Browse code
Bump ruby version to 2.5.3, to fix CVE-2018-16395 & CVE-2018-16396
Change-Id: I67e1a5855589fdb2669583e5c63868620d6b10bc
Signed-off-by: srinidhira0 <srinidhir@vmware.com>
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6428
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
gsujayvmw authored on 2019/01/02 16:01:44Showing 13 changed files
- SPECS/ruby/ruby.spec
- SPECS/rubygem-backports/rubygem-backports.spec
- SPECS/rubygem-builder/rubygem-builder.spec
- SPECS/rubygem-highline/rubygem-highline.spec
- SPECS/rubygem-libxml-ruby/rubygem-libxml-ruby.spec
- SPECS/rubygem-mini_portile/rubygem-mini_portile.spec
- SPECS/rubygem-mini_portile2/rubygem-mini_portile2.spec
- SPECS/rubygem-nokogiri/rubygem-nokogiri.spec
- SPECS/rubygem-rbvmomi/rubygem-rbvmomi.spec
- SPECS/rubygem-terminal-table/rubygem-terminal-table.spec
- SPECS/rubygem-trollop/rubygem-trollop.spec
- SPECS/rubygem-unicode-display_width/rubygem-unicode-display_width.spec
- SPECS/rubygem-zip/rubygem-zip.spec
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Ruby |
| 2 | 2 |
Name: ruby |
| 3 |
-Version: 2.4.4 |
|
| 3 |
+Version: 2.5.3 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: BSDL |
| 6 | 6 |
URL: https://www.ruby-lang.org/en/ |
| ... | ... |
@@ -8,13 +8,7 @@ Group: System Environment/Security |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://cache.ruby-lang.org/pub/ruby/2.4/%{name}-%{version}.tar.bz2
|
| 11 |
-%define sha1 ruby=1cc548ba3eb821e29ab92ac13e1d5c7bf23b1526 |
|
| 12 |
-Patch0: ruby-CVE-2017-9224.patch |
|
| 13 |
-Patch1: ruby-CVE-2017-9226.patch |
|
| 14 |
-Patch2: ruby-CVE-2017-9227.patch |
|
| 15 |
-Patch3: ruby-CVE-2017-9229.patch |
|
| 16 |
-Patch4: ruby-CVE-2017-9228.patch |
|
| 17 |
-Patch5: ruby-CVE-2017-17790.patch |
|
| 11 |
+%define sha1 ruby=d47ede7dab79de25fcc274dfcad0f92f389a4313 |
|
| 18 | 12 |
BuildRequires: openssl-devel |
| 19 | 13 |
BuildRequires: ca-certificates |
| 20 | 14 |
BuildRequires: readline-devel |
| ... | ... |
@@ -28,12 +22,6 @@ This is useful for object-oriented scripting. |
| 28 | 28 |
|
| 29 | 29 |
%prep |
| 30 | 30 |
%setup -q |
| 31 |
-%patch0 -p1 |
|
| 32 |
-%patch1 -p1 |
|
| 33 |
-%patch2 -p1 |
|
| 34 |
-%patch3 -p1 |
|
| 35 |
-%patch4 -p1 |
|
| 36 |
-%patch5 -p1 |
|
| 37 | 31 |
%build |
| 38 | 32 |
./configure \ |
| 39 | 33 |
--prefix=%{_prefix} \
|
| ... | ... |
@@ -61,6 +49,8 @@ rm -rf %{buildroot}/*
|
| 61 | 61 |
%{_docdir}/%{name}-%{version}
|
| 62 | 62 |
%{_mandir}/man1/*
|
| 63 | 63 |
%changelog |
| 64 |
+* Wed Jan 02 2019 Sujay G <gsujay@vmware.com> 2.5.3-1 |
|
| 65 |
+- Bump ruby version to 2.5.3, to fix CVE-2018-16395 & CVE-2018-16396 |
|
| 64 | 66 |
* Fri Apr 27 2018 Xiaolin Li <xiaolinl@vmware.com> 2.4.4-1 |
| 65 | 67 |
- Update to version 2.4.4, fix CVE-2018-8777, CVE-2018-8778, |
| 66 | 68 |
- CVE-2018-8779, CVE-2018-8780, CVE-2018-6914, CVE-2017-17742 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
|
| 6 | 6 |
Name: rubygem-backports |
| 7 | 7 |
Version: 3.7.0 |
| 8 |
-Release: 1%{?dist}
|
|
| 8 |
+Release: 2%{?dist}
|
|
| 9 | 9 |
Summary: Backports of Ruby features for older Ruby |
| 10 | 10 |
Group: Development/Languages |
| 11 | 11 |
License: MIT |
| ... | ... |
@@ -28,6 +28,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 28 | 28 |
%{gemdir}
|
| 29 | 29 |
|
| 30 | 30 |
%changelog |
| 31 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 3.7.0-2 |
|
| 32 |
+- Increment the release version as part of ruby upgrade. |
|
| 31 | 33 |
* Tue Mar 28 2017 Xiaolin Li <xiaolinl@vmware.com> 3.7.0-1 |
| 32 | 34 |
- Updated to version 3.7.0. |
| 33 | 35 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 3.6.8-3 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
Summary: Builders for MarkUp |
| 6 | 6 |
Name: rubygem-builder |
| 7 | 7 |
Version: 3.2.3 |
| 8 |
-Release: 1%{?dist}
|
|
| 8 |
+Release: 2%{?dist}
|
|
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| 11 | 11 |
Vendor: VMware, Inc. |
| ... | ... |
@@ -30,6 +30,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 30 | 30 |
%{gemdir}
|
| 31 | 31 |
|
| 32 | 32 |
%changelog |
| 33 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 3.2.3-2 |
|
| 34 |
+- Increment the release version as part of ruby upgrade. |
|
| 33 | 35 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 3.2.3-1 |
| 34 | 36 |
- Updated to version 3.2.3. |
| 35 | 37 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 3.2.2-3 |
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
%define gem_name highline |
| 4 | 4 |
Name: rubygem-highline |
| 5 | 5 |
Version: 1.7.8 |
| 6 |
-Release: 3%{?dist}
|
|
| 6 |
+Release: 4%{?dist}
|
|
| 7 | 7 |
Summary: A high-level IO library that provides validation, type conversion, and more for command-line interfaces |
| 8 | 8 |
Group: Applications/Programming |
| 9 | 9 |
License: BSD |
| ... | ... |
@@ -23,6 +23,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 23 | 23 |
%defattr(-,root,root,-) |
| 24 | 24 |
%{gemdir}
|
| 25 | 25 |
%changelog |
| 26 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 1.7.8-4 |
|
| 27 |
+- Increment the release version as part of ruby upgrade. |
|
| 26 | 28 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 1.7.8-3 |
| 27 | 29 |
- Bump up release number to reflect ruby upgrade |
| 28 | 30 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 1.7.8-2 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
Summary: Provides Ruby language bindings for the GNOME Libxml2 XML toolkit |
| 6 | 6 |
Name: rubygem-libxml-ruby |
| 7 | 7 |
Version: 3.0.0 |
| 8 |
-Release: 2%{?dist}
|
|
| 8 |
+Release: 3%{?dist}
|
|
| 9 | 9 |
Group: Applications/Programming |
| 10 | 10 |
License: BSD |
| 11 | 11 |
Vendor: VMware, Inc. |
| ... | ... |
@@ -14,7 +14,7 @@ URL: https://rubygems.org/gems/%{gem_name}
|
| 14 | 14 |
Source0: https://rubygems.org/downloads/libxml-ruby-%{version}.gem
|
| 15 | 15 |
%define sha1 libxml-ruby=9a4f28d019da0aef73773d676f9ba3ce9294b6bb |
| 16 | 16 |
BuildRequires: ruby >= 2.4.0 |
| 17 |
-BuildRequires: libxml2-devel |
|
| 17 |
+BuildRequires: libxml2-devel |
|
| 18 | 18 |
Requires: ruby >= 2.4.0 |
| 19 | 19 |
%description |
| 20 | 20 |
Provides Ruby language bindings for the GNOME Libxml2 XML toolkit |
| ... | ... |
@@ -27,6 +27,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 27 | 27 |
%defattr(-,root,root,-) |
| 28 | 28 |
%{gemdir}
|
| 29 | 29 |
%changelog |
| 30 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 3.0.0-3 |
|
| 31 |
+- Increment the release version as part of ruby upgrade. |
|
| 30 | 32 |
* Thu Sep 28 2017 Xiaolin Li <xiaolinl@vmware.com> 3.0.0-2 |
| 31 | 33 |
- Build with ruby 2.4.2. |
| 32 | 34 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 3.0.0-1 |
| ... | ... |
@@ -4,7 +4,7 @@ |
| 4 | 4 |
|
| 5 | 5 |
Name: rubygem-mini_portile |
| 6 | 6 |
Version: 0.6.2 |
| 7 |
-Release: 3%{?dist}
|
|
| 7 |
+Release: 4%{?dist}
|
|
| 8 | 8 |
Summary: Simplistic port-like solution for developers |
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| ... | ... |
@@ -28,6 +28,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 28 | 28 |
%{gemdir}
|
| 29 | 29 |
|
| 30 | 30 |
%changelog |
| 31 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 0.6.2-4 |
|
| 32 |
+- Increment the release version as part of ruby upgrade. |
|
| 31 | 33 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 0.6.2-3 |
| 32 | 34 |
- Bump up release number to reflect ruby upgrade |
| 33 | 35 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 0.6.2-2 |
| ... | ... |
@@ -4,7 +4,7 @@ |
| 4 | 4 |
|
| 5 | 5 |
Name: rubygem-mini_portile2 |
| 6 | 6 |
Version: 2.1.0 |
| 7 |
-Release: 1%{?dist}
|
|
| 7 |
+Release: 2%{?dist}
|
|
| 8 | 8 |
Summary: Simplistic port-like solution for developers |
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| ... | ... |
@@ -29,6 +29,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 29 | 29 |
%{gemdir}
|
| 30 | 30 |
|
| 31 | 31 |
%changelog |
| 32 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 2.1.0-2 |
|
| 33 |
+- Increment the release version as part of ruby upgrade. |
|
| 32 | 34 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 2.1.0-1 |
| 33 | 35 |
- Updated to version 2.1.0 |
| 34 | 36 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 2.0.0-3 |
| ... | ... |
@@ -4,7 +4,7 @@ |
| 4 | 4 |
|
| 5 | 5 |
Name: rubygem-nokogiri |
| 6 | 6 |
Version: 1.7.1 |
| 7 |
-Release: 2%{?dist}
|
|
| 7 |
+Release: 3%{?dist}
|
|
| 8 | 8 |
Summary: Nokogiri is an HTML, XML, SAX, and Reader parser. |
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| ... | ... |
@@ -35,6 +35,8 @@ NOKOGIRI_USE_SYSTEM_LIBRARIES=1 gem install -V --local --force --install-dir %{b
|
| 35 | 35 |
%{gemdir}
|
| 36 | 36 |
|
| 37 | 37 |
%changelog |
| 38 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 1.7.1-3 |
|
| 39 |
+- Increment the release version as part of ruby upgrade. |
|
| 38 | 40 |
* Thu Sep 28 2017 Xiaolin Li <xiaolinl@vmware.com> 1.7.1-2 |
| 39 | 41 |
- Build with ruby 2.4.2. |
| 40 | 42 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 1.7.1-1 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
Summary: Ruby interface to the VMware vSphere API. |
| 6 | 6 |
Name: rubygem-rbvmomi |
| 7 | 7 |
Version: 1.10.0 |
| 8 |
-Release: 1%{?dist}
|
|
| 8 |
+Release: 2%{?dist}
|
|
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| 11 | 11 |
Vendor: VMware, Inc. |
| ... | ... |
@@ -29,6 +29,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 29 | 29 |
%{gemdir}
|
| 30 | 30 |
|
| 31 | 31 |
%changelog |
| 32 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 1.10.0-2 |
|
| 33 |
+- Increment the release version as part of ruby upgrade. |
|
| 32 | 34 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 1.10.0-1 |
| 33 | 35 |
- Updated to version 1.10.0. |
| 34 | 36 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 1.8.2-3 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
Summary: Simple, feature rich ascii table generation library |
| 6 | 6 |
Name: rubygem-terminal-table |
| 7 | 7 |
Version: 1.7.3 |
| 8 |
-Release: 2%{?dist}
|
|
| 8 |
+Release: 3%{?dist}
|
|
| 9 | 9 |
Group: Applications/Programming |
| 10 | 10 |
License: BSD |
| 11 | 11 |
Vendor: VMware, Inc. |
| ... | ... |
@@ -27,6 +27,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 27 | 27 |
%defattr(-,root,root,-) |
| 28 | 28 |
%{gemdir}
|
| 29 | 29 |
%changelog |
| 30 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 1.7.3-3 |
|
| 31 |
+- Increment the release version as part of ruby upgrade. |
|
| 30 | 32 |
* Wed Mar 29 2017 Xiaolin Li <xiaolinl@vmware.com> 1.7.3-2 |
| 31 | 33 |
- Added rubygem-unicode-display_width to requires. |
| 32 | 34 |
* Wed Mar 22 2017 Xiaolin Li <xiaolinl@vmware.com> 1.7.3-1 |
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
%define gem_name trollop |
| 4 | 4 |
Name: rubygem-trollop |
| 5 | 5 |
Version: 2.1.2 |
| 6 |
-Release: 3%{?dist}
|
|
| 6 |
+Release: 4%{?dist}
|
|
| 7 | 7 |
Summary: Commandline option parser for Ruby |
| 8 | 8 |
Group: Applications/Programming |
| 9 | 9 |
License: BSD |
| ... | ... |
@@ -23,6 +23,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 23 | 23 |
%defattr(-,root,root,-) |
| 24 | 24 |
%{gemdir}
|
| 25 | 25 |
%changelog |
| 26 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 2.1.2-4 |
|
| 27 |
+- Increment the release version as part of ruby upgrade. |
|
| 26 | 28 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 2.1.2-3 |
| 27 | 29 |
- Bump up release number to reflect ruby upgrade |
| 28 | 30 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.1.2-2 |
| ... | ... |
@@ -5,7 +5,7 @@ |
| 5 | 5 |
Summary: Unicode::DisplayWidth. |
| 6 | 6 |
Name: rubygem-unicode-display_width |
| 7 | 7 |
Version: 1.1.3 |
| 8 |
-Release: 1%{?dist}
|
|
| 8 |
+Release: 2%{?dist}
|
|
| 9 | 9 |
Group: Development/Languages |
| 10 | 10 |
License: MIT |
| 11 | 11 |
Vendor: VMware, Inc. |
| ... | ... |
@@ -40,5 +40,7 @@ popd |
| 40 | 40 |
%{gemdir}
|
| 41 | 41 |
|
| 42 | 42 |
%changelog |
| 43 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 1.1.3-2 |
|
| 44 |
+- Increment the release version as part of ruby upgrade. |
|
| 43 | 45 |
* Tue Mar 28 2017 Xiaolin Li <xiaolinl@vmware.com> 1.1.3-1 |
| 44 | 46 |
- Initial build |
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
%define gem_name zip |
| 4 | 4 |
Name: rubygem-zip |
| 5 | 5 |
Version: 2.0.2 |
| 6 |
-Release: 3%{?dist}
|
|
| 6 |
+Release: 4%{?dist}
|
|
| 7 | 7 |
Summary: Ruby library for reading and writing Zip files |
| 8 | 8 |
Group: Applications/Programming |
| 9 | 9 |
License: BSD |
| ... | ... |
@@ -23,6 +23,8 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{SOURCE0}
|
| 23 | 23 |
%defattr(-,root,root,-) |
| 24 | 24 |
%{gemdir}
|
| 25 | 25 |
%changelog |
| 26 |
+* Tue Jan 29 2019 Srinidhi Rao <srinidhir@vmware.com> 2.0.2-4 |
|
| 27 |
+- Increment the release version as part of ruby upgrade. |
|
| 26 | 28 |
* Wed Jan 25 2017 Anish Swaminathan <anishs@vmware.com> 2.0.2-3 |
| 27 | 29 |
- Bump up release number to reflect ruby upgrade |
| 28 | 30 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.0.2-2 |