From 709c4f4f66ac5d8fdb3b96dd70b135bb400d12c0 Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Thu, 15 Jul 2021 16:33:37 +0200
Subject: [PATCH] Upgrade to Ruby 2.7.4.

- Fix command injection vulnerability in RDoc.
  Resolves: CVE-2021-31799
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
  Resolves: CVE-2021-31810
- Fix StartTLS stripping vulnerability in Net::IMAP.
  Resolves: CVE-2021-32066
---
 ...2.1.0-Enable-configuration-of-archlibdir.patch |  2 +-
 ...icated-paths-when-empty-version-string-i.patch |  2 +-
 ruby-2.1.0-always-use-i386.patch                  |  2 +-
 ruby-2.1.0-custom-rubygems-location.patch         |  4 ++--
 ruby-2.3.0-ruby_version.patch                     |  6 +++---
 ruby.spec                                         | 15 ++++++++++++---
 sources                                           |  2 +-
 7 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch
index c249372..77b20ef 100644
--- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch
+++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch
@@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
 index d261ea57b5..3c13076b82 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3115,6 +3115,11 @@ AS_IF([test ${multiarch+set}], [
+@@ -3121,6 +3121,11 @@ AS_IF([test ${multiarch+set}], [
  ])
  
  archlibdir='${libdir}/${arch}'
diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
index 1694f87..a79aa25 100644
--- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
+++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
@@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
 index c42436c23d..d261ea57b5 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3753,7 +3753,8 @@ AS_CASE(["$ruby_version_dir_name"],
+@@ -3759,7 +3759,8 @@ AS_CASE(["$ruby_version_dir_name"],
  ruby_version_dir=/'${ruby_version_dir_name}'
  
  if test -z "${ruby_version_dir_name}"; then
diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch
index f41bd0b..a5a4011 100644
--- a/ruby-2.1.0-always-use-i386.patch
+++ b/ruby-2.1.0-always-use-i386.patch
@@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
 index 3c13076b82..93af30321d 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3817,6 +3817,8 @@ AC_SUBST(vendorarchdir)dnl
+@@ -3823,6 +3823,8 @@ AC_SUBST(vendorarchdir)dnl
  AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
  AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
  
diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch
index dde1098..ddfe9a5 100644
--- a/ruby-2.1.0-custom-rubygems-location.patch
+++ b/ruby-2.1.0-custom-rubygems-location.patch
@@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
 index 93af30321d..bc13397e0e 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3789,6 +3789,10 @@ AC_ARG_WITH(vendorarchdir,
+@@ -3795,6 +3795,10 @@ AC_ARG_WITH(vendorarchdir,
              [vendorarchdir=$withval],
              [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
  
@@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644
  AS_IF([test "${LOAD_RELATIVE+set}"], [
      AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
      RUBY_EXEC_PREFIX=''
-@@ -3813,6 +3817,7 @@ AC_SUBST(sitearchdir)dnl
+@@ -3819,6 +3823,7 @@ AC_SUBST(sitearchdir)dnl
  AC_SUBST(vendordir)dnl
  AC_SUBST(vendorlibdir)dnl
  AC_SUBST(vendorarchdir)dnl
diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch
index 7efe039..a5865ce 100644
--- a/ruby-2.3.0-ruby_version.patch
+++ b/ruby-2.3.0-ruby_version.patch
@@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
 index 80b137e380..63cd3b4f8b 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3704,9 +3704,6 @@ AS_CASE(["$target_os"],
+@@ -3710,9 +3710,6 @@ AS_CASE(["$target_os"],
      rubyw_install_name='$(RUBYW_INSTALL_NAME)'
      ])
  
@@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644
  rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
  AC_ARG_WITH(rubyarchprefix,
  	    AS_HELP_STRING([--with-rubyarchprefix=DIR],
-@@ -3729,56 +3726,62 @@ AC_ARG_WITH(ridir,
+@@ -3735,56 +3732,62 @@ AC_ARG_WITH(ridir,
  AC_SUBST(ridir)
  AC_SUBST(RI_BASE_NAME)
  
@@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644
  
  AS_IF([test "${LOAD_RELATIVE+set}"], [
      AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
-@@ -3795,6 +3798,7 @@ AC_SUBST(sitearchincludedir)dnl
+@@ -3801,6 +3804,7 @@ AC_SUBST(sitearchincludedir)dnl
  AC_SUBST(arch)dnl
  AC_SUBST(sitearch)dnl
  AC_SUBST(ruby_version)dnl
diff --git a/ruby.spec b/ruby.spec
index a9d9dc6..9d7d0a5 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -1,6 +1,6 @@
 %global major_version 2
 %global minor_version 7
-%global teeny_version 3
+%global teeny_version 4
 %global major_minor_version %{major_version}.%{minor_version}
 
 %global ruby_version %{major_minor_version}.%{teeny_version}
@@ -22,7 +22,7 @@
 %endif
 
 
-%global release 138
+%global release 139
 %{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
 
 # The RubyGems library has to stay out of Ruby directory tree, since the
@@ -50,7 +50,7 @@
 %global openssl_version 2.1.2
 %global psych_version 3.1.0
 %global racc_version 1.4.16
-%global rdoc_version 6.2.1
+%global rdoc_version 6.2.1.1
 %global xmlrpc_version 0.3.0
 
 # Bundled gems.
@@ -1277,6 +1277,15 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod changes the file mode of the link and not
 
 
 %changelog
+* Thu Jul 15 2021 Jun Aruga <jaruga@redhat.com> - 2.7.4-139
+- Upgrade to Ruby 2.7.4.
+- Fix command injection vulnerability in RDoc.
+  Resolves: CVE-2021-31799
+- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
+  Resolves: CVE-2021-31810
+- Fix StartTLS stripping vulnerability in Net::IMAP.
+  Resolves: CVE-2021-32066
+
 * Tue Jun 15 2021 Jarek Prokop <jprokop@redhat.com> - 2.7.3-138
 - Properly support DWARF5 debug information.
   Resolves: rhbz#1920533
diff --git a/sources b/sources
index 79172c3..06c46f4 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (ruby-2.7.3.tar.xz) = b755d418b3bab2f9f6a8893afd13869269f17065643dde78b9e85ae3538a6d0617893db6e9c3908e00a40c7577a5c912a7c822d8f245cdcfb857be76dfb66c1e
+SHA512 (ruby-2.7.4.tar.xz) = 2cbb70ecfdd69120e789023ddb2b25cab0d03bc33fdc367a8f74ca8a3ee785c18c8ded9de3ecee627c7e275ffb85147e6abf921b6a61e31851b37c7fedf45bf9