packages/rubygem-rack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rubygem-rack/rubygem-rack.spec
zouzhimin 506df6251b Fix CVE-2022-44570 
(cherry picked from commit 5de9014905bf9a04855c54a03662d34c84b6f02c)
2024-04-15 15:10:40 +08:00

159 lines
4.1 KiB
RPMSpec
Raw Blame History

%global gem_name rack
%bcond_with bootstrap
Name: rubygem-%{gem_name}
Version: 2.2.4
Epoch: 1
Release: 6
Summary: A modular Ruby webserver interface
License: MIT and BSD
URL: https://rack.github.io/
Source0: https://rubygems.org/downloads/%{gem_name}-%{version}.gem
Patch0: 2-2-multipart-dos.patch
Patch1: 2-2-header-redos.patch
Patch2: Fix-CVE-2024-26141.patch
Patch3: Fix-CVE-2024-26146.patch
Patch4: Fix-CVE-2024-25126.patch
Patch5: Fix-CVE-2022-44570.patch
BuildRequires: ruby(release) rubygems-devel ruby >= 2.2.2 git
BuildRequires: memcached rubygem(memcache-client) rubygem(minitest)
BuildRequires: rubygem(memcache-client)
BuildRequires: rubygem(minitest)
%if ! %{with bootstrap}
BuildRequires: rubygem(thin)
%endif
BuildArch: noarch
%global __brp_mangle_shebangs_exclude_from ^%{gem_instdir}/test/cgi/test.ru$
%description
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
%package help
Summary: Documentation for %{name}
Requires: %{name} = %{epoch}:%{version}-%{release}
Provides: %{name}-doc = %{epoch}:%{version}-%{release}
Obsoletes: %{name}-doc < %{epoch}:%{version}-%{release}
BuildArch: noarch
%description help
Documentation for %{name}.
%prep
%autosetup -n %{gem_name}-%{version} -p1 -S git
%build
gem build ../%{gem_name}-%{version}.gemspec
%gem_install
%install
mkdir -p %{buildroot}%{gem_dir}
cp -a .%{gem_dir}/* \
%{buildroot}%{gem_dir}/
mkdir -p %{buildroot}%{_bindir}
cp -a .%{_bindir}/* \
%{buildroot}%{_bindir}/
find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod a+x
find %{buildroot}%{gem_instdir}/{bin,test/cgi} -type f | \
xargs sed -i 's|^#!/usr/bin/env ruby$|#!/usr/bin/ruby|'
for file in `find %{buildroot}/%{gem_instdir} -type f -perm /a+x`; do
[ -z "`head -n 1 $file | grep \"^#!/\"`" ] && chmod -v 644 $file
done
for file in `find %{buildroot}%{gem_instdir} -type f`; do
[ ! -z "`head -n 1 $file | grep \"^#!\"`" ] && chmod -v 755 $file
done
%check
pushd .%{gem_instdir}
PID=%(mktemp)
memcached -d -P "$PID"
LC_ALL=C.UTF-8 \
ruby -Ilib:test -e 'Dir.glob "./test/spec_*.rb", &method(:require)'
kill -TERM $(< "$PID")
popd
%files
%dir %{gem_instdir}
%{_bindir}/rackup
%license %{gem_instdir}/MIT-LICENSE
%{gem_libdir}
%{gem_instdir}/bin
%exclude %{gem_cache}
%{gem_spec}
%files help
%doc %{gem_docdir}
%doc %{gem_instdir}/CHANGELOG.md
%doc %{gem_instdir}/README.rdoc
%doc %{gem_instdir}/CONTRIBUTING.md
%doc %{gem_instdir}/SPEC.rdoc
%{gem_instdir}/Rakefile
%{gem_instdir}/%{gem_name}.gemspec
%doc %{gem_instdir}/example
%doc %{gem_instdir}/contrib
%changelog
* Tue Apr 09 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-6
- Type:CVES
- ID:CVE-2022-44570
- SUG:NA
- DESC:CVE-2022-44570
* Sun Apr 07 2024 panchenbo <panchenbo@kylinsec.com.cn> - 1:2.2.4-5
- Type: Bugfix
- ID:NA
- SUG:NA
- DESC:add BuildRequires: git
* Tue Apr 02 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-4
- Type:CVES
- ID:CVE-2024-25126
- SUG:NA
- DESC:CVE-2024-25126
* Tue Apr 02 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-3
- Type:CVES
- ID:CVE-2024-26146
- SUG:NA
- DESC:CVE-2024-26146
* Mon Apr 01 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.4-2
- Type:CVES
- ID:CVE-2024-26141
- SUG:NA
- DESC:CVE-2024-26141
* Thu Aug 17 2023 wulei <wu_lei@hoperun.com> - 1:2.2.4-1
- Upgrade to version 2.2.4
* Tue Jun 13 2023 bizhiyuan <bizhiyuan@kylinos.cn> - 1:2.2.3.1-2
- Type:CVES
- ID:CVE-2023-27539 CVE-2023-27530
- SUG:NA
- DESC:Fix CVE-2023-27539 CVE-2023-27530
* Tue Jun 28 2022 wangkai <wangkai385@h-partners.com> - 1:2.2.3.1-1
- Upgrade to 2.2.3.1 for fix CVE-2020-8184 CVE-2022-30122 CVE-2022-30123
* Mon Mar 7 2022 duyiwei<duyiwei@kylinos.cn>- 1:2.2.2-2
- delete BuildRequires rubygem(concurrent-ruby)
* Mon Feb 8 2021 sunguoshuai<sunguoshuai@huawei.com>- 1:2.2.2-1
- Upgrade to 1:2.2.2
* Wed Sep 9 2020 Ge Wang <wangge20@huawei.com> - 1:2.0.4-2
- Modify Source0 Url
* Thu Mar 5 2020 openEuler Buildteam <buildteam@openeuler.org> - 1:2.0.4-1
- Package init
Reference in New Issue View Git Blame Copy Permalink