]
 
 [ "`make runruby TESTRUN_SCRIPT=\"-e \\\" module Gem; module Resolver; end; end; \
   require 'rubygems/resolver/molinillo/lib/molinillo/gem_metadata'; \
@@ -497,8 +482,8 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 
 %files -n rubygem-rake
 %{_bindir}/rake
-%{gem_dir}/gems/rake-12.3.0
-%{gem_dir}/specifications/rake-12.3.0.gemspec
+%{gem_dir}/gems/rake-12.3.3
+%{gem_dir}/specifications/rake-12.3.3.gemspec
 
 %files irb
 %{_bindir}/irb
@@ -506,8 +491,8 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 
 %files -n rubygem-rdoc
 %{_bindir}/{rdoc,ri}
-%{gem_dir}/gems/rdoc-6.0.1
-%{gem_dir}/specifications/rdoc-6.0.1.gemspec
+%{gem_dir}/gems/rdoc-6.0.1*
+%{gem_dir}/specifications/rdoc-6.0.1.1.gemspec
 
 %files help -f .ruby-doc.en -f .ruby-doc.ja
 %doc README.md ChangeLog ruby-exercise.stp
@@ -555,7 +540,7 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 %{ruby_libarchdir}/openssl.so
 %{_libdir}/gems/%{name}/openssl-2.1.0
 %{gem_dir}/gems/openssl-2.1.0
-%{gem_dir}/specifications/openssl-2.1.0.gemspec
+#%{gem_dir}/specifications/openssl-2.1.0.gemspec
 
 %files -n rubygem-power_assert
 %{gem_dir}/gems/power_assert-1.1.1
@@ -589,6 +574,12 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 %exclude %{gem_dir}/gems/xmlrpc-0.3.0/.*
 
 %changelog
+* Mon Jul 27 2020 shixuantong <shixuantong@huawei.com> - 2.5.8-1
+- Type:NA
+- ID:NA
+- SUG:NA
+- DESC:update to 2.5.8
+
 *Wed Jul 08 2020 zhangjiapeng <zhangjiapeng9@huawei.com> - 2.5.1-107
 - Type:N/A
 - ID:N/A