- Apply upstream patch for CVE-2010-0541 (bug 587731)

commits from ruby_1_8 branch

.cvsignore

@@ -1,4 +0,0 @@
-ruby-refm-rdp-1.8.2-ja-html.tar.gz
-rubyfaq-990927.tar.gz
-rubyfaq-jp-990927.tar.gz
-ruby-1.8.6-p369.tar.bz2

.gitignore

@@ -0,0 +1,6 @@
+ruby-1.8.6-p388.tar.bz2
+ruby-refm-rdp-1.8.2-ja-html.tar.gz
+rubyfaq-990927.tar.gz
+rubyfaq-jp-990927.tar.gz
+ruby-1.8.6-p399.tar.bz2
+ruby-1.8-rev27738_trunk-ext_tk.tar.gz

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: ruby
-# $Id: Makefile,v 1.1 2004/09/09 11:54:27 cvsdist Exp $
-NAME := ruby
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

import.log

@@ -1,6 +0,0 @@
-ruby-1_8_6_287-4_fc10:HEAD:ruby-1.8.6.287-4.fc10.src.rpm:1237096558
-ruby-1_8_6_287-5_fc10:HEAD:ruby-1.8.6.287-5.fc10.src.rpm:1237096677
-ruby-1_8_6_287-7_fc11:HEAD:ruby-1.8.6.287-7.fc11.src.rpm:1237351812
-ruby-1_8_6_368-1_fc11:HEAD:ruby-1.8.6.368-1.fc11.src.rpm:1243759307
-ruby-1_8_6_368-2_fc11:HEAD:ruby-1.8.6.368-2.fc11.src.rpm:1245520186
-ruby-1_8_6_369-1_fc11:HEAD:ruby-1.8.6.369-1.fc11.src.rpm:1245760717

noautobuild

@@ -1 +0,0 @@
-wait until tk 8.5.7 is rebuilt

ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch

@@ -0,0 +1,15 @@
+Index: ruby_1_8_6/ext/openssl/ossl_digest.c
+===================================================================
+--- ruby_1_8_6/ext/openssl/ossl_digest.c	(revision 12042)
++++ ruby_1_8_6/ext/openssl/ossl_digest.c	(revision 12043)
+@@ -264,6 +264,10 @@
+ void
+ Init_ossl_digest()
+ {
++#if 0 /* let rdoc know about mOSSL */
++    mOSSL = rb_define_module("OpenSSL");
++#endif
++
+     mDigest = rb_define_module_under(mOSSL, "Digest");
+ 	
+     eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError);

ruby-1.8.6-p369-ri-gem_multipath.patch

@@ -0,0 +1,130 @@
+Mon Dec 24 16:18:57 2007  Eric Hodel  <drbrain@segment7.net>
+
+	* lib/rdoc/ri/ri_options.rb:  Fix ri --help listing of gem ri paths.
+	Merge of r14567 and r14569 from trunk.
+
+	* lib/rdoc/ri/ri_paths.rb:  Fix duplication of ri data for multiple
+	gems.  Merge of r14567 from trunk
+
+Index: ruby_1_8/lib/rdoc/ri/ri_options.rb
+===================================================================
+--- ruby_1_8/lib/rdoc/ri/ri_options.rb	(revision 14581)
++++ ruby_1_8/lib/rdoc/ri/ri_options.rb	(revision 14582)
+@@ -62,10 +62,11 @@
+           (RI::Paths::HOMEDIR || "No ~/.rdoc found") ],
+ 
+         [ "--gems",         nil,    nil,
+-          "Include documentation from Rubygems:\n  " +
+-          (RI::Paths::GEMDIRS ? "#{Gem.path}/doc/*/ri" :
+-                                "No Rubygems ri found.") ],
+-                                                           
++          "Include documentation from RubyGems:\n" +
++          (RI::Paths::GEMDIRS ?
++           Gem.path.map { |dir| "  #{dir}/doc/*/ri" }.join("\n") :
++           "No Rubygems ri found.") ],
++
+         [ "--format",       "-f",   "<name>",
+           "Format to use when displaying output:\n" +
+           "   " + RI::TextFormatter.list + "\n" +
+@@ -116,7 +117,8 @@
+       def OptionList.error(msg)
+         $stderr.puts
+         $stderr.puts msg
+-        $stderr.puts "\nFor help on options, try 'ri --help'\n\n"
++        name = File.basename $PROGRAM_NAME
++        $stderr.puts "\nFor help on options, try '#{name} --help'\n\n"
+         exit 1
+       end
+       
+@@ -136,7 +138,11 @@
+           RI::Paths::HOMEDIR
+         ]
+ 
+-        directories << "#{Gem.path}/doc/*/ri" if RI::Paths::GEMDIRS
++        if RI::Paths::GEMDIRS then
++          Gem.path.each do |dir|
++            directories << "#{dir}/doc/*/ri"
++          end
++        end
+ 
+         directories = directories.join("\n    ")
+ 
+@@ -157,16 +163,16 @@
+ 
+           For example:
+ 
+-              ri  File
+-              ri  File.new
+-              ri  F.n
+-              ri  zip
++              #{name}  File
++              #{name}  File.new
++              #{name}  F.n
++              #{name}  zip
+ 
+           Note that shell quoting may be required for method names
+           containing punctuation:
+ 
+-              ri 'Array.[]'
+-              ri compact\\!
++              #{name} 'Array.[]'
++              #{name} compact\\!
+ 
+           By default ri searches for documentation in the following
+           directories:
+@@ -180,8 +186,8 @@
+         EOT
+ 
+         if short_form
+-          puts "For help on options, type 'ri -h'"
+-          puts "For a list of classes I know about, type 'ri -c'"
++          puts "For help on options, type '#{name} -h'"
++          puts "For a list of classes I know about, type '#{name} -c'"
+         else
+           puts "Options:\n\n"
+           OPTION_LIST.each do|long, short, arg, desc|
+Index: ruby_1_8/lib/rdoc/ri/ri_paths.rb
+===================================================================
+--- ruby_1_8/lib/rdoc/ri/ri_paths.rb	(revision 14581)
++++ ruby_1_8/lib/rdoc/ri/ri_paths.rb	(revision 14582)
+@@ -44,8 +44,29 @@
+ 
+     begin
+       require 'rubygems'
+-      GEMDIRS = Dir["#{Gem.path}/doc/*/ri"]
+-      GEMDIRS.each { |path| RI::Paths::PATH << path }
++
++      # HACK dup'd from Gem.latest_partials and friends
++      all_paths = []
++
++      all_paths = Gem.path.map do |dir|
++        Dir[File.join(dir, 'doc', '*', 'ri')]
++      end.flatten
++
++      ri_paths = {}
++
++      all_paths.each do |dir|
++        base = File.basename File.dirname(dir)
++        if base =~ /(.*)-((\d+\.)*\d+)/ then
++          name, version = $1, $2
++          ver = Gem::Version.new version
++          if ri_paths[name].nil? or ver > ri_paths[name][0] then
++            ri_paths[name] = [ver, dir]
++          end
++        end
++      end
++
++      GEMDIRS = ri_paths.map { |k,v| v.last }.sort
++      GEMDIRS.each { |dir| RI::Paths::PATH << dir }
+     rescue LoadError
+       GEMDIRS = nil
+     end
+@@ -55,7 +76,7 @@
+ 
+     def self.path(use_system, use_site, use_home, use_gems, *extra_dirs)
+       path = raw_path(use_system, use_site, use_home, use_gems, *extra_dirs)
+-      return path.select { |path| File.directory? path }
++      return path.select { |directory| File.directory? directory }
+     end
+ 
+     # Returns the selected documentation directories including nonexistent

ruby-1.8.6-p383-mkmf-use-shared.patch

@@ -0,0 +1,11 @@
+--- ruby-1.8.6-p383/lib/mkmf.rb.static	2009-03-31 18:19:39.000000000 +0900
++++ ruby-1.8.6-p383/lib/mkmf.rb	2009-12-09 15:03:19.000000000 +0900
+@@ -275,7 +275,7 @@
+                               'LDFLAGS' => "#$LDFLAGS #{ldflags}",
+                               'LIBPATH' => libpathflag(libpath),
+                               'LOCAL_LIBS' => "#$LOCAL_LIBS #$libs",
+-                              'LIBS' => "#$LIBRUBYARG_STATIC #{opt} #$LIBS")
++                              'LIBS' => "#$LIBRUBYARG_SHARED #{opt} #$LIBS")
+   Config::expand(TRY_LINK.dup, conf)
+ end
+ 

ruby-1.8.6-p383-rubyprefix.patch

@@ -1,7 +1,7 @@
-diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
---- ruby-1.8.6-p287.orig/configure.in	2008-07-13 00:03:28.000000000 +0900
-+++ ruby-1.8.6-p287/configure.in	2008-08-14 01:08:00.000000000 +0900
-@@ -1608,6 +1608,13 @@ case "$target_os" in
+diff -ur ruby-1.8.6-p383.0-deadcode/configure.in ruby-1.8.6-p383/configure.in
+--- ruby-1.8.6-p383.0-deadcode/configure.in	2009-07-20 15:24:22.000000000 +0200
++++ ruby-1.8.6-p383/configure.in	2009-10-22 16:37:13.729623476 +0200
+@@ -1613,6 +1613,13 @@
      rubyw_install_name="$RUBYW_INSTALL_NAME"
      ;;
  esac
@@ -15,12 +15,12 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  case "$target_os" in
    cygwin*|mingw*|*djgpp*|os2-emx*)
      RUBY_LIB_PREFIX="/lib/ruby"
-@@ -1616,20 +1623,29 @@ case "$target_os" in
-     RUBY_LIB_PREFIX="${prefix}/lib/ruby"
+@@ -1621,20 +1628,30 @@
+     RUBY_LIB_PREFIX="`eval "echo ${libdir}"`/ruby"
      ;;
  esac
 +else
-+	RUBY_LIB_PREFIX="${with_ruby_prefix}/ruby"
++    RUBY_LIB_PREFIX="${with_ruby_prefix}/ruby"
 +fi
  RUBY_LIB_PATH="${RUBY_LIB_PREFIX}/${MAJOR}.${MINOR}"
 +RUBY_LIB_PATH2="${libdir}/ruby/${MAJOR}.${MINOR}"
@@ -28,12 +28,13 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  AC_ARG_WITH(sitedir,
  	    [  --with-sitedir=DIR      site libraries in DIR [PREFIX/lib/ruby/site_ruby]],
              [sitedir=$withval],
-             [sitedir='${prefix}/lib/ruby/site_ruby'])
+             [sitedir="`eval "echo ${libdir}"`/ruby/site_ruby"])
 -SITE_DIR=`eval echo \\"${sitedir}\\"`
 +SITE_DIR=`eval echo \\"${sitedir}\\" | sed -e "s/lib64/lib/"`
 +_fc_sitedir="\$(DESTDIR)${sitedir}"
 +SITE_DIR2=`eval echo \\"${_fc_sitedir}\\"`
 +sitedir=`eval echo \\"${sitedir}\\" | sed -e "s/lib64/lib/"`
++
  case "$target_os" in
    cygwin*|mingw*|*djgpp*|os2-emx*)
      RUBY_SITE_LIB_PATH="`expr "$SITE_DIR" : "$prefix\(/.*\)"`" ||
@@ -47,7 +48,7 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  RUBY_SITE_LIB_PATH2="${RUBY_SITE_LIB_PATH}/${MAJOR}.${MINOR}"
  
  AC_DEFINE_UNQUOTED(RUBY_LIB, "${RUBY_LIB_PATH}")
-@@ -1639,6 +1655,7 @@ AC_DEFINE_UNQUOTED(RUBY_SITE_LIB2, "${RU
+@@ -1644,6 +1661,7 @@
  AC_SUBST(arch)dnl
  AC_SUBST(sitearch)dnl
  AC_SUBST(sitedir)dnl
@@ -55,7 +56,7 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  
  configure_args=$ac_configure_args
  AC_SUBST(configure_args)dnl
-@@ -1647,7 +1664,7 @@ if test "$fat_binary" != no ; then
+@@ -1652,7 +1670,7 @@
      arch="fat-${target_os}"
  
      AC_DEFINE_UNQUOTED(RUBY_THIN_ARCHLIB,
@@ -64,7 +65,7 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  
      AC_DEFINE_UNQUOTED(RUBY_SITE_THIN_ARCHLIB,
                   "${RUBY_SITE_LIB_PATH}/" __ARCHITECTURE__ "-${target_os}")
-@@ -1662,8 +1679,8 @@ case "$target_os" in
+@@ -1667,8 +1685,8 @@
    *) sitearch="${arch}" ;;
  esac
  
@@ -75,10 +76,12 @@ diff -pruN ruby-1.8.6-p287.orig/configure.in ruby-1.8.6-p287/configure.in
  
  AC_ARG_WITH(search-path,
  		[  --with-search-path=DIR specify the additional search path],
-diff -pruN ruby-1.8.6-p287.orig/mkconfig.rb ruby-1.8.6-p287/mkconfig.rb
---- ruby-1.8.6-p287.orig/mkconfig.rb	2008-06-08 01:37:10.000000000 +0900
-+++ ruby-1.8.6-p287/mkconfig.rb	2008-08-14 01:08:00.000000000 +0900
-@@ -139,10 +139,10 @@ print(*v_fast)
+Only in ruby-1.8.6-p383/: configure.in.orig
+Only in ruby-1.8.6-p383/: configure.in.rej
+diff -ur ruby-1.8.6-p383.0-deadcode/mkconfig.rb ruby-1.8.6-p383/mkconfig.rb
+--- ruby-1.8.6-p383.0-deadcode/mkconfig.rb	2008-06-07 18:37:10.000000000 +0200
++++ ruby-1.8.6-p383/mkconfig.rb	2009-10-22 16:30:55.776872493 +0200
+@@ -139,10 +139,10 @@
  print(*v_others)
  print <<EOS
    CONFIG["ruby_version"] = "$(MAJOR).$(MINOR)"

ruby-1.8.6-rexml-CVE-2008-3790.patch

@@ -1,96 +0,0 @@
-diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/document.rb
---- ruby-1.8.6-p287.orig/lib/rexml/document.rb	2007-11-04 13:50:15.000000000 +0900
-+++ ruby-1.8.6-p287/lib/rexml/document.rb	2008-10-08 22:25:14.000000000 +0900
-@@ -32,6 +32,7 @@ module REXML
- 	  # @param context if supplied, contains the context of the document;
- 	  # this should be a Hash.
- 		def initialize( source = nil, context = {} )
-+      @entity_expansion_count = 0
- 			super()
- 			@context = context
- 			return if source.nil?
-@@ -200,6 +201,27 @@ module REXML
- 			Parsers::StreamParser.new( source, listener ).parse
- 		end
-
-+    @@entity_expansion_limit = 10_000
-+
-+    # Set the entity expansion limit. By defualt the limit is set to 10000.
-+    def Document::entity_expansion_limit=( val )
-+      @@entity_expansion_limit = val
-+    end
-+
-+    # Get the entity expansion limit. By defualt the limit is set to 10000.
-+    def Document::entity_expansion_limit
-+      return @@entity_expansion_limit
-+    end
-+
-+    attr_reader :entity_expansion_count
-+
-+    def record_entity_expansion
-+      @entity_expansion_count += 1
-+      if @entity_expansion_count > @@entity_expansion_limit
-+        raise "number of entity expansions exceeded, processing aborted."
-+      end
-+    end
-+
- 		private
- 		def build( source )
-       Parsers::TreeParser.new( source, self ).parse
-diff -pruN ruby-1.8.6-p287.orig/lib/rexml/entity.rb ruby-1.8.6-p287/lib/rexml/entity.rb
---- ruby-1.8.6-p287.orig/lib/rexml/entity.rb	2007-07-28 11:46:08.000000000 +0900
-+++ ruby-1.8.6-p287/lib/rexml/entity.rb	2008-10-08 22:25:14.000000000 +0900
-@@ -73,6 +73,7 @@ module REXML
- 		# all entities -- both %ent; and &ent; entities.  This differs from
- 		# +value()+ in that +value+ only replaces %ent; entities.
- 		def unnormalized
-+      document.record_entity_expansion unless document.nil?
- 			v = value()
- 			return nil if v.nil?
- 			@unnormalized = Text::unnormalize(v, parent)
-diff -pruN ruby-1.8.6-p287.orig/test/rexml/test_document.rb ruby-1.8.6-p287/test/rexml/test_document.rb
---- ruby-1.8.6-p287.orig/test/rexml/test_document.rb	1970-01-01 09:00:00.000000000 +0900
-+++ ruby-1.8.6-p287/test/rexml/test_document.rb	2008-10-08 22:25:14.000000000 +0900
-@@ -0,0 +1,42 @@
-+require "rexml/document"
-+require "test/unit"
-+
-+class REXML::TestDocument < Test::Unit::TestCase
-+  def test_new
-+    doc = REXML::Document.new(<<EOF)
-+<?xml version="1.0" encoding="UTF-8"?>
-+<message>Hello world!</message>
-+EOF
-+    assert_equal("Hello world!", doc.root.children.first.value)
-+  end
-+
-+  XML_WITH_NESTED_ENTITY = <<EOF
-+<?xml version="1.0" encoding="UTF-8"?>
-+<!DOCTYPE member [
-+  <!ENTITY a "&b;&b;&b;&b;&b;&b;&b;&b;&b;&b;">
-+  <!ENTITY b "&c;&c;&c;&c;&c;&c;&c;&c;&c;&c;">
-+  <!ENTITY c "&d;&d;&d;&d;&d;&d;&d;&d;&d;&d;">
-+  <!ENTITY d "&e;&e;&e;&e;&e;&e;&e;&e;&e;&e;">
-+  <!ENTITY e "&f;&f;&f;&f;&f;&f;&f;&f;&f;&f;">
-+  <!ENTITY f "&g;&g;&g;&g;&g;&g;&g;&g;&g;&g;">
-+  <!ENTITY g "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
-+]>
-+<member>
-+&a;
-+</member>
-+EOF
-+
-+  def test_entity_expansion_limit
-+    doc = REXML::Document.new(XML_WITH_NESTED_ENTITY)
-+    assert_raise(RuntimeError) do
-+      doc.root.children.first.value
-+    end
-+    REXML::Document.entity_expansion_limit = 100
-+    assert_equal(100, REXML::Document.entity_expansion_limit)
-+    doc = REXML::Document.new(XML_WITH_NESTED_ENTITY)
-+    assert_raise(RuntimeError) do
-+      doc.root.children.first.value
-+    end
-+    assert_equal(101, doc.entity_expansion_count)
-+  end
-+end

ruby-1.8.6-simplify-openssl-digest.patch

@@ -0,0 +1,373 @@
+Mon Feb 25 17:30:29 2008  Technorama Ltd.  <oss-ruby@technorama.net>
+	* ext/openssl/digest.c ext/openssl/lib/openssl/digest.rb:
+	  Commit patch #9280 from Akinori MUSHA.
+	  Simplify the OpenSSL::Digest class and make use of the
+	  existing Digest framework.
+	  Enhance performance.
+
+Thu Apr  5 14:58:49 2007  Technorama Ltd. <oss-ruby@technorama.net>
+	* ext/openssl/ossl_pkcs5.c: New module.
+
+	* ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c:
+	  Remove redundant module namespace.
+
+	* ext/openssl/lib/openssl/{cipher,digest}.rb
+	  Add backwards compatibile classes for rearranged classes.
+
+	* ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation.
+
+Index: ruby_1_8/ext/openssl/lib/openssl/digest.rb
+===================================================================
+--- ruby_1_8/ext/openssl/lib/openssl/digest.rb	(revision 11708)
++++ ruby_1_8/ext/openssl/lib/openssl/digest.rb	(revision 15600)
+@@ -19,13 +19,17 @@
+ #require 'openssl'
+ 
+ module OpenSSL
+-  module Digest
++  class Digest
+ 
+     alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
+     if OPENSSL_VERSION_NUMBER > 0x00908000
+       alg += %w(SHA224 SHA256 SHA384 SHA512)
+     end
+ 
++    def self.digest(name, data)
++        super(data, name)
++    end
++
+     alg.each{|name|
+       klass = Class.new(Digest){
+         define_method(:initialize){|*data|
+@@ -44,6 +48,14 @@
+       const_set(name, klass)
+     }
+ 
++    # This class is only provided for backwards compatibility.  Use OpenSSL::Digest in the future.
++    class Digest < Digest
++      def initialize(*args)
++        # add warning
++        super(*args)
++      end
++    end
++
+   end # Digest
+ end # OpenSSL
+ 
+Index: ruby_1_8/ext/openssl/ossl_digest.c
+===================================================================
+--- ruby_1_8/ext/openssl/ossl_digest.c	(revision 11708)
++++ ruby_1_8/ext/openssl/ossl_digest.c	(revision 15600)
+@@ -24,7 +24,6 @@
+ /*
+  * Classes
+  */
+-VALUE mDigest;
+ VALUE cDigest;
+ VALUE eDigestError;
+ 
+@@ -36,11 +35,23 @@
+ const EVP_MD *
+ GetDigestPtr(VALUE obj)
+ {
+-    EVP_MD_CTX *ctx;
++    const EVP_MD *md;
+ 
+-    SafeGetDigest(obj, ctx);
++    if (TYPE(obj) == T_STRING) {
++    	const char *name = STR2CSTR(obj);
+ 
+-    return EVP_MD_CTX_md(ctx); /*== ctx->digest*/
++        md = EVP_get_digestbyname(name);
++        if (!md)
++            ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name);
++    } else {
++        EVP_MD_CTX *ctx;
++
++        SafeGetDigest(obj, ctx);
++
++        md = EVP_MD_CTX_md(ctx);
++    }
++
++    return md;
+ }
+ 
+ VALUE
+@@ -51,7 +62,6 @@
+ 
+     ret = ossl_digest_alloc(cDigest);
+     GetDigest(ret, ctx);
+-    EVP_MD_CTX_init(ctx);
+     EVP_DigestInit_ex(ctx, md, NULL);
+    
+     return ret;
+@@ -69,14 +79,18 @@
+     ctx = EVP_MD_CTX_create();
+     if (ctx == NULL)
+ 	ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed");
+-    EVP_MD_CTX_init(ctx);
+     obj = Data_Wrap_Struct(klass, 0, EVP_MD_CTX_destroy, ctx);
+-	
++
+     return obj;
+ }
+ 
+ VALUE ossl_digest_update(VALUE, VALUE);
+ 
++/*
++ *  call-seq:
++ *     Digest.new(string) -> digest
++ *
++ */
+ static VALUE
+ ossl_digest_initialize(int argc, VALUE *argv, VALUE self)
+ {
+@@ -86,14 +100,9 @@
+     VALUE type, data;
+ 
+     rb_scan_args(argc, argv, "11", &type, &data);
+-    StringValue(type);
++    md = GetDigestPtr(type);
+     if (!NIL_P(data)) StringValue(data);
+-    name = StringValuePtr(type);
+-    
+-    md = EVP_get_digestbyname(name);
+-    if (!md) {
+-	ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name);
+-    }
++
+     GetDigest(self, ctx);
+     EVP_DigestInit_ex(ctx, md, NULL);
+     
+@@ -118,6 +127,11 @@
+     return self;
+ }
+ 
++/*
++ *  call-seq:
++ *     digest.reset -> self
++ *
++ */
+ static VALUE
+ ossl_digest_reset(VALUE self)
+ {
+@@ -129,6 +143,11 @@
+     return self;
+ }
+ 
++/*
++ *  call-seq:
++ *     digest.update(string) -> aString
++ *
++ */
+ VALUE
+ ossl_digest_update(VALUE self, VALUE data)
+ {
+@@ -136,126 +155,77 @@
+ 
+     StringValue(data);
+     GetDigest(self, ctx);
+-    EVP_DigestUpdate(ctx, RSTRING(data)->ptr, RSTRING(data)->len);
++    EVP_DigestUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data));
+ 
+     return self;
+ }
+ 
+-static void
+-digest_final(EVP_MD_CTX *ctx, char **buf, int *buf_len)
+-{
+-    EVP_MD_CTX final;
+-
+-    if (!EVP_MD_CTX_copy(&final, ctx)) {
+-	ossl_raise(eDigestError, NULL);
+-    }
+-    if (!(*buf = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) {
+-	EVP_MD_CTX_cleanup(&final);
+-	ossl_raise(eDigestError, "Cannot allocate mem for digest");
+-    }
+-    EVP_DigestFinal_ex(&final, *buf, buf_len);
+-    EVP_MD_CTX_cleanup(&final);
+-}
+-
++/*
++ *  call-seq:
++ *      digest.finish -> aString
++ *
++ */
+ static VALUE
+-ossl_digest_digest(VALUE self)
++ossl_digest_finish(int argc, VALUE *argv, VALUE self)
+ {
+     EVP_MD_CTX *ctx;
+-    char *buf;
+-    int buf_len;
+-    VALUE digest;
+-	
+-    GetDigest(self, ctx);
+-    digest_final(ctx, &buf, &buf_len);
+-    digest = ossl_buf2str(buf, buf_len);
+-	
+-    return digest;
+-}
++    VALUE str;
+ 
+-static VALUE
+-ossl_digest_hexdigest(VALUE self)
+-{
+-    EVP_MD_CTX *ctx;
+-    char *buf, *hexbuf;
+-    int buf_len;
+-    VALUE hexdigest;
++    rb_scan_args(argc, argv, "01", &str);
+ 
+     GetDigest(self, ctx);
+-    digest_final(ctx, &buf, &buf_len);
+-    if (string2hex(buf, buf_len, &hexbuf, NULL) != 2 * buf_len) {
+-	OPENSSL_free(buf);
+-	ossl_raise(eDigestError, "Memory alloc error");
++
++    if (NIL_P(str)) {
++        str = rb_str_new(NULL, EVP_MD_CTX_size(ctx));
++    } else {
++        StringValue(str);
++        rb_str_resize(str, EVP_MD_CTX_size(ctx));
+     }
+-    OPENSSL_free(buf);
+-    hexdigest = ossl_buf2str(hexbuf, 2 * buf_len);
+ 
+-    return hexdigest;
+-}
++    EVP_DigestFinal_ex(ctx, RSTRING_PTR(str), NULL);
+ 
+-static VALUE
+-ossl_digest_s_digest(VALUE klass, VALUE str, VALUE data)
+-{
+-    VALUE obj = rb_class_new_instance(1, &str, klass);
+-
+-    ossl_digest_update(obj, data);
+-
+-    return ossl_digest_digest(obj);
++    return str;
+ }
+ 
++/*
++ *  call-seq:
++ *      digest.name -> string
++ *
++ */
+ static VALUE
+-ossl_digest_s_hexdigest(VALUE klass, VALUE str, VALUE data)
++ossl_digest_name(VALUE self)
+ {
+-    VALUE obj = rb_class_new_instance(1, &str, klass);
+-
+-    ossl_digest_update(obj, data);
+-
+-    return ossl_digest_hexdigest(obj);
+-}
+-
+-static VALUE
+-ossl_digest_equal(VALUE self, VALUE other)
+-{
+     EVP_MD_CTX *ctx;
+-    VALUE str1, str2;
+ 
+-    if (rb_obj_is_kind_of(other, cDigest) == Qtrue) {
+-	str2 = ossl_digest_digest(other);
+-    } else {
+-	StringValue(other);
+-	str2 = other;
+-    }
+     GetDigest(self, ctx);
+-    if (RSTRING(str2)->len == EVP_MD_CTX_size(ctx)) {
+-	str1 = ossl_digest_digest(self);
+-    } else {
+-	str1 = ossl_digest_hexdigest(self);
+-    }
+-    if (RSTRING(str1)->len == RSTRING(str2)->len
+-	&& rb_str_cmp(str1, str2) == 0) {
+-	return Qtrue;
+-    }
+ 
+-    return Qfalse;
++    return rb_str_new2(EVP_MD_name(EVP_MD_CTX_md(ctx)));
+ }
+ 
++/*
++ *  call-seq:
++ *      digest.digest_size -> integer
++ *
++ *  Returns the output size of the digest.
++ */
+ static VALUE
+-ossl_digest_name(VALUE self)
++ossl_digest_size(VALUE self)
+ {
+     EVP_MD_CTX *ctx;
+ 
+     GetDigest(self, ctx);
+ 
+-    return rb_str_new2(EVP_MD_name(EVP_MD_CTX_md(ctx)));
++    return INT2NUM(EVP_MD_CTX_size(ctx));
+ }
+ 
+ static VALUE
+-ossl_digest_size(VALUE self)
++ossl_digest_block_length(VALUE self)
+ {
+     EVP_MD_CTX *ctx;
+ 
+     GetDigest(self, ctx);
+ 
+-    return INT2NUM(EVP_MD_CTX_size(ctx));
++    return INT2NUM(EVP_MD_CTX_block_size(ctx));
+ }
+ 
+ /*
+@@ -264,31 +234,26 @@
+ void
+ Init_ossl_digest()
+ {
+-    mDigest = rb_define_module_under(mOSSL, "Digest");
++    rb_require("openssl");
++    rb_require("digest");
++
++#if 0 /* let rdoc know about mOSSL */
++    mOSSL = rb_define_module("OpenSSL");
++#endif
++
++    cDigest = rb_define_class_under(mOSSL, "Digest", rb_path2class("Digest::Class"));
++    eDigestError = rb_define_class_under(cDigest, "DigestError", eOSSLError);
+ 	
+-    eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError);
+-	
+-    cDigest = rb_define_class_under(mDigest, "Digest", rb_cObject);
+-	
+     rb_define_alloc_func(cDigest, ossl_digest_alloc);
+-    rb_define_singleton_method(cDigest, "digest", ossl_digest_s_digest, 2);
+-    rb_define_singleton_method(cDigest, "hexdigest", ossl_digest_s_hexdigest, 2);
+-	
++
+     rb_define_method(cDigest, "initialize", ossl_digest_initialize, -1);
+-    rb_define_method(cDigest, "reset", ossl_digest_reset, 0);
+-    
+     rb_define_copy_func(cDigest, ossl_digest_copy);
+-    
+-    rb_define_method(cDigest, "digest", ossl_digest_digest, 0);
+-    rb_define_method(cDigest, "hexdigest", ossl_digest_hexdigest, 0);
+-    rb_define_alias(cDigest, "inspect", "hexdigest");
+-    rb_define_alias(cDigest, "to_s", "hexdigest");
+-    
++    rb_define_method(cDigest, "reset", ossl_digest_reset, 0);
+     rb_define_method(cDigest, "update", ossl_digest_update, 1);
+     rb_define_alias(cDigest, "<<", "update");
+-    
+-    rb_define_method(cDigest, "==", ossl_digest_equal, 1);
+-    
++    rb_define_private_method(cDigest, "finish", ossl_digest_finish, -1);
++    rb_define_method(cDigest, "digest_length", ossl_digest_size, 0);
++    rb_define_method(cDigest, "block_length", ossl_digest_block_length, 0);
++
+     rb_define_method(cDigest, "name", ossl_digest_name, 0);
+-    rb_define_method(cDigest, "size", ossl_digest_size, 0);
+ }

ruby-1.8.6.x-CVE-2010-0541.patch

@@ -0,0 +1,22 @@
+commit 11183a22ef3998b9e822bb9322e49b8d6838aa81
+Author: wyhaines <wyhaines@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date:   Tue Aug 17 18:36:29 2010 +0000
+
+    lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information.
+    
+    
+    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@29026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+
+diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
+index 62156b1..48fe4b0 100644
+--- a/lib/webrick/httpresponse.rb
++++ b/lib/webrick/httpresponse.rb
+@@ -209,7 +209,7 @@ module WEBrick
+         @keep_alive = false
+         self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR
+       end
+-      @header['content-type'] = "text/html"
++      @header['content-type'] = "text/html; charset=ISO-8859-1"
+ 
+       if respond_to?(:create_error_page)
+         create_error_page()

ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch

@@ -0,0 +1,65 @@
+Sat Apr 19 18:42:04 2008  Akinori MUSHA  <knu@iDaemons.org>
+
+	* intern.h, hash.c (rb_hash_lookup): New internal function to
+	  check if a key exists in a hash, ignoring #default; backported
+	  from 1.9.
+
+Thu Aug 30 08:24:18 2007  Tanaka Akira  <akr@fsij.org>
+
+	* ruby.h (RHASH_TBL): defined for compatibility to 1.9.
+	* (RHASH_ITER_LEV): ditto.
+	* (RHASH_IFNONE): ditto.
+	* (RHASH_SIZE): ditto.
+	* (RHASH_EMPTY_P): ditto.
+
+Index: ruby_1_8/ruby.h
+===================================================================
+--- ruby_1_8/ruby.h	(revision 13310)
++++ ruby_1_8/ruby.h	(revision 13311)
+@@ -374,6 +374,11 @@
+     int iter_lev;
+     VALUE ifnone;
+ };
++#define RHASH_TBL(h) (RHASH(h)->tbl)
++#define RHASH_ITER_LEV(h) (RHASH(h)->iter_lev)
++#define RHASH_IFNONE(h) (RHASH(h)->ifnone)
++#define RHASH_SIZE(h) (RHASH(h)->tbl->num_entries)
++#define RHASH_EMPTY_P(h) (RHASH_SIZE(h) == 0)
+ 
+ struct RFile {
+     struct RBasic basic;
+Index: ruby_1_8/hash.c
+===================================================================
+--- ruby_1_8/hash.c	(revision 16077)
++++ ruby_1_8/hash.c	(revision 16078)
+@@ -454,6 +454,18 @@
+     return val;
+ }
+ 
++VALUE
++rb_hash_lookup(hash, key)
++    VALUE hash, key;
++{
++    VALUE val;
++
++    if (!st_lookup(RHASH(hash)->tbl, key, &val)) {
++	return Qnil; /* without Hash#default */
++    }
++    return val;
++}
++
+ /*
+  *  call-seq:
+  *     hsh.fetch(key [, default] )       => obj
+Index: ruby_1_8/intern.h
+===================================================================
+--- ruby_1_8/intern.h	(revision 16077)
++++ ruby_1_8/intern.h	(revision 16078)
+@@ -270,6 +270,7 @@
+ VALUE rb_hash_new _((void));
+ VALUE rb_hash_freeze _((VALUE));
+ VALUE rb_hash_aref _((VALUE, VALUE));
++VALUE rb_hash_lookup _((VALUE, VALUE));
+ VALUE rb_hash_aset _((VALUE, VALUE, VALUE));
+ VALUE rb_hash_delete_if _((VALUE));
+ VALUE rb_hash_delete _((VALUE,VALUE));

ruby-1.8.x-ext_tk-flatten-level-revert.patch

@@ -0,0 +1,58 @@
+Index: ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb
+===================================================================
+--- ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb	(revision 27738)
++++ ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb	(working copy)
+@@ -39,7 +39,23 @@
+     end
+     fail ArgumentError, 'no widget is given' if args.empty?
+     params = []
+-    args.flatten(1).each{|win| params.push(_epath(win))}
++
++    #args.flatten(1).each{|win| params.push(_epath(win))}
++    #
++    # flatten(level) is ruby >=1.8.7 feature, substituting
++    #
++    args_flatten_one = []
++    args.each {|args1|
++      if args1.is_a? Array then
++        args1.each {|args2|
++          args_flatten_one << args2
++        }
++      else
++        args_flatten_one << args1
++      end
++    }
++    args_flatten_one.each{|win| params.push(_epath(win))}
++
+     opts.each{|k, v|
+       params.push("-#{k}")
+       params.push(_epath(v))  # have to use 'epath' (hash_kv() is unavailable)
+Index: ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb
+===================================================================
+--- ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb	(revision 27738)
++++ ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb	(working copy)
+@@ -63,7 +63,23 @@
+     end
+     fail ArgumentError, 'no widget is given' if args.empty?
+     params = []
+-    args.flatten(1).each{|win|
++
++    #args.flatten(1).each{|win|
++    #
++    # flatten(level) is ruby >=1.8.7 feature, substituting
++    #
++
++    args_flatten_one = []
++    args.each {|args1|
++      if args1.is_a? Array then
++        args1.each {|args2|
++          args_flatten_one << args2
++        }
++      else
++        args_flatten_one << args1
++      end
++    }
++    args_flatten_one.each{|win|
+       case win
+       when '-', ?-              # RELATIVE PLACEMENT (increase columnspan)
+         params.push('-')

ruby-1.8.x-null-class-must-be-Qnil.patch

@@ -0,0 +1,21 @@
+Sun Mar  1 03:04:19 2009  Akinori MUSHA  <knu@iDaemons.org>
+
+	* class.c (rb_singleton_class_clone): Qnil must be used for a null
+	  class reference when we use NIL_P() to check class reference
+	  validity.  The bug was exposed by the spec test of Sequel.
+
+	* eval.c (ruby_init): Use NEW_CREF().
+
+Index: ruby_1_8/class.c
+===================================================================
+--- ruby_1_8/class.c	(revision 22678)
++++ ruby_1_8/class.c	(revision 22679)
+@@ -153,7 +153,7 @@
+ 		data.klass = obj;
+ 		break;
+ 	      default:
+-		data.klass = 0;
++		data.klass = Qnil;
+ 		break;
+ 	    }
+ 

ruby-1.8head-irb-save-history.patch

@@ -0,0 +1,111 @@
+Thu Jul 23 15:04:20 2009  Keiju Ishitsuka  <keiju@ruby-lang.org>
+
+ruby* lib/irb.rb, lib/irb/init.rb, lib/irb/ext/save-history.rb: add
+ruby  IRB::irb_at_exit. no use finalizer saving history. [ruby-dev-38563]
+
+Index: lib/irb/ext/save-history.rb
+===================================================================
+--- lib/irb/ext/save-history.rb	(revision 24225)
++++ lib/irb/ext/save-history.rb	(revision 24254)
+@@ -50,23 +50,24 @@
+   module HistorySavingAbility
+     include Readline
+ 
+-    def HistorySavingAbility.create_finalizer
+-      proc do
+-	if num = IRB.conf[:SAVE_HISTORY] and (num = num.to_i) > 0
+-	  if hf = IRB.conf[:HISTORY_FILE]
+-	    file = File.expand_path(hf)
+-	  end
+-	  file = IRB.rc_file("_history") unless file
+-	  open(file, 'w' ) do |f|
+-	    hist = HISTORY.to_a
+-	    f.puts(hist[-num..-1] || hist)
+-	  end
+-	end
+-      end
+-    end
++#     def HistorySavingAbility.create_finalizer
++#       proc do
++# 	if num = IRB.conf[:SAVE_HISTORY] and (num = num.to_i) > 0
++# 	  if hf = IRB.conf[:HISTORY_FILE]
++# 	    file = File.expand_path(hf)
++# 	  end
++# 	  file = IRB.rc_file("_history") unless file
++# 	  open(file, 'w' ) do |f|
++# 	    hist = HISTORY.to_a
++# 	    f.puts(hist[-num..-1] || hist)
++# 	  end
++# 	end
++#       end
++#     end
+ 
+     def HistorySavingAbility.extended(obj)
+-      ObjectSpace.define_finalizer(obj, HistorySavingAbility.create_finalizer)
++#      ObjectSpace.define_finalizer(obj, HistorySavingAbility.create_finalizer)
++      IRB.conf[:AT_EXIT].push proc{obj.save_history}
+       obj.load_history
+       obj
+     end
+@@ -80,6 +81,19 @@
+ 	end
+       end
+     end
++
++    def save_history
++      if num = IRB.conf[:SAVE_HISTORY] and (num = num.to_i) > 0
++	if history_file = IRB.conf[:HISTORY_FILE]
++	  history_file = File.expand_path(history_file)
++	end
++	history_file = IRB.rc_file("_history") unless history_file
++	open(history_file, 'w' ) do |f|
++	  hist = HISTORY.to_a
++	  f.puts(hist[-num..-1] || hist)
++	end
++      end
++    end
+   end
+ end
+ 
+Index: lib/irb/init.rb
+===================================================================
+--- lib/irb/init.rb	(revision 24225)
++++ lib/irb/init.rb	(revision 24254)
+@@ -114,6 +114,8 @@
+ #    @CONF[:LC_MESSAGES] = "en"
+     @CONF[:LC_MESSAGES] = Locale.new
+     
++    @CONF[:AT_EXIT] = []
++    
+     @CONF[:DEBUG_LEVEL] = 1
+   end
+ 
+Index: lib/irb.rb
+===================================================================
+--- lib/irb.rb	(revision 24225)
++++ lib/irb.rb	(revision 24254)
+@@ -65,13 +65,21 @@
+     trap("SIGINT") do
+       irb.signal_handle
+     end
+-    
+-    catch(:IRB_EXIT) do
+-      irb.eval_input
++
++    begin
++      catch(:IRB_EXIT) do
++	irb.eval_input
++      end
++    ensure
++      irb_at_exit
+     end
+ #    print "\n"
+   end
+ 
++  def IRB.irb_at_exit
++    @CONF[:AT_EXIT].each{|hook| hook.call}
++  end
++
+   def IRB.irb_exit(irb, ret)
+     throw :IRB_EXIT, ret
+   end

ruby.spec

@@ -1,6 +1,6 @@
 %define	rubyxver	1.8
 %define	rubyver		1.8.6
-%define _patchlevel	369
+%define _patchlevel	399
 %define dotpatchlevel	%{?_patchlevel:.%{_patchlevel}}
 %define patchlevel	%{?_patchlevel:-p%{_patchlevel}}
 %define	arcver		%{rubyver}%{?patchlevel}
@@ -10,22 +10,26 @@
 %define	sitedir2	%{_prefix}/lib/ruby/site_ruby
 %define	_normalized_cpu	%(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`)
 
+%define       tk_using_svn_number  27738
+
 # emacs sitelisp directory
 %{!?_emacs_sitelispdir: %global _emacs_sitelispdir %{_datadir}/emacs/site-lisp}
 %{!?_emacs_sitestartdir: %global _emacs_sitestartdir %{_datadir}/emacs/site-lisp/site-start.d}
 
 Name:		ruby
 Version:	%{rubyver}%{?dotpatchlevel}
-Release:	3%{?dist}
+Release:	6%{?dist}
 License:	Ruby or GPLv2
 URL:		http://www.ruby-lang.org/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-%if 0%{?fedora} >= 12
+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
 BuildRequires:  compat-readline5-devel
 %else
 BuildRequires:	readline readline-devel
 %endif
 BuildRequires:  ncurses ncurses-devel gdbm gdbm-devel glibc-devel tcl-devel tk-devel libX11-devel autoconf gcc unzip openssl-devel db4-devel byacc
+# Use bison to recreate parse.c (ref: bug 530275 comment 4)
+BuildRequires:	bison
 BuildRequires:	emacs
 
 Source0:	ftp://ftp.ruby-lang.org/pub/%{name}/%{rubyxver}/%{name}-%{arcver}.tar.bz2
@@ -37,19 +41,62 @@ Source2:	ftp://ftp.ruby-lang.org/pub/%{name}/doc/rubyfaq-990927.tar.gz
 Source3:	ftp://ftp.ruby-lang.org/pub/%{name}/doc/rubyfaq-jp-990927.tar.gz
 Source4:	irb.1
 Source10:	ruby-mode-init.el
+#
+# Source100: contains ext/tk directory of the head of ruby_1_8 branch
+# i.e. http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8
+# see bug 560053, 590503, and
+# http://lists.fedoraproject.org/pipermail/ruby-sig/2010-May/000096.html
+Source100:      ruby-1.8-rev%{tk_using_svn_number}_trunk-ext_tk.tar.gz
 
+# Patch1 - Patch23 are Fedora specific
 Patch1:		ruby-deadcode.patch
-Patch20:	ruby-rubyprefix.patch
+Patch20:	ruby-1.8.6-p383-rubyprefix.patch
 Patch21:	ruby-deprecated-sitelib-search-path.patch
 Patch22:	ruby-deprecated-search-path.patch
 Patch23:	ruby-multilib.patch
 # Needed in 1.8.6-p287, no longer needed in 1.8.6-p368?
 #Patch25:	ruby-1.8.6.111-gcc43.patch
-Patch26:        ruby-1.8.6-rexml-CVE-2008-3790.patch
+# ruby_1_8 branch rev 19320, 20121, bug 460134
+# Included in 1.8.6 p368
+#Patch26:        ruby-1.8.6-rexml-CVE-2008-3790.patch
+# Patch27, 28 could not be found in the upstream VCS
+# Need checking??
 Patch27:        ruby-1.8.6-p287-CVE-2008-5189.patch
 Patch28:        ruby-1.8.6-p287-remove-ssl-rand-range.patch
+# Fedora specific
+# Change the directory of sitearchdir from i?86 to i386 for upgrade path
 Patch29:	ruby-always-use-i386.patch
+# By Tomas Mraz, "seems" already in ruby_1_8 branch head
+# (but have not checked yet in detail)
 Patch30:	ruby-openssl-1.0.patch
+# bug 528787, patch from in ruby_1_8 branch
+Patch31:	ruby-1.8.6-p369-ri-gem_multipath.patch
+# bug 518584, ruby issue 1556, patch from ruby_1_8??? branch
+Patch32:	ruby-1.8head-irb-save-history.patch
+# bug 428384, Fedora specific, however needed for Fedora's static
+# archive policy
+Patch33:	ruby-1.8.6-p383-mkmf-use-shared.patch
+# bug 559158, Simplify the OpenSSL::Digest class
+# Applying Patch34 needs reversing Patch39 part
+Patch34:	ruby-1.8.6-simplify-openssl-digest.patch
+# bug 580993, patch from ruby_1_8_7 branch
+Patch35:	ruby_1_8_7-gc-open4_096segv.patch
+#
+# Patch36, 37: needed to use the head of ext/tk directory of ruby_1_8 branch head
+# Patch36: taken from ruby_1_8 branch, RHASH_SIZE definition is needed
+# for ruby_1_8 head ext/tk
+# With this change, rb_hash_lookup becomes also needed for rubygem-nokogiri
+# (bug 592936)
+Patch36:        ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch
+# Patch37: flatten(level) feature is in >= 1.8.7, reverting
+Patch37:        ruby-1.8.x-ext_tk-flatten-level-revert.patch
+# From ruby_1_8 branch: bz 530407
+# bz 530407 reproducible with 1.8.7p174, not with 1.8.7p249
+Patch38:        ruby-1.8.x-null-class-must-be-Qnil.patch
+# Once revert this patch to apply Patch34 cleanly
+Patch39:        ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch
+# From upstream ruby_1_8_6 branch: Patch for CVE-2010-0541
+Patch40:        ruby-1.8.6.x-CVE-2010-0541.patch
 
 Summary:	An interpreter of object-oriented scripting language
 Group:		Development/Languages
@@ -80,12 +127,20 @@ This package includes the libruby, necessary to run Ruby.
 Summary:	A Ruby development environment
 Group:		Development/Languages
 Requires:	%{name}-libs = %{version}-%{release}
-Provides:	%{name}-libs-static = %{version}-%{release}
+#Provides:	%{name}-libs-static = %{version}-%{release}
 
 %description devel
 Header files and libraries for building a extension library for the
 Ruby or an application embedded Ruby.
 
+%package static
+Summary:	Static libraries for Ruby development environment
+Group:		Development/Languages
+Requires:	%{name}-devel = %{version}-%{release}
+
+%description static
+Static libraries for for building a extension library for the
+Ruby or an application embedded Ruby.
 
 %package tcltk
 Summary:	Tcl/Tk interface for scripting language Ruby
@@ -161,12 +216,19 @@ along with a list of the methods the class or module implements.
 
 
 %prep
-%setup -q -c -a 2 -a 3
+%setup -q -c -a 2 -a 3 -a 100
 mkdir -p ruby-refm-ja
 pushd ruby-refm-ja
 tar fxz %{SOURCE1}
 popd
 pushd %{name}-%{arcver}
+
+( cd ext
+  mv tk .tk.old
+  cp -a ../../ruby-1.8-rev*/ext/tk tk
+  find tk -type d -name \.svn | sort -r | xargs rm -rf
+)
+
 %patch1 -p1
 %patch20 -p1
 %patch21 -p1
@@ -174,12 +236,23 @@ pushd %{name}-%{arcver}
 %patch22 -p1
 %patch23 -p1
 %endif
-#%patch25 -p1
-#%patch26 -p1
+#%%patch25 -p1
+#%%patch26 -p1
 %patch27 -p0
 %patch28 -p1
 %patch29 -p1
 %patch30 -p2
+%patch31 -p1
+%patch32 -p0
+%patch33 -p1
+# To apply patch34, patch39 part must once be reverted
+%patch39 -p1 -R
+%patch34 -p1
+%patch35 -p1
+%patch36 -p1
+%patch37 -p1
+%patch38 -p1
+%patch40 -p1
 popd
 
 %build
@@ -191,7 +264,10 @@ autoconf
 
 rb_cv_func_strtod=no
 export rb_cv_func_strtod
+
+# bug 489990
 CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+
 export CFLAGS
 %configure \
   --with-sitedir='%{sitedir}' \
@@ -204,12 +280,17 @@ export CFLAGS
   --enable-pthread \
   --with-lookup-order-hack=INET \
   --disable-rpath \
-%if 0%{?fedora} >= 12
+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
   --with-readline-include=%{_includedir}/readline5 \
   --with-readline-lib=%{_libdir}/readline5 \
 %endif
   --with-ruby-prefix=%{_prefix}/lib
 
+# For example ext/socket/extconf.rb uses try_run (for getaddrinfo test),
+# which executes conftest and setting LD_LIBRARY_PATH for libruby.so is
+# needed.
+export LD_LIBRARY_PATH=$(pwd)
+
 make RUBY_INSTALL_NAME=ruby %{?_smp_mflags} COPY="cp -p" %{?_smp_mflags}
 %ifarch ia64
 # Miscompilation? Buggy code?
@@ -323,6 +404,18 @@ for i in `find -type f ! -name "*.gif"`; do
     fi
 done
 
+# fix Japanese encoding strings for ruby-tcltk/ext/tk/sample/
+pushd ruby-tcltk/ext/tk/
+cd sample
+find . -path ./demos-jp/\*.rb -or -path ./tkoptdb\*.rb -or -path ./msgs_rb2/ja.msg | \
+    xargs sed -i -e 's|euc-jp|utf-8|'
+sed -i \
+    -e '/KCODE =/s|euc|utf-8|' -e 's|EUC-JP|UTF-8|' \
+    demos-jp/widget
+cd ..
+sed -i -e 's|EUC-JP|UTF-8|' README.1st
+popd
+
 # done
 cd ..
 
@@ -401,9 +494,13 @@ rm -rf $RPM_BUILD_ROOT
 %doc %{name}-%{arcver}/README.EXT
 %lang(ja) %doc %{name}-%{arcver}/README.EXT.ja
 %{_libdir}/libruby.so
-%{_libdir}/libruby-static.a
+#%%{_libdir}/libruby-static.a
 %{_libdir}/ruby/%{rubyxver}/*/*.h
 
+%files static
+%defattr(-, root, root, -)
+%{_libdir}/libruby-static.a
+
 %files libs
 %defattr(-, root, root, -)
 %doc %{name}-%{arcver}/README
@@ -546,6 +643,73 @@ rm -rf $RPM_BUILD_ROOT
 %{_emacs_sitestartdir}/ruby-mode-init.el
 
 %changelog
+* Mon Aug 23 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-6
+- Apply upstream patch for CVE-2010-0541 (bug 587731)
+
+* Wed May 19 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-5
+- Retry for bug 559158, Simplify the OpenSSL::Digest class
+  pull more change commits from ruby_1_8 branch
+
+* Mon May 17 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-4
+- Patch36 (ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch)
+  also backport rb_hash_lookup definition (bug 592936)
+
+* Thu May 13 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-3
+- ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407)
+- Recreate some patches using upstream svn when available, and
+  add some comments for patches
+
+* Tue May 11 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-2
+- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch
+  and instead completely replace with ruby_1_8 branch head
+  (at this time, using rev 27738)
+  (seems to fix 560053, 590503)
+- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/
+
+* Tue Apr 27 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.399-1
+- Update to 1.8.6 p 399 (bug 579675)
+- Patch to fix gc bug causing open4 crash (bug 580993)
+
+* Fri Mar 12 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.388-9
+- F-14: rebuild against new gdbm
+
+* Thu Jan 28 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp>
+- Once revert the previous change (patch34)
+
+* Wed Jan 27 2010 Jeroen van Meeuwen <j.van.meeuwen@ogd.nl> - 1.8.6.388-8
+- Backport openssl/digest functions providing digest and hexdigest functions
+  directly in OpenSSL::Digest.methods
+- Make sure that Red Hat people version their changelog entries
+- This is actually release #1, but now needs to be release #7
+
+* Mon Jan 18 2010 Akira TAGOH <tagoh@redhat.com> - 1.8.6.388-1
+- Add conditional for RHEL.
+
+* Wed Jan 13 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.383-6
+- CVE-2009-4492 ruby WEBrick log escape sequence (bug 554485)
+
+* Wed Dec  9 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.383-5
+- Change mkmf.rb to use LIBRUBYARG_SHARED so that have_library() works
+  without libruby-static.a (bug 428384)
+- And move libruby-static.a to -static subpackage
+
+* Thu Oct 29 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.383-4
+- Use bison to regenerate parse.c to keep the original format of error
+  messages (bug 530275 comment 4)
+
+* Sun Oct 25 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.383-3
+- Patch so that irb saves its history (bug 518584, ruby issue 1556)
+
+* Sat Oct 24 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.383-2
+- Update to 1.8.6 patchlevel 383 (bug 520063)
+
+* Wed Oct 14 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.369-5
+- Much better idea for Patch31 provided by Akira TAGOH <tagoh@redhat.com>
+
+* Wed Oct 14 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1.8.6.369-4
+- Fix the search path of ri command for ri manuals installed with gem
+  (bug 528787)
+
 * Wed Aug 26 2009 Tomas Mraz <tmraz@redhat.com> - 1.8.6.369-3
 - Rebuild against new openssl
 

ruby_1_8_7-gc-open4_096segv.patch

@@ -0,0 +1,351 @@
+Index: ruby_1_8_7/marshal.c
+===================================================================
+--- ruby_1_8_7/marshal.c	(revision 26075)
++++ ruby_1_8_7/marshal.c	(revision 26076)
+@@ -85,12 +85,10 @@
+ static ID s_getc, s_read, s_write, s_binmode;
+ 
+ struct dump_arg {
+-    VALUE obj;
+     VALUE str, dest;
+     st_table *symbols;
+     st_table *data;
+     int taint;
+-    VALUE wrapper;
+ };
+ 
+ struct dump_call_arg {
+@@ -104,22 +102,32 @@
+     struct dump_arg *arg;
+     ID sym;
+ {
+-    if (!DATA_PTR(arg->wrapper)) {
++    if (!arg->symbols) {
+         rb_raise(rb_eRuntimeError, "Marshal.dump reentered at %s",
+ 		 rb_id2name(sym));
+     }
+ }
+ 
++static void clear_dump_arg _((struct dump_arg *arg));
++
+ static void
+ mark_dump_arg(ptr)
+     void *ptr;
+ {
+     struct dump_arg *p = ptr;
+-    if (!ptr)
++    if (!p->symbols)
+         return;
+     rb_mark_set(p->data);
+ }
+ 
++static void
++free_dump_arg(ptr)
++    void *ptr;
++{
++    clear_dump_arg(ptr);
++    xfree(ptr);
++}
++
+ static VALUE
+ class2path(klass)
+     VALUE klass;
+@@ -699,32 +707,17 @@
+     }
+ }
+ 
+-static VALUE
+-dump(arg)
+-    struct dump_call_arg *arg;
+-{
+-    w_object(arg->obj, arg->arg, arg->limit);
+-    if (arg->arg->dest) {
+-	rb_io_write(arg->arg->dest, arg->arg->str);
+-	rb_str_resize(arg->arg->str, 0);
+-    }
+-    return 0;
+-}
+-
+-static VALUE
+-dump_ensure(arg)
++static void
++clear_dump_arg(arg)
+     struct dump_arg *arg;
+ {
+-    if (!DATA_PTR(arg->wrapper)) return 0;
++    if (!arg->symbols) return;
+     st_free_table(arg->symbols);
++    arg->symbols = 0;
+     st_free_table(arg->data);
+-    DATA_PTR(arg->wrapper) = 0;
+-    arg->wrapper = 0;
+     if (arg->taint) {
+ 	OBJ_TAINT(arg->str);
+     }
+-
+-    return 0;
+ }
+ 
+ /*
+@@ -760,8 +753,8 @@
+ {
+     VALUE obj, port, a1, a2;
+     int limit = -1;
+-    struct dump_arg arg;
+-    struct dump_call_arg c_arg;
++    struct dump_arg *arg;
++    VALUE wrapper;
+ 
+     port = Qnil;
+     rb_scan_args(argc, argv, "12", &obj, &a1, &a2);
+@@ -775,37 +768,40 @@
+ 	else if (NIL_P(a1)) goto type_error;
+ 	else port = a1;
+     }
+-    arg.dest = 0;
+-    arg.symbols = st_init_numtable();
+-    arg.data    = st_init_numtable();
+-    arg.taint   = Qfalse;
+-    arg.str = rb_str_buf_new(0);
+-    RBASIC(arg.str)->klass = 0;
+-    arg.wrapper = Data_Wrap_Struct(rb_cData, mark_dump_arg, 0, &arg);
++    wrapper = Data_Make_Struct(rb_cData, struct dump_arg, mark_dump_arg, free_dump_arg, arg);
++    arg->dest = 0;
++    arg->symbols = st_init_numtable();
++    arg->data    = st_init_numtable();
++    arg->taint   = Qfalse;
++    arg->str = rb_str_buf_new(0);
++    RBASIC(arg->str)->klass = 0;
+     if (!NIL_P(port)) {
+ 	if (!rb_respond_to(port, s_write)) {
+ 	  type_error:
+ 	    rb_raise(rb_eTypeError, "instance of IO needed");
+ 	}
+-	arg.dest = port;
++	arg->dest = port;
+ 	if (rb_respond_to(port, s_binmode)) {
+ 	    rb_funcall2(port, s_binmode, 0, 0);
+-	    check_dump_arg(&arg, s_binmode);
++	    check_dump_arg(arg, s_binmode);
+ 	}
+     }
+     else {
+-	port = arg.str;
++	port = arg->str;
+     }
+ 
+-    c_arg.obj   = obj;
+-    c_arg.arg   = &arg;
+-    c_arg.limit = limit;
++    w_byte(MARSHAL_MAJOR, arg);
++    w_byte(MARSHAL_MINOR, arg);
+ 
+-    w_byte(MARSHAL_MAJOR, &arg);
+-    w_byte(MARSHAL_MINOR, &arg);
++    w_object(obj, arg, limit);
++    if (arg->dest) {
++	rb_io_write(arg->dest, arg->str);
++	rb_str_resize(arg->str, 0);
++    }
+ 
+-    rb_ensure(dump, (VALUE)&c_arg, dump_ensure, (VALUE)&arg);
+-    RBASIC(arg.str)->klass = rb_cString;
++    RBASIC(arg->str)->klass = rb_cString;
++    clear_dump_arg(arg);
++    RB_GC_GUARD(wrapper);
+ 
+     return port;
+ }
+@@ -817,7 +813,6 @@
+     st_table *data;
+     VALUE proc;
+     int taint;
+-    VALUE wrapper;
+ };
+ 
+ static void
+@@ -825,22 +820,31 @@
+     struct load_arg *arg;
+     ID sym;
+ {
+-    if (!DATA_PTR(arg->wrapper)) {
++    if (!arg->symbols) {
+         rb_raise(rb_eRuntimeError, "Marshal.load reentered at %s",
+ 		 rb_id2name(sym));
+     }
+ }
+ 
++static void clear_load_arg _((struct load_arg *arg));
++
+ static void
+ mark_load_arg(ptr)
+     void *ptr;
+ {
+     struct load_arg *p = ptr;
+-    if (!ptr)
++    if (!p->symbols)
+         return;
+     rb_mark_tbl(p->data);
+ }
+ 
++static void
++free_load_arg(void *ptr)
++{
++    clear_load_arg(ptr);
++    xfree(ptr);
++}
++
+ static VALUE r_object _((struct load_arg *arg));
+ 
+ static int
+@@ -1415,23 +1419,14 @@
+     return r_object0(arg, arg->proc, 0, Qnil);
+ }
+ 
+-static VALUE
+-load(arg)
++static void
++clear_load_arg(arg)
+     struct load_arg *arg;
+ {
+-    return r_object(arg);
+-}
+-
+-static VALUE
+-load_ensure(arg)
+-    struct load_arg *arg;
+-{
+-    if (!DATA_PTR(arg->wrapper)) return 0;
++    if (!arg->symbols) return;
+     st_free_table(arg->symbols);
++    arg->symbols = 0;
+     st_free_table(arg->data);
+-    DATA_PTR(arg->wrapper) = 0;
+-    arg->wrapper = 0;
+-    return 0;
+ }
+ 
+ /*
+@@ -1451,35 +1446,37 @@
+     VALUE *argv;
+ {
+     VALUE port, proc;
+-    int major, minor;
+-    VALUE v;
+-    struct load_arg arg;
++    int major, minor, taint = Qfalse;
++    VALUE v, wrapper;
++    struct load_arg *arg;
+ 
+     rb_scan_args(argc, argv, "11", &port, &proc);
+     v = rb_check_string_type(port);
+     if (!NIL_P(v)) {
+-	arg.taint = OBJ_TAINTED(port); /* original taintedness */
++	taint = OBJ_TAINTED(port); /* original taintedness */
+ 	port = v;
+     }
+     else if (rb_respond_to(port, s_getc) && rb_respond_to(port, s_read)) {
+ 	if (rb_respond_to(port, s_binmode)) {
+ 	    rb_funcall2(port, s_binmode, 0, 0);
+ 	}
+-	arg.taint = Qtrue;
++	taint = Qtrue;
+     }
+     else {
+ 	rb_raise(rb_eTypeError, "instance of IO needed");
+     }
+-    arg.src = port;
+-    arg.offset = 0;
+-    arg.symbols = st_init_numtable();
+-    arg.data    = st_init_numtable();
+-    arg.proc = 0;
+-    arg.wrapper = Data_Wrap_Struct(rb_cData, mark_load_arg, 0, &arg);
++    wrapper = Data_Make_Struct(rb_cData, struct load_arg, mark_load_arg, free_load_arg, arg);
++    arg->src = port;
++    arg->offset = 0;
++    arg->symbols = st_init_numtable();
++    arg->data    = st_init_numtable();
++    arg->proc = 0;
++    arg->taint = taint;
+ 
+-    major = r_byte(&arg);
+-    minor = r_byte(&arg);
++    major = r_byte(arg);
++    minor = r_byte(arg);
+     if (major != MARSHAL_MAJOR || minor > MARSHAL_MINOR) {
++	clear_load_arg(arg);
+ 	rb_raise(rb_eTypeError, "incompatible marshal file format (can't be read)\n\
+ \tformat version %d.%d required; %d.%d given",
+ 		 MARSHAL_MAJOR, MARSHAL_MINOR, major, minor);
+@@ -1490,8 +1487,10 @@
+ 		MARSHAL_MAJOR, MARSHAL_MINOR, major, minor);
+     }
+ 
+-    if (!NIL_P(proc)) arg.proc = proc;
+-    v = rb_ensure(load, (VALUE)&arg, load_ensure, (VALUE)&arg);
++    if (!NIL_P(proc)) arg->proc = proc;
++    v = r_object(arg);
++    clear_load_arg(arg);
++    RB_GC_GUARD(wrapper);
+ 
+     return v;
+ }
+Index: ruby_1_8_7/test/ruby/test_marshal.rb
+===================================================================
+--- ruby_1_8_7/test/ruby/test_marshal.rb	(revision 26075)
++++ ruby_1_8_7/test/ruby/test_marshal.rb	(revision 26076)
+@@ -71,4 +71,41 @@
+     }
+     assert_equal("marshal data too short", e.message)
+   end
++
++  class DumpTest
++    def marshal_dump
++      loop { Thread.pass }
++    end
++  end
++
++  class LoadTest
++    def marshal_dump
++      nil
++    end
++    def marshal_load(obj)
++      loop { Thread.pass }
++    end
++  end
++
++  def test_context_switch
++    o = DumpTest.new
++    Thread.new { Marshal.dump(o) }
++    GC.start
++    assert(true, '[ruby-dev:39425]')
++
++    o = LoadTest.new
++    m = Marshal.dump(o)
++    Thread.new { Marshal.load(m) }
++    GC.start
++    assert(true, '[ruby-dev:39425]')
++  end
++
++  def test_taint
++    x = Object.new
++    x.taint
++    s = Marshal.dump(x)
++    assert_equal(true, s.tainted?)
++    y = Marshal.load(s)
++    assert_equal(true, y.tainted?)
++  end
+ end
+Index: ruby_1_8_7/ruby.h
+===================================================================
+--- ruby_1_8_7/ruby.h	(revision 16014)
++++ ruby_1_8_7/ruby.h	(revision 16015)
+@@ -224,6 +224,8 @@
+ 
+ #define TYPE(x) rb_type((VALUE)(x))
+ 
++#define RB_GC_GUARD(v) (*(volatile VALUE *)&(v))
++
+ void rb_check_type _((VALUE,int));
+ #define Check_Type(v,t) rb_check_type((VALUE)(v),t)
+ 

sources

@@ -1,4 +1,6 @@
+f26cefbc8ab6728650ab9ae773d22bcb  ruby-1.8.6-p388.tar.bz2
 b6dd396f513efeb7864685c840f9643a  ruby-refm-rdp-1.8.2-ja-html.tar.gz
 634c25b14e19925d10af3720d72e8741  rubyfaq-990927.tar.gz
 4fcec898f51d8371cc42d0a013940469  rubyfaq-jp-990927.tar.gz
-c3c1f3dd0dfbd2e17a04e59c2f12cfc8  ruby-1.8.6-p369.tar.bz2
+f77c307cb72fb8808b0e85af5d05cefc  ruby-1.8.6-p399.tar.bz2
+6a8313c73087513f24e52d8cee5b3804  ruby-1.8-rev27738_trunk-ext_tk.tar.gz