Update to Ruby 2.4.5.

%gemspec_add_file and %gemspec_remove_file.

config.h

@@ -1,61 +0,0 @@
-/*
- * This config.h is a wrapper include file for the original ruby/config.h,
- * which has been renamed to ruby/config-<arch>.h. There are conflicts for the
- * original ruby/config.h on multilib systems, which result from arch-specific
- * configuration options. Please do not use the arch-specific file directly.
- */
-
-/*
- * This wrapped is addpated from SDL's one:
- * http://pkgs.fedoraproject.org/cgit/SDL.git/tree/SDL_config.h
- */
-
-#ifdef ruby_config_wrapper_h
-#error "ruby_config_wrapper_h should not be defined!"
-#endif
-#define ruby_config_wrapper_h
-
-#if defined(__i386__)
-#include "ruby/config-i386.h"
-#elif defined(__ia64__)
-#include "ruby/config-ia64.h"
-#elif defined(__powerpc64__)
-#include <endian.h>
-#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
-#include "ruby/config-ppc64.h"
-#else
-#include "ruby/config-ppc64le.h"
-#endif
-#elif defined(__powerpc__)
-#include "ruby/config-ppc.h"
-#elif defined(__s390x__)
-#include "ruby/config-s390x.h"
-#elif defined(__s390__)
-#include "ruby/config-s390.h"
-#elif defined(__x86_64__)
-#include "ruby/config-x86_64.h"
-#elif defined(__arm__)
-#include "ruby/config-arm.h"
-#elif defined(__alpha__)
-#include "ruby/config-alpha.h"
-#elif defined(__sparc__) && defined (__arch64__)
-#include "ruby/config-sparc64.h"
-#elif defined(__sparc__)
-#include "ruby/config-sparc.h"
-#elif defined(__aarch64__)
-#include "ruby/config-aarch64.h"
-#elif defined(__mips64) && defined(__MIPSEL__)
-#include "ruby/config-mips64el.h"
-#elif defined(__mips64)
-#include "ruby/config-mips64.h"
-#elif defined(__mips) && defined(__MIPSEL__)
-#include "ruby/config-mipsel.h"
-#elif defined(__mips)
-#include "ruby/config-mips.h"
-#elif defined(__riscv64)
-#include "ruby/config-riscv64.h"
-#else
-#error "The ruby-devel package is not usable with the architecture."
-#endif
-
-#undef ruby_config_wrapper_h

macros.rubygems

@@ -42,8 +42,8 @@ gem install \\\
 }
 
 
-# The 'read' command in gemspec_add _depand gemspec_remove_dep macros is not
-# essential, but it is usefull to make the sript appear in build log.
+# The 'read' command in %%gemspec_* macros is not essential, but it is usefull
+# to make the sript appear in build log.
 
 
 # %gemspec_add_dep - Add dependency into .gemspec.
@@ -60,7 +60,7 @@ gem install \\\
 #
 %gemspec_add_dep(g:s:d) \
 read -d '' gemspec_add_dep_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:./%{gem_name}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
   \
   name = '%{-g*}' \
   requirements = %{*}%{!?1:nil} \
@@ -97,7 +97,7 @@ unset -v gemspec_add_dep_script \
 #
 %gemspec_remove_dep(g:s:d) \
 read -d '' gemspec_remove_dep_script << 'EOR' || : \
-  gemspec_file = '%{-s*}%{!?-s:./%{gem_name}.gemspec}' \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
   \
   name = '%{-g*}' \
   requirements = %{*}%{!?1:nil} \
@@ -128,3 +128,68 @@ EOR\
 echo "$gemspec_remove_dep_script" | ruby \
 unset -v gemspec_remove_dep_script \
 %{nil}
+
+
+# %%gemspec_add_file - Add files to various files lists in .gemspec.
+#
+# Usage: %%gemspec_add_file [options] <file>
+#
+# Add files to .gemspec file. <file> is expected to be valid Ruby code.
+# Path to file is expected. Does not check real files in any way.
+# By default, `files` list is edited.
+#
+# -s <gemspec_file>   Overrides the default .gemspec location.
+# -t                  Edit test_files only.
+# -r                  Edit extra_rdoc_files only.
+#
+%gemspec_add_file(s:tr) \
+read -d '' gemspec_add_file_script << 'EOR' || : \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  \
+  abort("gemspec_add_file: Use only one '-t' or '-r' at a time.") if "%{?-t}%{?-r}" == "-t-r" \
+  \
+  filenames = %{*}%{!?1:nil} \
+  filenames = Array(filenames) \
+  \
+  spec = Gem::Specification.load(gemspec_file) \
+  abort("#{gemspec_file} is not accessible.") unless spec \
+  \
+  spec.%{?-t:test_}%{?-r:extra_rdoc_}files += filenames \
+  File.write gemspec_file, spec.to_ruby \
+EOR\
+echo "$gemspec_add_file_script" | ruby \
+unset -v gemspec_add_file_script \
+%{nil}
+
+
+# %%gemspec_remove_file - Remove files from various files lists in .gemspec.
+#
+# Usage: %%gemspec_remove_file [options] <file>
+#
+# Remove files from .gemspec file. <file> is expected to be valid Ruby code.
+# Path to file is expected. Does not check/remove real files in any way.
+# By default, `files` list is edited. File has to be removed from `test_files`
+# first in order to be removable from `files`.
+#
+# -s <gemspec_file>   Overrides the default .gemspec location.
+# -t                  Edit test_files only.
+# -r                  Edit extra_rdoc_files only.
+#
+%gemspec_remove_file(s:tr) \
+read -d '' gemspec_remove_file_script << 'EOR' || : \
+  gemspec_file = '%{-s*}%{!?-s:%{_builddir}/%{gem_name}-%{version}.gemspec}' \
+  \
+  abort("gemspec_remove_file: Use only one '-t' or '-r' at a time.") if "%{?-t}%{?-r}" == "-t-r" \
+  \
+  filenames = %{*}%{!?1:nil} \
+  filenames = Array(filenames) \
+  \
+  spec = Gem::Specification.load(gemspec_file) \
+  abort("#{gemspec_file} is not accessible.") unless spec \
+  \
+  spec.%{?-t:test_}%{?-r:extra_rdoc_}files -= filenames \
+  File.write gemspec_file, spec.to_ruby \
+EOR\
+echo "$gemspec_remove_file_script" | ruby \
+unset -v gemspec_remove_file_script \
+%{nil}

ruby-1.9.3-mkmf-verbose.patch

@@ -11,7 +11,7 @@ diff --git a/lib/mkmf.rb b/lib/mkmf.rb
 index 682eb46..e6b1445 100644
 --- a/lib/mkmf.rb
 +++ b/lib/mkmf.rb
-@@ -1897,7 +1897,7 @@ def configuration(srcdir)
+@@ -1898,7 +1898,7 @@ def configuration(srcdir)
  SHELL = /bin/sh
  
  # V=0 quiet, V=1 verbose.  other values don't work.

ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch

@@ -39,7 +39,7 @@ diff --git a/configure.in b/configure.in
 index 0e371e2..d4f1dcb 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -4563,6 +4563,13 @@ AC_SUBST(rubyarchhdrdir)dnl
+@@ -4571,6 +4571,13 @@ AC_SUBST(rubyarchhdrdir)dnl
  AC_SUBST(sitearchhdrdir)dnl
  AC_SUBST(vendorarchhdrdir)dnl
  

ruby-2.1.0-Enable-configuration-of-archlibdir.patch

@@ -11,7 +11,7 @@ diff --git a/configure.in b/configure.in
 index 37d9a62..553d4d0 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -3823,6 +3823,11 @@ if test ${multiarch+set}; then
+@@ -3831,6 +3831,11 @@ if test ${multiarch+set}; then
  fi
  
  archlibdir='${libdir}/${arch}'

ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch

@@ -14,7 +14,7 @@ diff --git a/configure.in b/configure.in
 index db37cd6..ce8d149 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -4417,7 +4417,8 @@ AS_CASE(["$ruby_version_dir_name"],
+@@ -4425,7 +4425,8 @@ AS_CASE(["$ruby_version_dir_name"],
  ruby_version_dir=/'${ruby_version_dir_name}'
  
  if test -z "${ruby_version_dir_name}"; then

ruby-2.1.0-always-use-i386.patch

@@ -11,7 +11,7 @@ diff --git a/configure.in b/configure.in
 index 553d4d0..03a4152 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -4481,6 +4481,8 @@ AC_SUBST(vendorarchdir)dnl
+@@ -4489,6 +4489,8 @@ AC_SUBST(vendorarchdir)dnl
  AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
  AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl
  

ruby-2.1.0-custom-rubygems-location.patch

@@ -15,7 +15,7 @@ diff --git a/configure.in b/configure.in
 index 03a4152..0e371e2 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -4453,6 +4453,10 @@ AC_ARG_WITH(vendorarchdir,
+@@ -4461,6 +4461,10 @@ AC_ARG_WITH(vendorarchdir,
              [vendorarchdir=$withval],
              [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
  
@@ -26,7 +26,7 @@ index 03a4152..0e371e2 100644
  if test "${LOAD_RELATIVE+set}"; then
      AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
      RUBY_EXEC_PREFIX=''
-@@ -4477,6 +4481,7 @@ AC_SUBST(sitearchdir)dnl
+@@ -4485,6 +4489,7 @@ AC_SUBST(sitearchdir)dnl
  AC_SUBST(vendordir)dnl
  AC_SUBST(vendorlibdir)dnl
  AC_SUBST(vendorarchdir)dnl

ruby-2.3.0-ruby_version.patch

@@ -20,7 +20,7 @@ diff --git a/configure.in b/configure.in
 index db37cd6..6e73fae 100644
 --- a/configure.in
 +++ b/configure.in
-@@ -4368,9 +4368,6 @@ AS_CASE(["$target_os"],
+@@ -4376,9 +4376,6 @@ AS_CASE(["$target_os"],
      rubyw_install_name='$(RUBYW_INSTALL_NAME)'
      ])
  
@@ -30,7 +30,7 @@ index db37cd6..6e73fae 100644
  rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
  AC_ARG_WITH(rubyarchprefix,
  	    AS_HELP_STRING([--with-rubyarchprefix=DIR],
-@@ -4393,56 +4390,62 @@ AC_ARG_WITH(ridir,
+@@ -4401,56 +4398,62 @@ AC_ARG_WITH(ridir,
  AC_SUBST(ridir)
  AC_SUBST(RI_BASE_NAME)
  
@@ -120,7 +120,7 @@ index db37cd6..6e73fae 100644
  
  if test "${LOAD_RELATIVE+set}"; then
      AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
-@@ -4459,6 +4462,7 @@ AC_SUBST(sitearchincludedir)dnl
+@@ -4467,6 +4470,7 @@ AC_SUBST(sitearchincludedir)dnl
  AC_SUBST(arch)dnl
  AC_SUBST(sitearch)dnl
  AC_SUBST(ruby_version)dnl

ruby-2.4.3-Fix-Command-injection-in-lib-resolv-lazy_initialize.patch

@@ -0,0 +1,29 @@
+From e7464561b5151501beb356fc750d5dd1a88014f7 Mon Sep 17 00:00:00 2001
+From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Wed, 20 Dec 2017 04:18:31 +0000
+Subject: [PATCH] Fixed command Injection
+
+* resolv.rb (Resolv::Hosts#lazy_initialize): fixed potential
+  command Injection in Hosts::new() by use of Kernel#open.
+  [Fix GH-1777] [ruby-core:84347] [Bug #14205]
+
+From: Drigg3r <drigg3r@yandex.com>
+
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+---
+ lib/resolv.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/resolv.rb b/lib/resolv.rb
+index 1044b95e6810..56183b837d81 100644
+--- a/lib/resolv.rb
++++ b/lib/resolv.rb
+@@ -189,7 +189,7 @@ def lazy_initialize # :nodoc:
+         unless @initialized
+           @name2addr = {}
+           @addr2name = {}
+-          open(@filename, 'rb') {|f|
++          File.open(@filename, 'rb') {|f|
+             f.each {|line|
+               line.sub!(/#.*/, '')
+               addr, hostname, *aliases = line.split(/\s+/)

ruby-2.5.2-ruby-test_io-test_select_leak.patch

@@ -0,0 +1,24 @@
+diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb
+index dc99a8c463..30984bc26a 100644
+--- a/test/ruby/test_io.rb
++++ b/test/ruby/test_io.rb
+@@ -3551,7 +3551,7 @@ def test_write_no_garbage
+   end
+ 
+   def test_select_leak
+-    assert_no_memory_leak([], <<-"end;", <<-"end;", rss: true, timeout: 60)
++    assert_no_memory_leak([], <<-"end;", <<-"end;", rss: true, timeout: 240)
+       r, w = IO.pipe
+       rset = [r]
+       wset = [w]
+@@ -3562,6 +3562,7 @@ def test_select_leak
+         Thread.pass until th.stop?
+         th.kill
+         th.join
++        GC.start
+       end
+     end;
+   end
+-- 
+2.17.1
+

ruby.spec

@@ -1,6 +1,6 @@
 %global major_version 2
 %global minor_version 4
-%global teeny_version 2
+%global teeny_version 5
 %global major_minor_version %{major_version}.%{minor_version}
 
 %global ruby_version %{major_minor_version}.%{teeny_version}
@@ -21,7 +21,7 @@
 %endif
 
 
-%global release 84
+%global release 90
 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
 
 # The RubyGems library has to stay out of Ruby directory three, since the
@@ -29,20 +29,20 @@
 %global rubygems_dir %{_datadir}/rubygems
 
 # Bundled libraries versions
-%global rubygems_version 2.6.13
+%global rubygems_version 2.6.14.3
 %global molinillo_version 0.5.7
 
 # TODO: The IRB has strange versioning. Keep the Ruby's versioning ATM.
 # http://redmine.ruby-lang.org/issues/5313
 %global irb_version %{ruby_version}
 
-%global bigdecimal_version 1.3.0
+%global bigdecimal_version 1.3.2
 %global did_you_mean_version 1.1.0
 %global io_console_version 0.4.6
 %global json_version 2.0.4
 %global minitest_version 5.10.1
 %global net_telnet_version 0.1.1
-%global openssl_version 2.0.5
+%global openssl_version 2.0.9
 %global power_assert_version 0.4.1
 %global psych_version 2.2.2
 %global rake_version 12.0.0
@@ -62,6 +62,10 @@
 %global with_rubypick 1
 %endif
 
+%bcond_without systemtap
+%bcond_without git
+%bcond_without cmake
+
 Summary: An interpreter of object-oriented scripting language
 Name: ruby
 Version: %{ruby_version}
@@ -81,11 +85,6 @@ Source3: ruby-exercise.stp
 Source4: macros.ruby
 Source5: macros.rubygems
 Source6: abrt_prelude.rb
-# This wrapper fixes https://bugzilla.redhat.com/show_bug.cgi?id=977941
-# Hopefully, it will get removed soon:
-# https://fedorahosted.org/fpc/ticket/312
-# https://bugzilla.redhat.com/show_bug.cgi?id=977941
-Source7: config.h
 # RPM dependency generators.
 Source8: rubygems.attr
 Source9: rubygems.req
@@ -128,6 +127,13 @@ Patch7: ruby-2.2.3-Generate-preludes-using-miniruby.patch
 # hardening features of glibc (rhbz#1361037).
 # https://bugs.ruby-lang.org/issues/12666
 Patch9: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
+# Fix: Command injection in lib/resolv.rb:lazy_initialize()
+# https://bugzilla.redhat.com/show_bug.cgi?id=1528226
+# https://github.com/ruby/ruby/commit/e7464561b5151501beb356fc750d5dd1a88014f7
+Patch10: ruby-2.4.3-Fix-Command-injection-in-lib-resolv-lazy_initialize.patch
+# Fix ruby-test_io.rb#test_select_leak
+# https://bugs.ruby-lang.org/issues/14929
+Patch11: ruby-2.5.2-ruby-test_io-test_select_leak.patch
 
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Suggests: rubypick
@@ -144,10 +150,10 @@ BuildRequires: libyaml-devel
 BuildRequires: readline-devel
 # Needed to pass test_set_program_name(TestRubyOptions)
 BuildRequires: procps
-BuildRequires: %{_bindir}/dtrace
+%{?with_systemtap:BuildRequires: %{_bindir}/dtrace}
 # RubyGems test suite optional dependencies.
-BuildRequires: git
-BuildRequires: %{_bindir}/cmake
+%{?with_git:BuildRequires: git}
+%{?with_cmake:BuildRequires: %{_bindir}/cmake}
 # Required to test hardening.
 BuildRequires: %{_bindir}/checksec
 BuildRequires: multilib-rpm-config
@@ -508,6 +514,8 @@ rm -rf ext/fiddle/libffi*
 %patch6 -p1
 %patch7 -p1
 %patch9 -p1
+%patch10 -p1
+%patch11 -p1
 
 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@@ -686,17 +694,8 @@ sed -i 's/^/%doc /' .ruby-doc.*
 sed -i 's/^/%lang(ja) /' .ruby-doc.ja
 
 %check
-# Temporary change the hardening check on PPC64LE as long as the checksec is
-# is providing incorrect output.
-# https://bugzilla.redhat.com/show_bug.cgi?id=1479302
-%ifnarch ppc64le
-# Check Ruby hardening.
 checksec -f libruby.so.%{ruby_version} | \
   grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*Yes.*\d*.*\d*.*libruby.so.%{ruby_version}"
-%else
-checksec -f libruby.so.%{ruby_version} | \
-  grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*No.*\d*.*\d*.*libruby.so.%{ruby_version}"
-%endif
 
 # Check RubyGems version correctness.
 [ "`make runruby TESTRUN_SCRIPT='bin/gem -v' | tail -1`" == '%{rubygems_version}' ]
@@ -714,7 +713,7 @@ touch abrt.rb
 make runruby TESTRUN_SCRIPT="--enable-gems %{SOURCE12}"
 
 # Check if systemtap is supported.
-make runruby TESTRUN_SCRIPT=%{SOURCE13}
+%{?with_systemtap:make runruby TESTRUN_SCRIPT=%{SOURCE13}}
 
 DISABLE_TESTS=""
 
@@ -1030,6 +1029,34 @@ make check TESTS="-v $DISABLE_TESTS"
 %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
 
 %changelog
+* Fri Oct 26 2018 Jun Aruga <jaruga@redhat.com> - 2.4.5-90
+- Update to Ruby 2.4.5.
+
+* Thu May 10 2018 Pavel Valena <pvalena@redhat.com> - 2.4.4-89
+- Add macros to edit files lists in .gemspec
+  (gemspec_add_file and gemspec_remove_file).
+
+* Wed May 02 2018 Vít Ondruch <vondruch@redhat.com> - 2.4.4-89
+- Make %%gemspec_{add,remove}_dep modify .gemspec provided by %%setup macro.
+
+* Mon Apr 16 2018 Pavel Valena <pvalena@redhat.com> - 2.4.4-88
+- Update to Ruby 2.4.4.
+
+* Wed Feb 21 2018 Pavel Valena <pvalena@redhat.com> - 2.4.3-87
+- Fix: Multiple vulnerabilities in RubyGems
+  https://bugzilla.redhat.com/show_bug.cgi?id=1547431
+  https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/
+
+* Thu Dec 21 2017 Pavel Valena <pvalena@redhat.com> - 2.4.3-86
+- Update to Ruby 2.4.3.
+- Fix: Command injection in lib/resolv.rb:lazy_initialize() (rhbz#1528226)
+
+* Fri Oct 27 2017 Jun Aruga <jaruga@redhat.com> - 2.4.2-86
+- Improve "with" conditional statement as inline.
+
+* Thu Oct 19 2017 Jun Aruga <jaruga@redhat.com> - 2.4.2-85
+- Add macros to remove systemtap, git and cmake dependencies.
+
 * Mon Sep 18 2017 Pavel Valena <pvalena@redhat.com> - 2.4.2-84
 - Update to Ruby 2.4.2.
 

sources

@@ -1 +1 @@
-SHA512 (ruby-2.4.2.tar.xz) = c1d42272fb0d94b693452e703b0ea4942bf59cbd4b08ba83bf039f54be97ebc88511632413da0164970b4cf97bc302bccb88aab48edfa8fa147498e7ee741595
+SHA512 (ruby-2.4.5.tar.xz) = 658f676c623109f4c7499615e191c98c3dd72cfcaeeaf121337d0b8a33c5243145edd50ec5e2775f988e3cd19788984f105fa165e3049779066566f67172c1b4