From 87535021b9615324ea16849f0f6758c95b3b77d6 Mon Sep 17 00:00:00 2001 From: Jarek Prokop Date: Mon, 18 Aug 2025 18:09:32 +0200 Subject: [PATCH 1/7] Upgrade to Ruby 3.4.5. Resolves: rhbz#2389202 --- ...0-Enable-configuration-of-archlibdir.patch | 2 +- ...ed-paths-when-empty-version-string-i.patch | 2 +- ruby-2.1.0-always-use-i386.patch | 2 +- ruby-2.1.0-custom-rubygems-location.patch | 4 +-- ruby-2.3.0-ruby_version.patch | 6 ++--- ...3.0-Disable-syntax-suggest-test-case.patch | 2 +- ruby.spec | 27 ++++++++++--------- sources | 2 +- 8 files changed, 25 insertions(+), 22 deletions(-) diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index e4142e9..158088d 100644 --- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index d261ea57b5..3c13076b82 100644 --- a/configure.ac +++ b/configure.ac -@@ -3520,6 +3520,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3518,6 +3518,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index 7990f77..8d79f56 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -4366,7 +4366,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -4364,7 +4364,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index ba78846..9f25a19 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -4430,6 +4430,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -4428,6 +4428,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index 7e199ac..1baf565 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -4402,6 +4402,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -4400,6 +4400,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4426,6 +4430,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4424,6 +4428,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index f089a33..1969f9e 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -4316,9 +4316,6 @@ AS_CASE(["$target_os"], +@@ -4314,9 +4314,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -4341,57 +4338,63 @@ AC_ARG_WITH(ridir, +@@ -4339,57 +4336,63 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -122,7 +122,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -4408,6 +4411,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -4406,6 +4409,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/ruby-3.3.0-Disable-syntax-suggest-test-case.patch b/ruby-3.3.0-Disable-syntax-suggest-test-case.patch index 6130a82..40b7662 100644 --- a/ruby-3.3.0-Disable-syntax-suggest-test-case.patch +++ b/ruby-3.3.0-Disable-syntax-suggest-test-case.patch @@ -12,7 +12,7 @@ diff --git a/common.mk b/common.mk index d55d1788aa..73755f6ccd 100644 --- a/common.mk +++ b/common.mk -@@ -1665,8 +1665,6 @@ no-test-bundled-gems-spec: +@@ -1668,8 +1668,6 @@ no-test-bundled-gems-spec: test-syntax-suggest: diff --git a/ruby.spec b/ruby.spec index c9a4b2d..93bc431 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 3 %global minor_version 4 -%global teeny_version 4 +%global teeny_version 5 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -27,7 +27,7 @@ %global rubygems_dir %{_datadir}/rubygems # Bundled libraries versions -%global rubygems_version 3.6.7 +%global rubygems_version 3.6.9 %global rubygems_molinillo_version 0.8.0 %global rubygems_net_http_version 0.6.0 %global rubygems_net_protocol_version 0.2.2 @@ -39,7 +39,7 @@ %global rubygems_uri_version 1.0.3 # Default gems. -%global bundler_version 2.6.7 +%global bundler_version 2.6.9 %global bundler_connection_pool_version 2.5.0 %global bundler_fileutils_version 1.7.3 %global bundler_net_http_persistent_version 4.0.4 @@ -58,14 +58,14 @@ %global english_version 0.8.0 %global erb_version 4.0.4 %global error_highlight_version 0.7.0 -%global etc_version 1.4.5 +%global etc_version 1.4.6 %global fcntl_version 1.2.0 %global fiddle_version 1.1.6 %global fileutils_version 1.7.3 %global find_version 0.2.0 %global forwardable_version 1.3.3 -%global io_nonblock_version 0.3.1 -%global io_wait_version 0.3.1 +%global io_nonblock_version 0.3.2 +%global io_wait_version 0.3.2 %global ipaddr_version 1.2.7 %global logger_version 1.6.4 %global net_http_version 0.6.0 @@ -82,7 +82,7 @@ %global pstore_version 0.1.4 %global readline_version 0.0.4 %global reline_version 0.6.0 -%global resolv_version 0.6.0 +%global resolv_version 0.6.2 %global ruby2_keywords_version 0.0.5 %global securerandom_version 0.4.1 %global set_version 1.1.1 @@ -91,7 +91,6 @@ %global stringio_version 3.1.2 %global strscan_version 3.1.2 %global syntax_suggest_version 2.0.2 -%global syslog_version 0.2.0 %global tempfile_version 0.3.1 %global time_version 0.4.1 %global timeout_version 0.4.3 @@ -106,18 +105,18 @@ %global zlib_version 3.2.1 # Gemified default gems. -%global io_console_version 0.8.0 +%global io_console_version 0.8.1 %global irb_version 1.14.3 %global json_version 2.9.1 %global psych_version 5.2.2 -%global rdoc_version 6.10.0 +%global rdoc_version 6.14.0 # Bundled gems. %global abbrev_version 0.1.2 %global base64_version 0.2.0 %global bigdecimal_version 3.1.8 %global csv_version 3.3.2 -%global debug_version 1.10.0 +%global debug_version 1.11.0 %global drb_version 2.2.1 %global getoptlong_version 0.2.1 %global net_ftp_version 0.3.8 @@ -177,7 +176,7 @@ Summary: An interpreter of object-oriented scripting language Name: ruby Version: %{ruby_version}%{?development_release} -Release: 26%{?dist} +Release: 27%{?dist} # Licenses, which are likely not included in binary RPMs: # Apache-2.0: # benchmark/gc/redblack.rb @@ -1879,6 +1878,10 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ %changelog +* Tue Aug 19 2025 Jarek Prokop - 3.4.5-27 +- Upgrade to Ruby 3.4.5. + Resolves: rhbz#2389202 + * Fri Jul 25 2025 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild diff --git a/sources b/sources index eb999d0..dbc2225 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ruby-3.4.4.tar.xz) = 0d258cf790daad424c866404b5cbdc8adba0e4e13764847a89adf2335229e5184095c9f3e9594705897697e48bcc322d9a9f919b04047abb2075daca9fce8871 +SHA512 (ruby-3.4.5.tar.xz) = 1f5d2fd527d15bd81ca8f49767d6426533367c1018a1d275d34721a96410b51204236173224e5198a42b56162c6e7a7b0c060fc032a9fd7f250b44e05c7af560 From 227321b694e8f4417bc95b32f09ce4c4a8e906b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Fri, 11 Apr 2025 11:42:42 +0200 Subject: [PATCH 2/7] Add missing bundled `tsort` provide. --- ruby.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/ruby.spec b/ruby.spec index 93bc431..58bee1b 100644 --- a/ruby.spec +++ b/ruby.spec @@ -580,6 +580,7 @@ Provides: bundled(rubygem-net-http-persistent) = %{bundler_net_http_persistent Provides: bundled(rubygem-pub_grub) = %{bundler_pub_grub_version} Provides: bundled(rubygem-securerandom) = %{bundler_securerandom_version} Provides: bundled(rubygem-thor) = %{bundler_thor_version} +Provides: bundled(rubygem-tsort) = %{bundler_tsort_version} Provides: bundled(rubygem-uri) = %{bundler_uri_version} BuildArch: noarch From 0bef232ddf57f7884196b19effce203997e317af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Wed, 10 Sep 2025 12:45:34 +0200 Subject: [PATCH 3/7] Update IETF license information after legal review https://gitlab.com/fedora/legal/fedora-license-data/-/issues/506 --- ruby.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ruby.spec b/ruby.spec index 58bee1b..9513b13 100644 --- a/ruby.spec +++ b/ruby.spec @@ -185,10 +185,10 @@ Release: 27%{?dist} # GPL-1.0-or-later: ext/win32/lib/win32/sspi.rb # GPL-1.0-or-later OR Artistic-1.0-Perl: win32/win32.c, include/ruby/win32.h, # ext/win32ole/win32ole.c -# -# Licenses under review: +# IETF (this is not official SPDX identifier) # .bundle/gems/net-imap-0.4.9/LICENSE.txt -# https://gitlab.com/fedora/legal/fedora-license-data/-/issues/506 +# Licenses in this file covers fair use and don't need to be listed: +# https://gitlab.com/fedora/legal/fedora-license-data/-/issues/506 # # BSD-3-Clause: missing/{crypt,mt19937,setproctitle}.c, addr2line.c:2652 # CC0: ccan/{build_assert/build_assert.h,check_type/check_type.h, From c46354925a2bac50305a468fa92ae066051c6daa Mon Sep 17 00:00:00 2001 From: Jarek Prokop Date: Tue, 14 Oct 2025 18:29:12 +0200 Subject: [PATCH 4/7] Enable parallel 'make check'. Use a build condition to turn the parallelization on and off when needed. The output is slightly different from the previous approach. The way results are collected and displayed remains the same. This allows us to scale down build time on multiple cores better. Chose to introduce a bcond explicitly for tests for debugging purposes. Running tests in parallel could hide issues that would show if everything was done in a single test-unit process. Limiting the number of cores available to RPM via a macro would also hinder parallelization of the compilation, which might not be desired in the case of only wanting to serializing the tests. Table from the associated ticket: The time represents total seconds that a full RPM build inside mock took from start to finish. PARALLEL TESTS ------------------------------------------------------------------------ Cores | Runs | Avg (s) | Min (s) | Max (s) | Speedup ------------------------------------------------------------------------ 2_core | 5 | 3196.0 | 3175.0 | 3218.0 | 1.00x 4_core | 5 | 3166.6 | 2949.0 | 3598.0 | 1.01x 8_core | 5 | 1129.2 | 1090.0 | 1257.0 | 2.83x 16_core | 5 | 807.4 | 794.0 | 820.0 | 3.96x SEQUENTIAL TESTS ------------------------------------------------------------------------ Cores | Runs | Avg (s) | Min (s) | Max (s) | Speedup ------------------------------------------------------------------------ 2_core | 5 | 3749.6 | 3728.0 | 3772.0 | 1.00x 4_core | 5 | 3368.8 | 3128.0 | 3539.0 | 1.11x 8_core | 5 | 1810.6 | 1764.0 | 1912.0 | 2.07x 16_core | 5 | 1612.8 | 1571.0 | 1646.0 | 2.32x PARALLEL vs SEQUENTIAL COMPARISON ------------------------------------------------------------------------- Cores | Sequential Avg | Parallel Avg | Difference ------------------------------------------------------------------------- 2_core | 3749.6 s | 3196.0 s | +17.3% 4_core | 3368.8 s | 3166.6 s | +6.4% 8_core | 1810.6 s | 1129.2 s | +60.3% 16_core | 1612.8 s | 807.4 s | +99.8% Resolves: rhbz#2401230 --- ruby.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ruby.spec b/ruby.spec index 9513b13..3cd1bc5 100644 --- a/ruby.spec +++ b/ruby.spec @@ -164,6 +164,7 @@ %endif # Enable test when building on local. %bcond_with bundler_tests +%bcond_without parallel_tests %if 0%{?fedora} %bcond_without hardening_test @@ -1211,7 +1212,7 @@ MSPECOPTS="" # Give an option to increase the timeout in tests. # https://bugs.ruby-lang.org/issues/16921 %{?test_timeout_scale:RUBY_TEST_TIMEOUT_SCALE="%{test_timeout_scale}"} \ - make -C %{_vpath_builddir} check TESTS="-v --show-skip $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" + make -C %{_vpath_builddir} %{?with_parallel_tests:%{?_smp_mflags}} check TESTS="-v --show-skip $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" # Run Ruby OpenSSL tests in OpenSSL FIPS. make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ From 5b97680661da05d7362e8b4a68ef84ebfb165de9 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Tue, 21 Oct 2025 17:59:36 +0100 Subject: [PATCH 5/7] Upgrade to Ruby 3.4.7. - Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 --- ruby.spec | 13 +++++++++---- sources | 2 +- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/ruby.spec b/ruby.spec index 3cd1bc5..576dece 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 3 %global minor_version 4 -%global teeny_version 5 +%global teeny_version 7 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -78,7 +78,7 @@ %global pathname_version 0.4.0 %global pp_version 0.6.2 %global prettyprint_version 0.2.0 -%global prism_version 1.2.0 +%global prism_version 1.5.1 %global pstore_version 0.1.4 %global readline_version 0.0.4 %global reline_version 0.6.0 @@ -97,7 +97,7 @@ %global tmpdir_version 0.3.1 %global tsort_version 0.2.0 %global un_version 0.3.0 -%global uri_version 1.0.3 +%global uri_version 1.0.4 %global weakref_version 0.1.3 %global win32ole_version 1.9.1 %global win32_registry_version 0.1.0 @@ -177,7 +177,7 @@ Summary: An interpreter of object-oriented scripting language Name: ruby Version: %{ruby_version}%{?development_release} -Release: 27%{?dist} +Release: 28%{?dist} # Licenses, which are likely not included in binary RPMs: # Apache-2.0: # benchmark/gc/redblack.rb @@ -1880,6 +1880,11 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ %changelog +* Thu Oct 30 2025 Jun Aruga - 3.4.7-28 +- Upgrade to Ruby 3.4.7. +- Fix URI Credential Leakage Bypass previous fixes. + Resolves: CVE-2025-61594 + * Tue Aug 19 2025 Jarek Prokop - 3.4.5-27 - Upgrade to Ruby 3.4.5. Resolves: rhbz#2389202 diff --git a/sources b/sources index dbc2225..da78c8c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ruby-3.4.5.tar.xz) = 1f5d2fd527d15bd81ca8f49767d6426533367c1018a1d275d34721a96410b51204236173224e5198a42b56162c6e7a7b0c060fc032a9fd7f250b44e05c7af560 +SHA512 (ruby-3.4.7.tar.xz) = a6b99a2f1d0115d5e7efa710da440b9066c524c335928367c80852630f8db5da36c0a82d6e7ace90e8c40cb20c6097cbdca15a51c343254cadf5f0adf60f8505 From 32332cb2b524ba961b5774ba126ed0aad2a31b19 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Thu, 23 Oct 2025 18:03:49 +0100 Subject: [PATCH 6/7] Fix REXML denial of service. Upgrade to rexml gem 3.4.4. https://www.ruby-lang.org/en/news/2025/09/18/dos-rexml-cve-2025-58767/ Resolves: CVE-2025-58767 --- .gitignore | 1 + ruby.spec | 20 +++++++++++++++++++- sources | 1 + 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 4ed5a91..d2399ca 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ /*/ /ruby-*.tar.xz +/rexml-*.gem /*.rpm !/plans/ diff --git a/ruby.spec b/ruby.spec index 576dece..283aeb4 100644 --- a/ruby.spec +++ b/ruby.spec @@ -135,7 +135,7 @@ %global rbs_version 3.8.0 %global repl_type_completor_version 0.1.9 %global resolv_replace_version 0.1.1 -%global rexml_version 3.4.0 +%global rexml_version 3.4.4 %global rinda_version 0.2.0 %global rss_version 0.3.1 %global syslog_version 0.2.0 @@ -239,6 +239,8 @@ Source19: test_rubygems_con.rb # default RDoc gem as shipped in Ruby tarball. This should not be needed for # Ruby 3.5+. Source20: https://github.com/ruby/rdoc/blob/master/lib/rubygems_plugin.rb +# rexml gem +Source21: https://rubygems.org/gems/rexml-%{rexml_version}.gem # The load directive is supported since RPM 4.12, i.e. F21+. The build process # fails on older Fedoras. @@ -779,6 +781,10 @@ analysis result in RBS format, a standard type description format for Ruby # Provide an example of usage of the tapset: cp -a %{SOURCE3} . +rm -rf .bundle/gems/rexml-3.4.0 +rm .bundle/specifications/rexml-3.4.0.gemspec +rm gems/rexml-3.4.0.gem + %build autoconf @@ -818,6 +824,16 @@ popd %install rm -rf %{buildroot} +cp -p %{SOURCE21} gems/ + +make -C %{_vpath_builddir} runruby \ + TESTRUN_SCRIPT="%{_builddir}/%{buildsubdir}/bin/gem unpack %{SOURCE21} --target='%{_builddir}/%{buildsubdir}/.bundle/gems'" +make --silent -C %{_vpath_builddir} runruby \ + TESTRUN_SCRIPT="%{_builddir}/%{buildsubdir}/bin/gem spec '%{SOURCE21}' --ruby" \ + > .bundle/specifications/rexml-%{rexml_version}.gemspec + +sed -i -e '/^rexml/ s/3.4.0/3.4.4/' gems/bundled_gems + %make_install -C %{_vpath_builddir} # TODO: Regenerate RBS parser in lib/rbs/parser.rb @@ -1884,6 +1900,8 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ - Upgrade to Ruby 3.4.7. - Fix URI Credential Leakage Bypass previous fixes. Resolves: CVE-2025-61594 +- Fix REXML denial of service. + Resolves: CVE-2025-58767 * Tue Aug 19 2025 Jarek Prokop - 3.4.5-27 - Upgrade to Ruby 3.4.5. diff --git a/sources b/sources index da78c8c..02d1cf8 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ SHA512 (ruby-3.4.7.tar.xz) = a6b99a2f1d0115d5e7efa710da440b9066c524c335928367c80852630f8db5da36c0a82d6e7ace90e8c40cb20c6097cbdca15a51c343254cadf5f0adf60f8505 +SHA512 (rexml-3.4.4.gem) = 1d4e718504db4aa4481217f85068e79cf58a04cb46827b3baa88a55c3fd3804eafb98f8d295c62035ee05006818b49bc208fab98884e5caf262b66ae6f6dca8f From e2a8f7d9eb32075811fd7f0f00967d01185ab8a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Wed, 17 Dec 2025 12:43:46 +0100 Subject: [PATCH 7/7] Update to Ruby 3.4.8. Resolves: rhbz#2422963 Resolves: rhbz#2412227 --- ...ed-paths-when-empty-version-string-i.patch | 2 +- ruby-2.1.0-always-use-i386.patch | 2 +- ruby-2.1.0-custom-rubygems-location.patch | 4 +-- ruby-2.3.0-ruby_version.patch | 6 ++-- ruby.spec | 33 +++++++------------ sources | 3 +- 6 files changed, 19 insertions(+), 31 deletions(-) diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index 8d79f56..1dec456 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index c42436c23d..d261ea57b5 100644 --- a/configure.ac +++ b/configure.ac -@@ -4364,7 +4364,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -4365,7 +4365,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index 9f25a19..624f34d 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 3c13076b82..93af30321d 100644 --- a/configure.ac +++ b/configure.ac -@@ -4428,6 +4428,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -4429,6 +4429,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index 1baf565..2ff5594 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 93af30321d..bc13397e0e 100644 --- a/configure.ac +++ b/configure.ac -@@ -4400,6 +4400,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -4401,6 +4401,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4424,6 +4428,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4425,6 +4429,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index 1969f9e..8fcdea2 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 80b137e380..63cd3b4f8b 100644 --- a/configure.ac +++ b/configure.ac -@@ -4314,9 +4314,6 @@ AS_CASE(["$target_os"], +@@ -4315,9 +4315,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -4339,57 +4336,63 @@ AC_ARG_WITH(ridir, +@@ -4340,57 +4337,63 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -122,7 +122,7 @@ index 80b137e380..63cd3b4f8b 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -4406,6 +4409,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -4407,6 +4410,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl diff --git a/ruby.spec b/ruby.spec index 283aeb4..f86602f 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 3 %global minor_version 4 -%global teeny_version 7 +%global teeny_version 8 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -36,7 +36,7 @@ %global rubygems_securerandom_version 0.4.1 %global rubygems_timeout_version 0.4.3 %global rubygems_tsort_version 0.2.0 -%global rubygems_uri_version 1.0.3 +%global rubygems_uri_version 1.0.4 # Default gems. %global bundler_version 2.6.9 @@ -47,7 +47,7 @@ %global bundler_securerandom_version 0.4.1 %global bundler_thor_version 1.3.2 %global bundler_tsort_version 0.2.0 -%global bundler_uri_version 1.0.3 +%global bundler_uri_version 1.0.4 %global benchmark_version 0.4.0 %global cgi_version 0.4.2 @@ -71,14 +71,14 @@ %global net_http_version 0.6.0 %global net_protocol_version 0.2.2 %global open3_version 0.2.1 -%global openssl_version 3.3.0 +%global openssl_version 3.3.1 %global open_uri_version 0.5.0 %global optparse_version 0.6.0 %global ostruct_version 0.6.1 %global pathname_version 0.4.0 %global pp_version 0.6.2 %global prettyprint_version 0.2.0 -%global prism_version 1.5.1 +%global prism_version 1.5.2 %global pstore_version 0.1.4 %global readline_version 0.0.4 %global reline_version 0.6.0 @@ -177,7 +177,7 @@ Summary: An interpreter of object-oriented scripting language Name: ruby Version: %{ruby_version}%{?development_release} -Release: 28%{?dist} +Release: 29%{?dist} # Licenses, which are likely not included in binary RPMs: # Apache-2.0: # benchmark/gc/redblack.rb @@ -239,8 +239,6 @@ Source19: test_rubygems_con.rb # default RDoc gem as shipped in Ruby tarball. This should not be needed for # Ruby 3.5+. Source20: https://github.com/ruby/rdoc/blob/master/lib/rubygems_plugin.rb -# rexml gem -Source21: https://rubygems.org/gems/rexml-%{rexml_version}.gem # The load directive is supported since RPM 4.12, i.e. F21+. The build process # fails on older Fedoras. @@ -781,10 +779,6 @@ analysis result in RBS format, a standard type description format for Ruby # Provide an example of usage of the tapset: cp -a %{SOURCE3} . -rm -rf .bundle/gems/rexml-3.4.0 -rm .bundle/specifications/rexml-3.4.0.gemspec -rm gems/rexml-3.4.0.gem - %build autoconf @@ -824,16 +818,6 @@ popd %install rm -rf %{buildroot} -cp -p %{SOURCE21} gems/ - -make -C %{_vpath_builddir} runruby \ - TESTRUN_SCRIPT="%{_builddir}/%{buildsubdir}/bin/gem unpack %{SOURCE21} --target='%{_builddir}/%{buildsubdir}/.bundle/gems'" -make --silent -C %{_vpath_builddir} runruby \ - TESTRUN_SCRIPT="%{_builddir}/%{buildsubdir}/bin/gem spec '%{SOURCE21}' --ruby" \ - > .bundle/specifications/rexml-%{rexml_version}.gemspec - -sed -i -e '/^rexml/ s/3.4.0/3.4.4/' gems/bundled_gems - %make_install -C %{_vpath_builddir} # TODO: Regenerate RBS parser in lib/rbs/parser.rb @@ -1896,6 +1880,11 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \ %changelog +* Wed Dec 17 2025 Vít Ondruch - 3.4.8-29 +- Update to Ruby 3.4.8. + Resolves: rhbz#2422963 + Resolves: rhbz#2412227 + * Thu Oct 30 2025 Jun Aruga - 3.4.7-28 - Upgrade to Ruby 3.4.7. - Fix URI Credential Leakage Bypass previous fixes. diff --git a/sources b/sources index 02d1cf8..dde7f58 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -SHA512 (ruby-3.4.7.tar.xz) = a6b99a2f1d0115d5e7efa710da440b9066c524c335928367c80852630f8db5da36c0a82d6e7ace90e8c40cb20c6097cbdca15a51c343254cadf5f0adf60f8505 -SHA512 (rexml-3.4.4.gem) = 1d4e718504db4aa4481217f85068e79cf58a04cb46827b3baa88a55c3fd3804eafb98f8d295c62035ee05006818b49bc208fab98884e5caf262b66ae6f6dca8f +SHA512 (ruby-3.4.8.tar.xz) = b6289654685c2d381d15123cf07a131fd088edf13a5336966af5a2e8fad9adda42d14caa7bb0998331831af71e35c546091db55c82089e89b9508603ff5f92d6