diff --git a/rexml-3.3.9.gem b/rexml-3.3.9.gem deleted file mode 100644 index 2a9931d940f4748b7fb59dbc74247c89c2f2d2d4..0000000000000000000000000000000000000000 Binary files a/rexml-3.3.9.gem and /dev/null differ diff --git a/ruby-3.2.5.tar.xz b/ruby-3.2.6.tar.xz similarity index 64% rename from ruby-3.2.5.tar.xz rename to ruby-3.2.6.tar.xz index bb28f2070fb5ae2a9f498d26fbf10b3667c2380d..c450b3189741f829632835e5f3122a118eb916c1 100644 Binary files a/ruby-3.2.5.tar.xz and b/ruby-3.2.6.tar.xz differ diff --git a/ruby.spec b/ruby.spec index 29ad5d16528e980ab217d94870fd28a3c6781968..97d9e8b49466665f22776fa990d7c2671e43d92a 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,4 +1,4 @@ -%global ruby_version 3.2.5 +%global ruby_version 3.2.6 # Bundled libraries versions %global rubygems_version 3.4.19 @@ -21,7 +21,7 @@ %global rbs_version 2.8.2 %global test_unit_version 3.5.7 %global rexml_version 3.3.9 -%global rss_version 0.2.9 +%global rss_version 0.3.1 %global syntax_suggest_version 1.1.0 %global typeprof_version 0.21.3 %global net_ftp_version 0.2.1 @@ -34,7 +34,7 @@ Name: ruby Version: %{ruby_version} -Release: 148 +Release: 149 Summary: Object-oriented scripting language interpreter License: (Ruby OR BSD-2-Clause) AND (Ruby OR BSD-2-Clause OR GPL-1.0-or-later) AND BSD-3-Clause AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND ISC AND Public Domain AND MIT AND CC0 AND zlib AND Unicode-DFS-2015 URL: https://www.ruby-lang.org/en/ @@ -56,9 +56,6 @@ Source13: test_systemtap.rb %{load:%{SOURCE4}} %{load:%{SOURCE5}} -# Separated source of rexml for security updates -Source6001: https://rubygems.org/downloads/rexml-%{rexml_version}.gem - # Fix ruby_version abuse. # https://bugs.ruby-lang.org/issues/11002 Patch0: ruby-2.3.0-ruby_version.patch @@ -377,12 +374,22 @@ rm -rf ext/fiddle/libffi* cp -a %{SOURCE3} . -# Update rexml.gem by replace it with downloaded gem -( -rm -f gems/rexml*.gem -cp %{S:6001} gems/rexml-%{rexml_version}.gem -sed -i -e 's,rexml 3.3.2,rexml %{rexml_version},' gems/bundled_gems -) +# test gems version earlier +[ -f gems/debug-%{debug_version}.gem ] +[ -f gems/matrix-%{matrix_version}.gem ] +[ -f gems/minitest-%{minitest_version}.gem ] +[ -f gems/net-ftp-%{net_ftp_version}.gem ] +[ -f gems/net-imap-%{net_imap_version}.gem ] +[ -f gems/net-pop-%{net_pop_version}.gem ] +[ -f gems/net-smtp-%{net_smtp_version}.gem ] +[ -f gems/power_assert-%{power_assert_version}.gem ] +[ -f gems/prime-%{prime_version}.gem ] +[ -f gems/rake-%{rake_version}.gem ] +[ -f gems/rbs-%{rbs_version}.gem ] +[ -f gems/rexml-%{rexml_version}.gem ] +[ -f gems/rss-%{rss_version}.gem ] +[ -f gems/test-unit-%{test_unit_version}.gem ] +[ -f gems/typeprof-%{typeprof_version}.gem ] %build autoconf @@ -712,6 +719,7 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13} %{gem_dir}/gems/rbs-%{rbs_version}/steep %{gem_dir}/gems/rbs-%{rbs_version}/Gemfile.lock %{gem_dir}/gems/rbs-%{rbs_version}/ext/ +%{gem_dir}/gems/rbs-%{rbs_version}/exts.mk %{gem_dir}/specifications/rbs-%{rbs_version}.gemspec %files irb @@ -818,10 +826,7 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13} %doc %{gem_dir}/gems/rss-%{rss_version}/NEWS.md %{gem_dir}/gems/rss-%{rss_version}/lib %{gem_dir}/specifications/rss-%{rss_version}.gemspec -%doc %{gem_dir}/gems/rss-%{rss_version}/Gemfile %doc %{gem_dir}/gems/rss-%{rss_version}/README.md -%doc %{gem_dir}/gems/rss-%{rss_version}/Rakefile -%doc %{gem_dir}/gems/rss-%{rss_version}/test %files -n rubygem-typeprof %dir %{gem_dir}/gems/typeprof-%{typeprof_version} @@ -855,6 +860,7 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13} %{gem_dir}/gems/debug-%{debug_version}/lib %{gem_dir}/gems/debug-%{debug_version}/misc %{gem_dir}/gems/debug-%{debug_version}/ext/ +%{gem_dir}/gems/debug-%{debug_version}/exts.mk %{gem_dir}/specifications/debug-%{debug_version}.gemspec %dir %{gem_dir}/gems/net-ftp-%{net_ftp_version} @@ -895,6 +901,9 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13} %{gem_dir}/specifications/matrix-%{matrix_version}.gemspec %changelog +* Thu Nov 07 2024 Funda Wang - 3.2.6-149 +- update to 3.2.6 + * Tue Oct 29 2024 Funda Wang - 3.2.5-148 - update rexml to 3.3.9 - fix CVE-2024-35176, CVE-2024-41946, CVE-2024-39908