backport-CVE-2024-47889-test.patch

@@ -1,21 +0,0 @@
-diff --git a/actionmailer/test/mail_helper_test.rb b/actionmailer/test/mail_helper_test.rb
-index a8ab19a95c0e3..e49eabdce8275 100644
---- a/actionmailer/test/mail_helper_test.rb
-+++ b/actionmailer/test/mail_helper_test.rb
-@@ -121,4 +121,16 @@ def test_use_cache
-       assert_equal "Greetings from a cache helper block", mail.body.encoded
-     end
-   end
-+
-+  def helper
-+    Object.new.extend(ActionMailer::MailHelper)
-+  end
-+
-+  def test_block_format
-+    assert_equal "  * foo\n", helper.block_format(" * foo")
-+    assert_equal "  * foo\n", helper.block_format("   * foo")
-+    assert_equal "  * foo\n", helper.block_format("* foo")
-+    assert_equal "  * foo\n*bar", helper.block_format("* foo*bar")
-+    assert_equal "  * foo\n  * bar\n", helper.block_format("* foo * bar")
-+  end
- end

backport-CVE-2024-47889.patch

@@ -1,39 +0,0 @@
-From 0e5694f4d32544532d2301a9b4084eacb6986e94 Mon Sep 17 00:00:00 2001
-From: John Hawthorn <john@hawthorn.email>
-Date: Fri, 11 Oct 2024 00:34:14 -0700
-Subject: [PATCH] Avoid backtracking in ActionMailer block_format
-
-[CVE-2024-47889]
-
-Thanks to yuki_osaki and scyoon for reporting this vulnerability
----
- actionmailer/lib/action_mailer/mail_helper.rb | 14 +++++++++++---
- actionmailer/test/mail_helper_test.rb         | 12 ++++++++++++
- 2 files changed, 23 insertions(+), 3 deletions(-)
-
-diff --git a/actionmailer/lib/action_mailer/mail_helper.rb b/actionmailer/lib/action_mailer/mail_helper.rb
-index e7bed41f8d294..f527d5a59ebf5 100644
---- a/actionmailer/lib/action_mailer/mail_helper.rb
-+++ b/actionmailer/lib/action_mailer/mail_helper.rb
-@@ -23,10 +23,18 @@ def block_format(text)
-       }.join("\n\n")
- 
-       # Make list points stand on their own line
--      formatted.gsub!(/[ ]*([*]+) ([^*]*)/) { "  #{$1} #{$2.strip}\n" }
--      formatted.gsub!(/[ ]*([#]+) ([^#]*)/) { "  #{$1} #{$2.strip}\n" }
-+      output = +""
-+      splits = formatted.split(/(\*+|\#+)/)
-+      while line = splits.shift
-+        if line.start_with?("*", "#") && splits[0].start_with?(" ")
-+          output.chomp!(" ") while output.end_with?(" ")
-+          output << "  #{line} #{splits.shift.strip}\n"
-+        else
-+          output << line
-+        end
-+      end
- 
--      formatted
-+      output
-     end
- 
-     # Access the mailer instance.

rubygem-actionmailer.spec

@@ -1,59 +1,33 @@
 %global gem_name actionmailer
-
+Name:                rubygem-%{gem_name}
-Name:		rubygem-%{gem_name}
+Epoch:               1
-Epoch:		1
+Version:             5.2.4.4
-Version:	7.0.7
+Release:             1
-Release:	2
+Summary:             Email composition, delivery, and receiving framework (part of Rails)
-Summary:	Email composition and delivery framework (part of Rails)
+License:             MIT
-License:	MIT
+URL:                 http://rubyonrails.org
-URL:		https://rubyonrails.org
+Source0:             https://rubygems.org/gems/%{gem_name}-%{version}.gem
-Source0:	https://rubygems.org/gems/%{gem_name}-%{version}.gem
+Source1:             https://github.com/rails/rails/archive/v5.2.4.4.tar.gz
-# ActionMailer gem doesn't ship with the test suite.
+BuildRequires:       ruby(release) rubygems-devel ruby >= 2.2.2 rubygem(actionpack) = %{version}
-# You may check it out like so
+BuildRequires:       rubygem(activejob) = %{version} rubygem(mail) >= 2.5.4
-# git clone http://github.com/rails/rails.git
+BuildArch:           noarch
-# cd rails/actionmailer && git archive -v -o actionmailer-7.0.4-tests.txz v7.0.4 test/
-Source1: 	actionmailer-%{version}-tests.txz
-# The tools are needed for the test suite, are however unpackaged in gem file.
-# You may get them like so
-# git clone http://github.com/rails/rails.git --no-checkout
-# cd rails && git archive -v -o rails-7.0.4-tools.txz v7.0.4 tools/
-Source2:	rails-%{version}-tools.txz
-Patch3000:	backport-CVE-2024-47889.patch
-Patch3001:	backport-CVE-2024-47889-test.patch
-
-BuildRequires:	ruby(release)
-BuildRequires:	rubygems-devel
-BuildRequires:	ruby >= 2.2.2
-BuildRequires:	rubygem(actionpack) = %{version}
-BuildRequires:	rubygem(activejob)  = %{version}
-BuildRequires:	rubygem(mail) >= 2.5.4
-BuildRequires:  rubygem(net-smtp)
-BuildArch:	noarch
-
 %description
-Email on Rails. Compose, deliver, and test emails using the familiar
+Email on Rails. Compose, deliver, receive, and test emails using the familiar
 controller/view pattern. First-class support for multipart email and
 attachments.
 
-%package	doc
+%package doc
-Summary:	Documentation for %{name}
+Summary:             Documentation for %{name}
-Requires:	%{name} = %{epoch}:%{version}-%{release}
+Requires:            %{name} = %{epoch}:%{version}-%{release}
-BuildArch:	noarch
+BuildArch:           noarch
-
+%description doc
-%description	doc
 Documentation for %{name}.
 
 %prep
-%setup -q -n %{gem_name}-%{version}%{?prerelease} -b1 -b2
+%setup -q -c -T
-%patch3000 -p2
+%gem_install -n %{SOURCE0}
-
-pushd %{_builddir}
-%patch3001 -p2
-popd
 
 %build
-gem build ../%{gem_name}-%{version}%{?prerelease}.gemspec
-%gem_install
 
 %install
 mkdir -p %{buildroot}%{gem_dir}
@@ -62,12 +36,9 @@ cp -a .%{gem_dir}/* \
 
 %check
 pushd .%{gem_instdir}
-ln -s %{_builddir}/tools ..
+tar xzvf %{SOURCE1}
-mv %{_builddir}/test .
+cd rails-%{version}/%{gem_name}
-
+ruby -Ilib:test -e 'Dir.glob "./test/**/*_test.rb", &method(:require)'
-# Bigdecimal does not get auto-required
-# https://github.com/rails/rails/issues/44399
-ruby -Ilib:test -rbigdecimal -e 'Dir.glob "./test/**/*_test.rb", &method(:require)'
 popd
 
 %files
@@ -83,18 +54,6 @@ popd
 %doc %{gem_instdir}/README.rdoc
 
 %changelog
-* Thu Oct 17 2024 yaoxin <yao_xin001@hoperun.com> - 1:7.0.7-2
-- Fix CVE-2024-47889
-
-* Thu Aug 17 2023 xu_ping <707078654@qq.com> - 1:7.0.7-1
-- Upgrade to version 7.0.7
-
-* Thu Jan 19 2023 wangkai <wangkai385@h-partners.com> - 1:7.0.4-1
-- Upgrade to version 7.0.4
-
-* Wed May 04 2022 wangkerong <wangkerong@h-partners.com> - 6.1.4.1-1
-- Upgrade to 6.1.4.1
-
 * Mon Feb  8 2021 sunguoshuai <sunguoshuai@huawei.com> - 5.2.4.4-1
 - Upgrade to 5.2.4.4