upgrade rexml to fix CVE-2024-35176

(cherry picked from commit 470ddb5831485cbea6fe171320358092653633f3)
2024-07-06 14:50:47 +08:00 · 2024-07-06 14:50:47 +08:00 · 56af5ab2c5
commit 56af5ab2c5
parent f8b0d5faf8
2 changed files with 1829 additions and 1 deletions
--- a/ruby.spec
+++ b/ruby.spec
@ -33,7 +33,7 @@

 Name:      ruby
 Version:   %{ruby_version}
-Release:   141
+Release:   142
 Summary:   Object-oriented scripting language interpreter
 License:   (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
 URL:       https://www.ruby-lang.org/en/
@ -97,6 +97,7 @@ Patch6020: backport-0002-CVE-2024-35221.patch
 Patch6021: backport-0003-CVE-2024-35221.patch
 Patch6022: backport-0004-CVE-2024-35221.patch
 Patch6023: backport-0005-CVE-2024-35221.patch
+Patch6024: upgrade-lib-rexml-to-3.3.1.patch

 Provides:  %{name}-libs = %{version}-%{release}
 Obsoletes: %{name}-libs < %{version}-%{release}
@ -882,6 +883,9 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 %{gem_dir}/specifications/matrix-%{matrix_version}.gemspec

 %changelog
+* Sat Jul 06 2024 shixuantong <shixuantong1@huawei.com> - 3.2.2-142
+- upgrade rexml to fix CVE-2024-35176
+
 * Tue Jun 18 2024 shixuantong <shixuantong1@huawei.com> - 3.2.2-141
 - fix CVE-2024-35221

--- a/upgrade-lib-rexml-to-3.3.1.patch
+++ b/upgrade-lib-rexml-to-3.3.1.patch