ALT Linux repos
Group :: Development/Ruby
RPM: ruby
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
19 june 2023 Pavel Skrylev <majioa at altlinux.org> 3.1.2-alt2.1
- - removed rpm-build-ruby build dependency (closes #46576)
- ! removed unnecessary alias from macros
- ! fix arch for rpm-macros-ruby (thanx to vt@, closes #44173)
- ^ 3.1.1 -> 3.1.2
- ! fix call to irb/erb (closes #43110)
- ! fix CVEs
+ CVE-2022-28738: Double free in Regexp compilation
+ CVE-2022-28739: Buffer overrun in String-to-Float conversion
- ^ 2.7.6 -> 3.1.1
- *split lib64 and lib folders for side and gems using system folder division
- *single instantiating of ruby to crop out versioning
- +add rewritten some ruby macros to conform ruby 3x style with single
instantiating tree
- !fix bugs:
+ CVE-2022-28738
+ CVE-2022-28739
- !fix dependency to libffi8
- ! %ruby_sitearchdir path (ALT #41688)
- ^ 2.7.4 -> 2.7.5
- ! realpath when loading a library over symlinks
- + enabled rpm-build-ruby gem autodetection
- ! spec
- disabled bootstrap
- fixed miniruby bootstrap mode
- LTO disabled (ruby built using LTO is broken)
- enabled bootstrap to fix broken 2.7.4-alt1 build
- ^ 2.7.3 -> 2.7.4
- ! build of LTE errors
- ^ ruby 2.7.2 -> 2.7.3
- get a patch from upstream to fix a bug when building with Bision 3.7.5
- - by dropping dep to libgit, and build req to rpm-build-ruby replaced with
only macros
- ^ ruby 2.7.1 -> 2.7.2
- ! ruby development deps
- fixed packaging on so-called armh
- ^ ruby 2.7.0 -> 2.7.1
- * to unbind ruby and libruby
- ^ ruby 2.5.5 -> 2.7.0
- ^ rubygems 3.0.1 -> 3.1.2
- + packaged gems gem-bundle-embedded, gem-racc-embedded
- Disable valgrind for architectures which does not support it.
- ! spec according to changelog rules
- + ruby-mspec package
- ! spec: syntax, gem dependencies
- Fixed build on ppc64le architecture.
- spec: bootstrap: fixed miniruby version.
- Fixed ri documentation placement (closes: #36294)
- Bump to 2.5.5
- Added config.h to installation
- Allow provide ruby version.
- Added some gem dependencies to spec.
- Bump to 2.5.4;
- Russian description;
- Split tools to separate modules;
- Fixes:
+ CVE-2018-16396: Tainted flags are not propagated in Array#pack and
String#unpack with some directives;
+ CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly; - Modules pilled-out from the package:
+ json
+ minitest
+ update_rubygems
+ did_you_mean
+ net-telnet
+ power_assert
+ rake
+ test-unit
+ xmlrpc
+ rdoc
- Rebuild with new ruby autoreq.
- ruby requires ruby-stdlibs.
- Provides bundled gems.
- Fix version in provides.
- Package %ruby_ridir and %ruby_ri_sitedir directories in ruby.
- New version.
- Fixes:
+ CVE-2017-17742: HTTP response splitting in WEBrick
+ CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
+ CVE-2018-8777: DoS by large request in WEBrick
+ CVE-2018-8778: Buffer under-read in String#unpack
+ CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
+ CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
- New version.
- Fixes:
+ CVE-2017-17405 Command injection vulnerability in Net::FTP - Update Rubygems to 2.7.6 with security fixes (see https://blog.rubygems.org/2018/02/15/2.7.6-released.html)
- Properly check for __uint128_t.
- Add miniruby-src subpackage.
- Bootstrap miniruby without ruby using miniruby-src.
- Merge rubygems-2.6.14 changes
- Fixes:
+ CVE-2017-0903 Unsafe Object Deserialization Vulnerability in RubyGems
- New version 2.4.2
- Security fixes:
+ CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
+ CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
+ CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
+ CVE-2017-14064: Heap exposure in generating JSON
- New version 2.4.1 with gems 2.6.13
- Security fixes:
+ CVE-2017-0902 a DNS request hijacking vulnerability
+ CVE-2017-0899 an ANSI escape sequence vulnerability
+ CVE-2017-0900 a DoS vulnerability in the query command
+ CVE-2017-0901 a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files - ext/tk: Tk is removed from stdlib. [Feature #8539]
- Rebuilt against Tcl/Tk 8.6
- Fix ruby library path
- new version
- p510 upstream patchlevel
- p499 upstream patchlevel
- p490 upstream patchlevel
- p481 upstream patchlevel
- p480 upstream patchlevel
- p477 upstream patchlevel
- p466 upstream patchlevel
- p462 upstream patchlevel
- excluded filetrigger for site ri cache update
- p461 upstream patchlevel
- 2.0.0 p458 upstream patchlevel
- p545 upstream patchlevel
- p541 upstream patchlevel
- p537 upstream patchlevel
- p535 upstream patchlevel
- p534 upstream patchlevel
- p515 upstream patchlevel
- p514 upstream patchlevel
- p511 upstream patchlevel
- p510 upstream patchlevel
- p503 upstream patchlevel
- p489 upstream patchlevel
- p488 upstream patchlevel
- p483 upstream patchlevel
- p482 upstream patchlevel
- p470 upstream patchlevel
- p469 upstream patchlevel
- p465 upstream patchlevel
- p464 upstream patchlevel
- p458 upstream patchlevel
- p455 upstream patchlevel
- p452 upstream patchlevel
- p451 upstream patchlevel
- p448 upstream patchlevel
- p432 upstream patchlevel
- p430 upstream patchlevel
- p429 upstream patchlevel
- p415 upstream patchlevel
- p411 upstream patchlevel
- p408 upstream patchlevel
- p401 upstream patchlevel
- p394 upstream patchlevel
- p393 upstream patchlevel
- p392 upstream patchlevel
- p386 upstream patchlevel:
+ JSON updated to 1.5.5
- fixed BuildRequires (ALT#28533)
- p385 upstream patchlevel
- moved ri to separate subpackage
- moved rdoc to ruby-tools subpackage
- removed rdoc subpackage
- added strict requires of ri for ruby-doc-ri (ALT#28451)
- p374 upstream patchlevel
- p367 upstream patchlevel
- p362 upstream patchlevel
- p341 upstream patchlevel
- %files: fixed %ruby_arch (for arches with the suffix "-eabi")
- %install: fixed %ruby_arch (for arches with the suffix "-eabi")
- fixed ruby libpath
- fixed BuildRequires
- %name-stdlibs: fixed Provides
- fixed requires
- built with default ruby_version
- added more Provides/Obsoletes
- 1.9.3
- Adopt Conflicts.
- SVN revision 31204.
- SVN revision 30896.
- Tests runs on single CPU. XXX: fix this one.
- SVN revision 30363 AKA 1.9.2p136
- Resurrected pager selection patch for ri
- Added filetrigger for site ri cache update
- SVN revision 29921 AKA 1.9.2p53
- SVN revision 29393 AKA 1.9.2p14
- SVN revision 29034 AKA 1.9.2p0
+ Incompatible changes:
* $: no longer includes the current directory, use require_relative
* Symbol with an invalid encoding is forbidden to exist.
* Enumerator#rewind now calls the "rewind" method of the enclosed
object if defined.
* Enumerator#next doesn't clear the position at end.
* Kernel#instance_eval yields the receiver.
* The year argument of Time.{utc,gm,local,mktime} is now interpreted
as the value itself. For example, Time.utc(99) means the year 99
AD, not 1999 AD.
* Socket#{recvfrom,recvfrom_nonblock,accept,accept_nonblock,sysaccept}
returns a sender address as Addrinfo object instead of a binary
sockaddr string. Addrinfo#to_s returns the old binary sockaddr
string.
* BasicSocket#getsockopt returns Socket::Option object instead of a
binary string. Socket::Option#to_s returns the old binary string.
* Socket.do_not_reverse_lookup is turned on by default now.
* Time.parse raises ArgumentError when no date information.
* Regexp properties (\p{}) names now ignore underscores, spaces, and
case, so \p{ol chiki} is the same as \p{Ol_Chiki}
* Regexps now support Unicode 5.2 (new characters and scripts)
* \d, \s, and \w are now ASCII only; use POSIX bracket classes and
\p{} for Unicode semantics
+ See NEWS for more info...
- Fix String#ljust, String#rjust and String#center breakage after
CVE-2009-4124 fix
- SVN revision 26040 AKA 1.9.1p376 (2009-12-07)
+ CVE-2009-4124
- SVN revision 25953 AKA 1.9.1p355 (2009-11-27)
- Backported fix for REXML formatter exception when duplicate namespaced
attributes exist
- Make tests pass on ARM
- SVN revision 25816 AKA 1.9.1p339 (2009-11-17)
- Backported fix for String#[] issues with short UTF-8 strings
- SVN snapshot 20091101 AKA 1.9.1-p333
- Execute full test suite in %check
- SVN snapshot 20090809 AKA 1.9.1-p281
+ digest/sha2: Update to 1.0 RELEASE which fixes an off-by-one bug in
SHA-256 hashing.
- SVN snapshot 20090727 AKA 1.9.1-p252
- Fixed "warning: `*' interpreted as argument prefix" in pathname.rb
- SVN snapshot 20090625 AKA 1.9.1.203
+ CVE-2009-1904: DoS vulnerability in BigDecimal module - All ruby-module-*'s merged back to ruby-stdlibs and ruby-stdlibs-tk
- Shared library moved back from /%_lib to %_libdir
- Disabled rubygems by default, use ruby option "--enable gems" to enable
- All packages with RI documentation should depend on ruby-doc-ri
- Modules excluded from stdlibs (packaged separately):
+ json
+ minitest
+ racc
+ rake
+ rubygems
+ test/unit
- Use config.sub when guessing target architecture
- Use files.req for directory provides (needs updated rpm-build-ruby)
- 1.8.7.72
+ Multiple vulnerabilities
+ Several vulnerabilities in safe level
+ untrace_var is permitted at safe level 4
+ $PROGRAM_NAME may be modified at safe level 4
+ insecure methods may be called at safe level 1-3
+ syslog operations are permitted at safe level 4
+ DoS vulnerability in WEBrick
+ Lack of taintness check in dl
+ CVE-2008-1447: DNS spoofing vulnerability in resolv.rb
- 1.8.7.51
- Fix FHS patch which was broken in 1.8.7-alt3
- Put ruby binary and libruby back to /usr/
- 1.8.7.22
+ CVE-2008-2726
- 1.8.7.19
- Built with libdb4.7
- 1.8.7.3
+ lib/erb.rb: works fine without strscan
- 1.8.7
+ Enumerator is now a built-in module
- Built with new rpm-build-ruby:
+ Removed rpm-build-ruby subpackage
+ Removed all manual dependencies - Switched to Tcl/Tk stubs (8.5) instead of direct linking (sbolshakov@)
- update to 1.8.6.114
+ fix file access vulnerability of WEBrick
- rubynode updated to 0.1.5
+ Fix a possible segfault with OP_ASGN2 nodes - synced with Debian ruby1.8-1.8.6.111-4
+ rcov may crash because of backwards incompatibility.
This fix is a back port from the upstream (r14826-15141). - temporary build with tk8.4 to avoid crash
- remove non-ascii symbols from description and summary
- ruby-module-rubynode: rubynode 0.1.4 integrated into ruby tree
- select first valid pager, not last (raorn@)
- branch based git repository
- update to ruby_1_8_6 svn branch (revision 14091)
- sync with debian 1.8.6.111-2
+ CVE-2007-5162 - install libruby.so into %_libdir (bug #13951)
- move arch-depended site_ruby to /usr/local/ (raorn@)
- update macros (bug #13933)
- add missing deps to ruby-module-rexml
- generation rdoc documentation:
+ add make rdoc
- build without debug
- 1.8.6
- added rpm-build-ruby subpackage, moved rpm macros to it.
- /usr/inculde/ruby added to libruby-devel(bug #10506)
- Do not handle html-style comments in code as specials
- 1.8.5-p2
- ri pager selection fixing
- Re-added ruby-stdlibs - pure virtual package with all requires
- mkmf.rb moved to libruby-devel
- base64.rb moved to module-digest
- pstore.rb moved to module-fileutils
- module-stdlibs renamed to module-misc
- libruby-devel requires tool-rdoc
- Hardened requires on libruby for module-*
- Re-added lost %ruby_configure macro
- Added macroses for "setup.rb"-based modules
- Added %ruby_vendor macro - ruby -rvendor-specific
- spec rewrite from scratch
- stdlibs sparate to many packages
- new packages naming strategy
- ruby executable moved to /bin
- ruby library moved to /%_lib
- headers moved to /usr/include/ FHS
- and many others
- 1.8.5
- debian 1.8.5-2 synced
- warnings in core removed
- Fixed x86_64 filelist and fhs patch (closes: #9401)
- rdocall script dropped
- Rebuilt with libdb4.4.
- patching order changed
- Patch ported from FC ruby-1.8-fc-no-eaccess.patch:
backported from ruby CVS to avoid conflict between newer glibc. - ruby-1.8-alt-ri-DESTDIR.patch removed
- Patches ported from debian:
* ruby-1.8-deb-delegate.rb.patch - delegate.rb should use Kernel::raise for Thread.
[ruby-dev:22681][ruby-dev:22684] - delegate.rb should not delegate singleton_method_added.
* ruby-1.8-deb-.document.patch - rdoc processes net/* and some libraries.
* ruby-1.8-deb-yaml_bignum.patch - YAML.dump/load cannot handle Bignum. [ruby-core:6159]
- patch from Michael Ablassmeier
* ruby-1.8-deb-yaml_symbol.patch - YAML loading of quoted symbols is broken
- FHS patch updated:
* DESTDIR processing fixed
* rbconfig back to archlibdir - Generating system-wide documentation for ri using make
- spec cleanups
- FHS patch updated: headers in /usr/include/ruby/%subver
- [1.8.4]
- Rebuilt with libreadline.so.5.
- rebuild
- multilib support
- %configure --with-vendordir
- Change default DESTDIR in rbconfig.rb
- Updated libdb4 build dependencies.
- Rebuilt with libdb4.3.
- Some spec cleanups
- Use --disable-rpath
- Use `%_lib' instead of `lib' (maybe-x86_64-fixes)
- Do not set LD_LIBRARY_PATH - rubytest.rb does it for us
- Create created.rid file in RI site dir so it will look like doc dir
- Use rdoc -a by default
- 1.8.2 release
- ruby-1.8.2-alt-extdoc.patch in upstream now
- Move extensions docs from extensions/ext to extensions
- %dir'ed ri_sitedir
- Changed %ruby_ri_systemdir to %ruby_ri_sitedir (points to
%_datadir/ri/%subver/site) - Document more external modules (which have it's own documentation):
+ iconv
+ io/wait
+ strscan
+ zlib
- Add %ruby_ri_systemdir and %rdoc macros
- Now --ri-site defers DESTDIR (patch by Alexey I. Froloff)
- Add script 'rdocall' for generate all rdoc documentation
- 1.8.2-preview2
- 1.8.2-preview1
- New patch to fix 3506 by Sean Russell
- Add %ruby_begin and %ruby_end macros
- Add README.ALT-CP1251 and README.ALT-KOI8
- Rebuilt with openssl-0.9.7d.
- Fixed bug #3506(REXML)
- Snapshot as of 2004/03/24
- Fixed:
+ socket extension build in chrooted environment
- Snapshot as of 2004/03/08
- Snapshot as of 2004/02/15
- Rebuild against libdb4.2
- Snapshot as of 2003/12/28 of ruby_1_8 branch
- Removed:
+ patch for rdoc fixes (integrated to upstream) - Fixed:
+ segfault in Syck's emitter (matz)
- Fixed:
+ rdoc's simple markup ToFlow class - We obsolete 'ri' package now but do not package rdoc-ed
'ri' metainfo for standard libs so far (nothing to package yet)
- Fixed:
+ rdoc's simple markup classes
- 1.8.1
- Snapshot as of 2003/12/18
- REXML support for iconv(3) is in upstream now
- Snapshot as of 2003/09/27
- All external documentation moved to ruby-doc-extra package
- Snapshot as of 2003/08/21
- Fixed:
+ REXML now falls back to iconv(3) when there is no native
support for specified encoding (ab)
- Final Ruby 1.8.0 + post-release fixes from CVS
- 2003/08/02
- OpenSSL support integrated, thus ruby-openssl is obsolete now
- Snapshot as of 2003/07/22
- Test::Unit is included into stdlibs, ruby-stdlibs package
obsoletes ruby-testunit now and provides it for backward
compatibility
- Tag release in BTE
- Remove tinfo patch for curses, integrated into upstream
- 1.8 CVS snapshot (2003/07/05)
- 1.8 CVS snapshot (2003/06/29)
- Patches updated, CGI patch excluded (already in upstream)
- Add %_libdir/%name/vendor_ruby/%subver/%{_target_cpu}-%{_host_os} to the list
of owned directories for stdlibs-core - Enhance dependencies between subpackages:
+ lib%name is a base package, everything else requires it (through a chain),
it also owns a Ruby subtree directories
+ %name-stdlibs prerequires lib%name
+ %name-stdlibc-tk prerequires %name-stdlibs
+ every third-party Ruby package *should* prerequire lib%name
if it is installable into Ruby subtree - Clean up spec file:
+ Fix miniruby calls to use non-Perlish variable notation only - Removed:
+ %name-stdlib-core package merged with lib%name - Major review of packaged documentation:
+ Ruby FAQ is now in A4 PDF
+ Hal Fulton's "Rubyesque API" from EuRuKo03
+ Tobias Peters' "Garbage in Ruby Extensions" from EuRuKo03
+ Features of Ruby 1.8 since Ruby 1.6 from ruby-shim project
- Fixed:
+ Readline extension was lost due wrong check for libtermcap instead
of libtinfo
+ fileutils.rb incorrect behaviour for symlinks (mouse@altlinux.ru)
- Fixed:
+ IRB code to not use #initialize publicly as it is a private method
in Ruby 1.7 since 2002-11-14. - Removed:
+ Proxy-Authorization support in Net::HTTP patch (integrated into upstream)
- Changed:
+ Installation splitted between %_datadir and %_libdir
in order to be more conformant to FHS
+ Directory structure is stored in %name-stdlibs-core package
+ vendordir/vendorarchdir added as /usr/{lib,share}/ruby/vendor_ruby
and site-specific dirs moved to /usr/local - Fixed:
+ curses modules build fixed
+ mkmf.rb to successuly configure C++ exetnsions
- Removed:
+ misc/*.el as now they are part of (X)Emacs prog-modes - Added:
+ Patch to fix CGI and Cookies to follow 1.7's split() behaviour
+ Gdbm module support - Fixed:
+ Getaddrinfo detection code in mkmf - ToDo:
+ Fix mkmf to run run_test() against locally compiled libruby.so
when dealing with extensions, not against (non-)existent system-wide one
- News snapshot (2002/10/26)
- Fixed BuildReq to allow build of gdbm module
- Group changed to Development/Ruby
- Remove ruby-stdlibs-win32ole as it seems tend to not work
- New snapshot (2002/10/09)
- Changed:
+ Emacs support moved to %name-doc and placed in %_docdir/%name-%1.1.0/misc
unless XEmacs and GNU Emacs maintaining teams decide where and how
to put third-party program modes. Also, XEmacs already has (an outdated)
ruby-mode.
- rebuilt with tcl 8.4
- New snapshot (2002/09/19)
- Added:
+ Patch to support proxy authorization in Net::HTTP (Alexander Bokovoy)
+ Win32ole support using Wine as ruby-stdlibs-win32ole
+ db module using libdb4 - Fixed:
+ Build requires to include Readline
- Initial build of 1.7.x
- Standard library splitted off to ruby-stdlibs
- More libification:
+ Dynamic library splitted off to libruby
+ ruby-devel renamed to libruby-devel
+ ruby-devel-static renamed to libruby-devel-static - Tcl/Tk extensions work now and split off to ruby-stdlibs-tk
- Documentation extended
- minor spec cleanup
- 1.6.7 + post release fixes
- Dependencies for ruby-doc package refined
- rebuild with new python
- 1.6.6
- Removed:
+ mkmf patch (integrated into upstream)
+ Regexp patch (integrated into upstream)
- Fixed:
+ mkmf patch updated to one from Nobu Nakada
- Fixed:
+ Regexp UTF-8 handling (backport from 1.7.x)
+ %_libdir/ruby/site_ruby/%subver added
- Updated:
+ Programming Ruby up to 0.3a
+ URL for Ruby FAQ - Fixed:
+ Programming Ruby html structure
- Fixed:
+ mkmf to allow full usage of $(DESTDIR), this is required to
properly build extension packages
- Enable shared library build
- Move static library to devel-static
- 1.6.5
- 1.6.4
- New patches from Mandrake.
- Fix extentions. Thanks to Pixel.
- Up to 1.6.3
- RE adaptations
- build again full optflags
- build without -fomit-frame-pointer for time being
- capitalize summaries
- fix mispelling
- new version
- remove "--with-default-kcode=none", not more needed
- remove setting optflags to -O2, ruby doesn't crashes any more
- new version
- add packager
- nicer site-start.d/ruby.el (use add-to-list)
- fix missing %config
- use %_sysconfdir/emacs/site-start.d for the ruby-mode.el
- rebuild (fredlsux)
- new version
- remove menu
- automatically added BuildRequires
- rebuild with clean clean_menus
- macroization
- BM
- fix %URL
- rebuild (src.rpm got lost :( )
- new version
- new version
- fix group for doc
- add menu
- new group + cleanup
- build with no charset conversion (was kanji :)
- added the reference manual and FAQ in doc
- moved the lib/README in ext
- mandrake adaptation and spliting in -/doc/extensions
- Updated to version 1.4.3
- Updated to version 1.4.2 (Sep 18)
- Updated to version 1.4.2
- Updated to version 1.4.0
- 2nd release
- Updated to version 1.2.6(15 Jul 1999)
- striped %prefix/bin/ruby
- Updated to version 1.2.6(21 Jun 1999)
- Updated to version 1.2.5
- Updated to version 1.2.4
- Version up to 1.2 stable.
- Version up to 1.1c9.
- Version up to 1.1c8, however it appear short life :-P
- Version up.