GitList

Browse code

fix ruby CVE-2017-9228

Change-Id: I9bab71423ee92dc1c588f4c93a677a7215997990
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/3334
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Siju Maliakkal <smaliakkal@vmware.com>

Priyesh Padmavilasom authored on 2017/07/25 11:57:37
Showing 2 changed files

SPECS/ruby/ruby-CVE-2017-9228.patch index 0000000..e970e6f
SPECS/ruby/ruby.spec index b4185bb..5d12e3f 100644

SPECS/ruby/ruby-CVE-2017-9228.patch

History View file @ 27fd452

                     new file mode 100644
@@ -0,0 +1,15 @@
                     +diff --git a/regparse.c b/regparse.c.1
                     +index 1e0dfd9..d99cbcd 100644
                     +--- a/regparse.c
                     +@@ -4433,7 +4433,9 @@ next_state_class(CClassNode* cc, CClassNode* asc_cc,
                     +     }
                     +   }
+                    +
                     +-  *state = CCS_VALUE;
                     ++  if (*state != CCS_START)
                     ++    *state = CCS_VALUE;
                     ++
                     +   *type  = CCV_CLASS;
                     +   return 0;
                     + }

SPECS/ruby/ruby.spec

History View file @ 27fd452

@@ -1,7 +1,7 @@
                      Summary:    Ruby
                      Name:       ruby
                      Version:    2.4.1
                     -Release:    2%{?dist}
                     +Release:    3%{?dist}
                      License:    BSDL
                      URL:        https://www.ruby-lang.org/en/
                      Group:      System Environment/Security
@@ -13,6 +13,7 @@ Patch0:     ruby-CVE-2017-9224.patch
                      Patch1:     ruby-CVE-2017-9226.patch
                      Patch2:     ruby-CVE-2017-9227.patch
                      Patch3:     ruby-CVE-2017-9229.patch
                     +Patch4:     ruby-CVE-2017-9228.patch
                      BuildRequires:  openssl-devel
                      BuildRequires:  ca-certificates
                      BuildRequires:  readline-devel
@@ -31,6 +32,7 @@ This is useful for object-oriented scripting.
                      %patch1 -p1
                      %patch2 -p1
                      %patch3 -p1
                     +%patch4 -p1
                      %build
                      ./configure \
                          --prefix=%{_prefix}   \
@@ -58,6 +60,8 @@ rm -rf %{buildroot}/*
                      %{_docdir}/%{name}-%{version}
                      %{_mandir}/man1/*
                      %changelog
                     +*   Mon Jul 24 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.4.1-3
                     +-   [security] CVE-2017-9228
                      *   Tue Jun 13 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.4.1-2
                      -   [security] CVE-2017-9224,CVE-2017-9225
                      -   [security] CVE-2017-9227,CVE-2017-9229