diff --git a/CVE-2019-16779.patch b/CVE-2019-16779.patch deleted file mode 100644 index bd3c04250db05f9e02e94a3fd62437d82d00bc83..0000000000000000000000000000000000000000 --- a/CVE-2019-16779.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 0ca3cd81f43bf250df08a209a9ee709584935600 Mon Sep 17 00:00:00 2001 -From: geemus -Date: Mon, 1 Nov 2021 10:20:15 +0800 -Subject: [PATCH] fix for leftover data with interrupted persistent connections - ---- - lib/excon/connection.rb | 9 ++++++++- - tests/rackups/basic.rb | 8 ++++++++ - 2 files changed, 16 insertions(+), 1 deletion(-) - -diff --git a/lib/excon/connection.rb b/lib/excon/connection.rb -index d27827f..25f89a3 100644 ---- a/lib/excon/connection.rb -+++ b/lib/excon/connection.rb -@@ -252,6 +252,11 @@ module Excon - - datum[:connection] = self - -+ # cleanup data left behind on persistent connection after interrupt -+ if datum[:persistent] && !@persistent_socket_reusable -+ reset -+ end -+ - datum[:stack] = datum[:middlewares].map do |middleware| - lambda {|stack| middleware.new(stack)} - end.reverse.inject(self) do |middlewares, middleware| -@@ -260,8 +265,9 @@ module Excon - datum = datum[:stack].request_call(datum) - - unless datum[:pipeline] -+ @persistent_socket_reusable = false - datum = response(datum) -- -+ @persistent_socket_reusable = true - if datum[:persistent] - if key = datum[:response][:headers].keys.detect {|k| k.casecmp('Connection') == 0 } - if datum[:response][:headers][key].casecmp('close') == 0 -@@ -330,6 +336,7 @@ module Excon - if old_socket = sockets.delete(@socket_key) - old_socket.close rescue nil - end -+ @persistent_socket_reusable = true - end - - # Generate HTTP request verb methods -diff --git a/tests/rackups/basic.rb b/tests/rackups/basic.rb -index 0bddd9a..e474a58 100644 ---- a/tests/rackups/basic.rb -+++ b/tests/rackups/basic.rb -@@ -31,6 +31,14 @@ class Basic < Sinatra::Base - get('/echo dirty') do - echo - end -+ -+ get('/foo') do -+ 'foo' -+ end -+ -+ get('/bar') do -+ 'bar' -+ end - - private - --- -2.27.0 - diff --git a/excon-0.104.0.gem b/excon-0.104.0.gem new file mode 100644 index 0000000000000000000000000000000000000000..f340f65832cc1bffefdf7c0d1eb09b8100fa80da Binary files /dev/null and b/excon-0.104.0.gem differ diff --git a/excon-0.62.0.gem b/excon-0.62.0.gem deleted file mode 100644 index dc03b3088a2ddb68242f6f8eb40391f775e80c49..0000000000000000000000000000000000000000 Binary files a/excon-0.62.0.gem and /dev/null differ diff --git a/rubygem-excon-0.62.0-Ruby-2.6-escapes-InvalidURIError-output.patch b/rubygem-excon-0.62.0-Ruby-2.6-escapes-InvalidURIError-output.patch deleted file mode 100644 index 0ae27a5cca447de3dc50f604e1cab7a759596aa8..0000000000000000000000000000000000000000 --- a/rubygem-excon-0.62.0-Ruby-2.6-escapes-InvalidURIError-output.patch +++ /dev/null @@ -1,23 +0,0 @@ -From d92263f73cfb20527ff0d689338bbe5348798d11 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?V=C3=ADt=20Ondruch?= -Date: Tue, 5 Feb 2019 10:38:33 +0100 -Subject: [PATCH] Ruby 2.6 escapes InvalidURIError output. - -https://github.com/ruby/ruby/commit/684cdb4f8340f7a88b00bb91139da74b99ec1147 ---- - tests/error_tests.rb | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/error_tests.rb b/tests/error_tests.rb -index c1bf15fe..21d2103b 100644 ---- a/tests/error_tests.rb -+++ b/tests/error_tests.rb -@@ -35,7 +35,7 @@ - Excon.new('http://localhost', path: "foo\r\nbar: baz") - false - rescue => err -- err.to_s.include? "foo\r\nbar: baz" -+ err.to_s.include?(RUBY_VERSION >= '2.6.0' ? 'foo\r\nbar: baz' : "foo\r\nbar: baz") - end - end - diff --git a/rubygem-excon.spec b/rubygem-excon.spec index 4e1a765fe8c5e7a7f1e7715017164d23014847c1..272c56194583b518ecd6df50016151e2821f7659 100644 --- a/rubygem-excon.spec +++ b/rubygem-excon.spec @@ -1,14 +1,12 @@ %bcond_with bootstrap %global gem_name excon Name: rubygem-%{gem_name} -Version: 0.62.0 -Release: 3 +Version: 0.104.0 +Release: 1 Summary: Speed, persistence, http(s) License: MIT URL: https://github.com/excon/excon Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem -Patch0: rubygem-excon-0.62.0-Ruby-2.6-escapes-InvalidURIError-output.patch -Patch1: CVE-2019-16779.patch BuildRequires: ruby(release) rubygems-devel ruby %{_bindir}/openssl rubygem-rack BuildRequires: rubygem-shindo rubygem(activesupport) rubygem(delorean) rubygem(eventmachine) BuildRequires: rubygem(open4) rubygem(puma) rubygem(sinatra) rubygem(rspec) @@ -27,8 +25,6 @@ Documentation for %{name}. %prep %setup -q -n %{gem_name}-%{version} -%patch0 -p1 -%patch1 -p1 sed -i "/ciphers/ s/'.*'/'PROFILE=SYSTEM'/" lib/excon/constants.rb %build @@ -57,7 +53,6 @@ popd %files %dir %{gem_instdir} -%exclude %{gem_instdir}/.* %license %{gem_instdir}/LICENSE.md %{gem_libdir} %exclude %{gem_cache} @@ -66,16 +61,13 @@ popd %files help %doc %{gem_docdir} %doc %{gem_instdir}/CONTRIBUT* -%{gem_instdir}/Gemfile %doc %{gem_instdir}/README.md -%{gem_instdir}/Rakefile -%{gem_instdir}/benchmarks -%doc %{gem_instdir}/changelog.txt %{gem_instdir}/excon.gemspec -%{gem_instdir}/spec -%{gem_instdir}/tests %changelog +* Tue Nov 14 2023 xu_ping <707078654@qq.com> - 0.104.0-1 +- Upgrade version to 0.104.0 + * Mon Nov 1 2021 liwu - 0.62.0-3 - Fix CVE-2019-16779