diff options
author | Lee Chee Yang <chee.yang.lee@intel.com> | 2022-02-28 11:38:37 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-03-10 16:39:45 +0000 |
commit | b2bd31b9cc10165719d132073ddaa8e93298f633 (patch) | |
tree | 1d0c1df2d6bdbb59da8448f0aaed912bf68e30fa /meta/recipes-devtools | |
parent | cec2ca666a83d4badb2f48a71b40941f49e5e40f (diff) | |
download | poky-b2bd31b9cc10165719d132073ddaa8e93298f633.tar.gz |
ruby : update to 3.0.3
Do not tweak a file that is no longer installed.
Ruby 3.0.3 includes security fixes.
CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
CVE-2021-41816: Buffer Overrun in CGI.escape_html
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
Ruby 3.0.2 release includes security fixes.
CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
CVE-2021-31799: A command injection vulnerability in RDoc
(From OE-Core rev: edb6df08cb47a39918d28c709675d995c9e10031)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch | 57 | ||||
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch | 258 | ||||
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch | 102 | ||||
-rw-r--r-- | meta/recipes-devtools/ruby/ruby_3.0.3.bb (renamed from meta/recipes-devtools/ruby/ruby_3.0.1.bb) | 7 |
4 files changed, 1 insertions, 423 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch deleted file mode 100644 index 83064e85ab..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch +++ /dev/null | |||
@@ -1,57 +0,0 @@ | |||
1 | From b1c73f239fe9af97de837331849f55d67c27561e Mon Sep 17 00:00:00 2001 | ||
2 | From: aycabta <aycabta@gmail.com> | ||
3 | Date: Sun, 2 May 2021 20:52:23 +0900 | ||
4 | Subject: [PATCH] [ruby/rdoc] Use File.open to fix the OS Command Injection | ||
5 | vulnerability in CVE-2021-31799 | ||
6 | |||
7 | https://github.com/ruby/rdoc/commit/a7f5d6ab88 | ||
8 | |||
9 | CVE: CVE-2021-31799 | ||
10 | |||
11 | Upstream-Status: Backport[https://github.com/ruby/ruby/commit/b1c73f239fe9af97de837331849f55d67c27561e] | ||
12 | |||
13 | Signed-off-by: Mingli Yu <mingli.yu@windriver.com> | ||
14 | --- | ||
15 | lib/rdoc/rdoc.rb | 2 +- | ||
16 | test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++ | ||
17 | 2 files changed, 13 insertions(+), 1 deletion(-) | ||
18 | |||
19 | diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb | ||
20 | index 680a8612f7..904625f105 100644 | ||
21 | --- a/lib/rdoc/rdoc.rb | ||
22 | +++ b/lib/rdoc/rdoc.rb | ||
23 | @@ -444,7 +444,7 @@ def remove_unparseable files | ||
24 | files.reject do |file, *| | ||
25 | file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or | ||
26 | (file =~ /tags$/i and | ||
27 | - open(file, 'rb') { |io| | ||
28 | + File.open(file, 'rb') { |io| | ||
29 | io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/ | ||
30 | }) | ||
31 | end | ||
32 | diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb | ||
33 | index 3910dd4656..a83d5a1b88 100644 | ||
34 | --- a/test/rdoc/test_rdoc_rdoc.rb | ||
35 | +++ b/test/rdoc/test_rdoc_rdoc.rb | ||
36 | @@ -456,6 +456,18 @@ def test_remove_unparseable_tags_vim | ||
37 | end | ||
38 | end | ||
39 | |||
40 | + def test_remove_unparseable_CVE_2021_31799 | ||
41 | + temp_dir do | ||
42 | + file_list = ['| touch evil.txt && echo tags'] | ||
43 | + file_list.each do |f| | ||
44 | + FileUtils.touch f | ||
45 | + end | ||
46 | + | ||
47 | + assert_equal file_list, @rdoc.remove_unparseable(file_list) | ||
48 | + assert_equal file_list, Dir.children('.') | ||
49 | + end | ||
50 | + end | ||
51 | + | ||
52 | def test_setup_output_dir | ||
53 | Dir.mktmpdir {|d| | ||
54 | path = File.join d, 'testdir' | ||
55 | -- | ||
56 | 2.17.1 | ||
57 | |||
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch deleted file mode 100644 index 69d774e0b7..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch +++ /dev/null | |||
@@ -1,258 +0,0 @@ | |||
1 | From 8cebc092cd18f4cfb669f66018ea8ffc6f408584 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yusuke Endoh <mame@ruby-lang.org> | ||
3 | Date: Wed, 7 Jul 2021 11:57:15 +0900 | ||
4 | Subject: [PATCH] Ignore IP addresses in PASV responses by default, and add new | ||
5 | option use_pasv_ip | ||
6 | |||
7 | This fixes CVE-2021-31810. | ||
8 | Reported by Alexandr Savca. | ||
9 | |||
10 | Co-authored-by: Shugo Maeda <shugo@ruby-lang.org> | ||
11 | |||
12 | CVE: CVE-2021-31810 | ||
13 | |||
14 | Upstream-Status: Backport | ||
15 | [https://github.com/ruby/ruby/commit/bf4d05173c7cf04d8892e4b64508ecf7902717cd] | ||
16 | |||
17 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
18 | --- | ||
19 | lib/net/ftp.rb | 15 +++- | ||
20 | test/net/ftp/test_ftp.rb | 159 ++++++++++++++++++++++++++++++++++++++- | ||
21 | 2 files changed, 170 insertions(+), 4 deletions(-) | ||
22 | |||
23 | diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb | ||
24 | index 88e8655..d6f5cc3 100644 | ||
25 | --- a/lib/net/ftp.rb | ||
26 | +++ b/lib/net/ftp.rb | ||
27 | @@ -98,6 +98,10 @@ module Net | ||
28 | # When +true+, the connection is in passive mode. Default: +true+. | ||
29 | attr_accessor :passive | ||
30 | |||
31 | + # When +true+, use the IP address in PASV responses. Otherwise, it uses | ||
32 | + # the same IP address for the control connection. Default: +false+. | ||
33 | + attr_accessor :use_pasv_ip | ||
34 | + | ||
35 | # When +true+, all traffic to and from the server is written | ||
36 | # to +$stdout+. Default: +false+. | ||
37 | attr_accessor :debug_mode | ||
38 | @@ -206,6 +210,9 @@ module Net | ||
39 | # handshake. | ||
40 | # See Net::FTP#ssl_handshake_timeout for | ||
41 | # details. Default: +nil+. | ||
42 | + # use_pasv_ip:: When +true+, use the IP address in PASV responses. | ||
43 | + # Otherwise, it uses the same IP address for the control | ||
44 | + # connection. Default: +false+. | ||
45 | # debug_mode:: When +true+, all traffic to and from the server is | ||
46 | # written to +$stdout+. Default: +false+. | ||
47 | # | ||
48 | @@ -266,6 +273,7 @@ module Net | ||
49 | @open_timeout = options[:open_timeout] | ||
50 | @ssl_handshake_timeout = options[:ssl_handshake_timeout] | ||
51 | @read_timeout = options[:read_timeout] || 60 | ||
52 | + @use_pasv_ip = options[:use_pasv_ip] || false | ||
53 | if host | ||
54 | connect(host, options[:port] || FTP_PORT) | ||
55 | if options[:username] | ||
56 | @@ -1371,7 +1379,12 @@ module Net | ||
57 | raise FTPReplyError, resp | ||
58 | end | ||
59 | if m = /\((?<host>\d+(?:,\d+){3}),(?<port>\d+,\d+)\)/.match(resp) | ||
60 | - return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"]) | ||
61 | + if @use_pasv_ip | ||
62 | + host = parse_pasv_ipv4_host(m["host"]) | ||
63 | + else | ||
64 | + host = @bare_sock.remote_address.ip_address | ||
65 | + end | ||
66 | + return host, parse_pasv_port(m["port"]) | ||
67 | else | ||
68 | raise FTPProtoError, resp | ||
69 | end | ||
70 | diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb | ||
71 | index 023e794..243d4ad 100644 | ||
72 | --- a/test/net/ftp/test_ftp.rb | ||
73 | +++ b/test/net/ftp/test_ftp.rb | ||
74 | @@ -61,7 +61,7 @@ class FTPTest < Test::Unit::TestCase | ||
75 | end | ||
76 | |||
77 | def test_parse227 | ||
78 | - ftp = Net::FTP.new | ||
79 | + ftp = Net::FTP.new(nil, use_pasv_ip: true) | ||
80 | host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)") | ||
81 | assert_equal("192.168.0.1", host) | ||
82 | assert_equal(3106, port) | ||
83 | @@ -80,6 +80,14 @@ class FTPTest < Test::Unit::TestCase | ||
84 | assert_raise(Net::FTPProtoError) do | ||
85 | ftp.send(:parse227, "227 ) foo bar (") | ||
86 | end | ||
87 | + | ||
88 | + ftp = Net::FTP.new | ||
89 | + sock = OpenStruct.new | ||
90 | + sock.remote_address = OpenStruct.new | ||
91 | + sock.remote_address.ip_address = "10.0.0.1" | ||
92 | + ftp.instance_variable_set(:@bare_sock, sock) | ||
93 | + host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)") | ||
94 | + assert_equal("10.0.0.1", host) | ||
95 | end | ||
96 | |||
97 | def test_parse228 | ||
98 | @@ -2474,10 +2482,155 @@ EOF | ||
99 | end | ||
100 | end | ||
101 | |||
102 | + def test_ignore_pasv_ip | ||
103 | + commands = [] | ||
104 | + binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 | ||
105 | + server = create_ftp_server(nil, "127.0.0.1") { |sock| | ||
106 | + sock.print("220 (test_ftp).\r\n") | ||
107 | + commands.push(sock.gets) | ||
108 | + sock.print("331 Please specify the password.\r\n") | ||
109 | + commands.push(sock.gets) | ||
110 | + sock.print("230 Login successful.\r\n") | ||
111 | + commands.push(sock.gets) | ||
112 | + sock.print("200 Switching to Binary mode.\r\n") | ||
113 | + line = sock.gets | ||
114 | + commands.push(line) | ||
115 | + data_server = TCPServer.new("127.0.0.1", 0) | ||
116 | + port = data_server.local_address.ip_port | ||
117 | + sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n", | ||
118 | + port.divmod(256).join(",")) | ||
119 | + commands.push(sock.gets) | ||
120 | + sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n") | ||
121 | + conn = data_server.accept | ||
122 | + binary_data.scan(/.{1,1024}/nm) do |s| | ||
123 | + conn.print(s) | ||
124 | + end | ||
125 | + conn.shutdown(Socket::SHUT_WR) | ||
126 | + conn.read | ||
127 | + conn.close | ||
128 | + data_server.close | ||
129 | + sock.print("226 Transfer complete.\r\n") | ||
130 | + } | ||
131 | + begin | ||
132 | + begin | ||
133 | + ftp = Net::FTP.new | ||
134 | + ftp.passive = true | ||
135 | + ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait | ||
136 | + ftp.connect("127.0.0.1", server.port) | ||
137 | + ftp.login | ||
138 | + assert_match(/\AUSER /, commands.shift) | ||
139 | + assert_match(/\APASS /, commands.shift) | ||
140 | + assert_equal("TYPE I\r\n", commands.shift) | ||
141 | + buf = ftp.getbinaryfile("foo", nil) | ||
142 | + assert_equal(binary_data, buf) | ||
143 | + assert_equal(Encoding::ASCII_8BIT, buf.encoding) | ||
144 | + assert_equal("PASV\r\n", commands.shift) | ||
145 | + assert_equal("RETR foo\r\n", commands.shift) | ||
146 | + assert_equal(nil, commands.shift) | ||
147 | + ensure | ||
148 | + ftp.close if ftp | ||
149 | + end | ||
150 | + ensure | ||
151 | + server.close | ||
152 | + end | ||
153 | + end | ||
154 | + | ||
155 | + def test_use_pasv_ip | ||
156 | + commands = [] | ||
157 | + binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 | ||
158 | + server = create_ftp_server(nil, "127.0.0.1") { |sock| | ||
159 | + sock.print("220 (test_ftp).\r\n") | ||
160 | + commands.push(sock.gets) | ||
161 | + sock.print("331 Please specify the password.\r\n") | ||
162 | + commands.push(sock.gets) | ||
163 | + sock.print("230 Login successful.\r\n") | ||
164 | + commands.push(sock.gets) | ||
165 | + sock.print("200 Switching to Binary mode.\r\n") | ||
166 | + line = sock.gets | ||
167 | + commands.push(line) | ||
168 | + data_server = TCPServer.new("127.0.0.1", 0) | ||
169 | + port = data_server.local_address.ip_port | ||
170 | + sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n", | ||
171 | + port.divmod(256).join(",")) | ||
172 | + commands.push(sock.gets) | ||
173 | + sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n") | ||
174 | + conn = data_server.accept | ||
175 | + binary_data.scan(/.{1,1024}/nm) do |s| | ||
176 | + conn.print(s) | ||
177 | + end | ||
178 | + conn.shutdown(Socket::SHUT_WR) | ||
179 | + conn.read | ||
180 | + conn.close | ||
181 | + data_server.close | ||
182 | + sock.print("226 Transfer complete.\r\n") | ||
183 | + } | ||
184 | + begin | ||
185 | + begin | ||
186 | + ftp = Net::FTP.new | ||
187 | + ftp.passive = true | ||
188 | + ftp.use_pasv_ip = true | ||
189 | + ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait | ||
190 | + ftp.connect("127.0.0.1", server.port) | ||
191 | + ftp.login | ||
192 | + assert_match(/\AUSER /, commands.shift) | ||
193 | + assert_match(/\APASS /, commands.shift) | ||
194 | + assert_equal("TYPE I\r\n", commands.shift) | ||
195 | + buf = ftp.getbinaryfile("foo", nil) | ||
196 | + assert_equal(binary_data, buf) | ||
197 | + assert_equal(Encoding::ASCII_8BIT, buf.encoding) | ||
198 | + assert_equal("PASV\r\n", commands.shift) | ||
199 | + assert_equal("RETR foo\r\n", commands.shift) | ||
200 | + assert_equal(nil, commands.shift) | ||
201 | + ensure | ||
202 | + ftp.close if ftp | ||
203 | + end | ||
204 | + ensure | ||
205 | + server.close | ||
206 | + end | ||
207 | + end | ||
208 | + | ||
209 | + def test_use_pasv_invalid_ip | ||
210 | + commands = [] | ||
211 | + binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 | ||
212 | + server = create_ftp_server(nil, "127.0.0.1") { |sock| | ||
213 | + sock.print("220 (test_ftp).\r\n") | ||
214 | + commands.push(sock.gets) | ||
215 | + sock.print("331 Please specify the password.\r\n") | ||
216 | + commands.push(sock.gets) | ||
217 | + sock.print("230 Login successful.\r\n") | ||
218 | + commands.push(sock.gets) | ||
219 | + sock.print("200 Switching to Binary mode.\r\n") | ||
220 | + line = sock.gets | ||
221 | + commands.push(line) | ||
222 | + sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n") | ||
223 | + commands.push(sock.gets) | ||
224 | + } | ||
225 | + begin | ||
226 | + begin | ||
227 | + ftp = Net::FTP.new | ||
228 | + ftp.passive = true | ||
229 | + ftp.use_pasv_ip = true | ||
230 | + ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait | ||
231 | + ftp.connect("127.0.0.1", server.port) | ||
232 | + ftp.login | ||
233 | + assert_match(/\AUSER /, commands.shift) | ||
234 | + assert_match(/\APASS /, commands.shift) | ||
235 | + assert_equal("TYPE I\r\n", commands.shift) | ||
236 | + assert_raise(SocketError) do | ||
237 | + ftp.getbinaryfile("foo", nil) | ||
238 | + end | ||
239 | + ensure | ||
240 | + ftp.close if ftp | ||
241 | + end | ||
242 | + ensure | ||
243 | + server.close | ||
244 | + end | ||
245 | + end | ||
246 | + | ||
247 | private | ||
248 | |||
249 | - def create_ftp_server(sleep_time = nil) | ||
250 | - server = TCPServer.new(SERVER_ADDR, 0) | ||
251 | + def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR) | ||
252 | + server = TCPServer.new(addr, 0) | ||
253 | @thread = Thread.start do | ||
254 | if sleep_time | ||
255 | sleep(sleep_time) | ||
256 | -- | ||
257 | 2.17.1 | ||
258 | |||
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch deleted file mode 100644 index b78a74a4b5..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch +++ /dev/null | |||
@@ -1,102 +0,0 @@ | |||
1 | From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001 | ||
2 | From: Shugo Maeda <shugo@ruby-lang.org> | ||
3 | Date: Tue, 11 May 2021 10:31:27 +0900 | ||
4 | Subject: [PATCH] Fix StartTLS stripping vulnerability | ||
5 | |||
6 | This fixes CVE-2021-32066. | ||
7 | Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>. | ||
8 | |||
9 | CVE: CVE-2021-32066 | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | [https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256] | ||
13 | |||
14 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
15 | --- | ||
16 | lib/net/imap.rb | 8 +++++++- | ||
17 | test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++ | ||
18 | 2 files changed, 38 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/lib/net/imap.rb b/lib/net/imap.rb | ||
21 | index 505b4c8950..d45304f289 100644 | ||
22 | --- a/lib/net/imap.rb | ||
23 | +++ b/lib/net/imap.rb | ||
24 | @@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd) | ||
25 | end | ||
26 | resp = @tagged_responses.delete(tag) | ||
27 | case resp.name | ||
28 | + when /\A(?:OK)\z/ni | ||
29 | + return resp | ||
30 | when /\A(?:NO)\z/ni | ||
31 | raise NoResponseError, resp | ||
32 | when /\A(?:BAD)\z/ni | ||
33 | raise BadResponseError, resp | ||
34 | else | ||
35 | - return resp | ||
36 | + raise UnknownResponseError, resp | ||
37 | end | ||
38 | end | ||
39 | |||
40 | @@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError | ||
41 | class ByeResponseError < ResponseError | ||
42 | end | ||
43 | |||
44 | + # Error raised upon an unknown response from the server. | ||
45 | + class UnknownResponseError < ResponseError | ||
46 | + end | ||
47 | + | ||
48 | RESPONSE_ERRORS = Hash.new(ResponseError) | ||
49 | RESPONSE_ERRORS["NO"] = NoResponseError | ||
50 | RESPONSE_ERRORS["BAD"] = BadResponseError | ||
51 | diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb | ||
52 | index 8b924b524e..85fb71d440 100644 | ||
53 | --- a/test/net/imap/test_imap.rb | ||
54 | +++ b/test/net/imap/test_imap.rb | ||
55 | @@ -127,6 +127,16 @@ def test_starttls | ||
56 | imap.disconnect | ||
57 | end | ||
58 | end | ||
59 | + | ||
60 | + def test_starttls_stripping | ||
61 | + starttls_stripping_test do |port| | ||
62 | + imap = Net::IMAP.new("localhost", :port => port) | ||
63 | + assert_raise(Net::IMAP::UnknownResponseError) do | ||
64 | + imap.starttls(:ca_file => CA_FILE) | ||
65 | + end | ||
66 | + imap | ||
67 | + end | ||
68 | + end | ||
69 | end | ||
70 | |||
71 | def start_server | ||
72 | @@ -834,6 +844,27 @@ def starttls_test | ||
73 | end | ||
74 | end | ||
75 | |||
76 | + def starttls_stripping_test | ||
77 | + server = create_tcp_server | ||
78 | + port = server.addr[1] | ||
79 | + start_server do | ||
80 | + sock = server.accept | ||
81 | + begin | ||
82 | + sock.print("* OK test server\r\n") | ||
83 | + sock.gets | ||
84 | + sock.print("RUBY0001 BUG unhandled command\r\n") | ||
85 | + ensure | ||
86 | + sock.close | ||
87 | + server.close | ||
88 | + end | ||
89 | + end | ||
90 | + begin | ||
91 | + imap = yield(port) | ||
92 | + ensure | ||
93 | + imap.disconnect if imap && !imap.disconnected? | ||
94 | + end | ||
95 | + end | ||
96 | + | ||
97 | def create_tcp_server | ||
98 | return TCPServer.new(server_addr, 0) | ||
99 | end | ||
100 | -- | ||
101 | 2.25.1 | ||
102 | |||
diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.3.bb index a348946972..a781f69534 100644 --- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb +++ b/meta/recipes-devtools/ruby/ruby_3.0.3.bb | |||
@@ -6,16 +6,13 @@ SRC_URI += " \ | |||
6 | file://remove_has_include_macros.patch \ | 6 | file://remove_has_include_macros.patch \ |
7 | file://run-ptest \ | 7 | file://run-ptest \ |
8 | file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ | 8 | file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ |
9 | file://CVE-2021-31810.patch \ | ||
10 | file://CVE-2021-32066.patch \ | ||
11 | file://CVE-2021-31799.patch \ | ||
12 | file://0003-rdoc-build-reproducible-documentation.patch \ | 9 | file://0003-rdoc-build-reproducible-documentation.patch \ |
13 | file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ | 10 | file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ |
14 | file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ | 11 | file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ |
15 | file://0006-Make-gemspecs-reproducible.patch \ | 12 | file://0006-Make-gemspecs-reproducible.patch \ |
16 | " | 13 | " |
17 | 14 | ||
18 | SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727" | 15 | SRC_URI[sha256sum] = "3586861cb2df56970287f0fd83f274bd92058872d830d15570b36def7f1a92ac" |
19 | 16 | ||
20 | PACKAGECONFIG ??= "" | 17 | PACKAGECONFIG ??= "" |
21 | PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" | 18 | PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" |
@@ -81,8 +78,6 @@ do_install_ptest () { | |||
81 | -i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb | 78 | -i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb |
82 | 79 | ||
83 | cp -r ${S}/include ${D}/${libdir}/ruby/ | 80 | cp -r ${S}/include ${D}/${libdir}/ruby/ |
84 | test_case_rb=`grep rubygems/test_case.rb ${B}/.installed.list` | ||
85 | sed -i -e 's:../../../test/:../../../ptest/test/:g' ${D}/$test_case_rb | ||
86 | } | 81 | } |
87 | 82 | ||
88 | PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc" | 83 | PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc" |