From 849e973f6d5e0a6048ac42463ea69c8ce43c9ef04fda0702c999138b0fa0b438 Mon Sep 17 00:00:00 2001 From: Marcus Rueckert Date: Thu, 30 Mar 2023 14:31:22 +0000 Subject: [PATCH] boo#1209891 CVE-2023-28755 boo#1209967 CVE-2023-28756 OBS-URL: https://build.opensuse.org/package/show/devel:languages:ruby/ruby3.2?expand=0&rev=20 --- ruby-3.2.1.tar.xz | 3 --- ruby-3.2.2.tar.xz | 3 +++ ruby3.2.changes | 10 ++++++++++ ruby3.2.spec | 6 +++--- 4 files changed, 16 insertions(+), 6 deletions(-) delete mode 100644 ruby-3.2.1.tar.xz create mode 100644 ruby-3.2.2.tar.xz diff --git a/ruby-3.2.1.tar.xz b/ruby-3.2.1.tar.xz deleted file mode 100644 index 42a575a..0000000 --- a/ruby-3.2.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:746c8661ae25449cbdc5297d1092702e93e66f365a75fecb740d4f292ced630c -size 15094384 diff --git a/ruby-3.2.2.tar.xz b/ruby-3.2.2.tar.xz new file mode 100644 index 0000000..e8ec488 --- /dev/null +++ b/ruby-3.2.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4b352d0f7ec384e332e3e44cdbfdcd5ff2d594af3c8296b5636c710975149e23 +size 15118856 diff --git a/ruby3.2.changes b/ruby3.2.changes index b8f53a6..c1dc2ae 100644 --- a/ruby3.2.changes +++ b/ruby3.2.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Mar 30 14:23:04 UTC 2023 - Marcus Rueckert + +- update to 3.2.2 (boo#1209891 CVE-2023-28755 boo#1209967 CVE-2023-28756) + https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ + https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ + https://www.ruby-lang.org/en/news/2023/03/30/ruby-3-2-2-released/ +- drop ruby-3.1.3-remove-timezone-test.patch + solved differently upstream + ------------------------------------------------------------------- Wed Feb 8 13:05:41 UTC 2023 - Marcus Rueckert diff --git a/ruby3.2.spec b/ruby3.2.spec index 5e6e3c5..809e078 100644 --- a/ruby3.2.spec +++ b/ruby3.2.spec @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + %ifarch x86_64 aarch64 %bcond_with yjit %else @@ -35,7 +36,7 @@ %global patch_level p0 Name: ruby3.2%{psuffix} -Version: 3.2.1 +Version: 3.2.2 Release: 0 %global pkg_version %{version} # make the exported API version explicit @@ -62,7 +63,6 @@ Release: 0 %global rb_extarchdocdir %{_libdir}/ruby/gems/%{rb_ver}/doc/extensions/%{rb_arch_short} %global rb_include_dir %{_includedir}/ruby-%{api_version} - %if "%{rb_default_ruby_suffix}" == "%{rb_soname}" %global is_default_ruby 1 %global rb_ua_weight 1%{_rb_ua_weight}