upgrade rexml to fix CVE-2024-35176

(cherry picked from commit 071a4db7fa441dca874333b4b6bc918024446dd6)
2024-07-06 15:18:25 +08:00 · 2024-07-06 15:18:25 +08:00 · 31018e6a05
commit 31018e6a05
parent fd9f5ee3e4
2 changed files with 1829 additions and 1 deletions
--- a/ruby.spec
+++ b/ruby.spec
@ -33,7 +33,7 @@
 Name:      ruby
 Version:   %{ruby_version}
-Release:   135
+Release:   136
 Summary:   Object-oriented scripting language interpreter
 License:   (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
 URL:       https://www.ruby-lang.org/en/
@ -200,6 +200,7 @@ Patch6028: backport-0002-CVE-2024-35221.patch
 Patch6029: backport-0003-CVE-2024-35221.patch
 Patch6030: backport-0004-CVE-2024-35221.patch
 Patch6031: backport-0005-CVE-2024-35221.patch
 Patch6032: upgrade-lib-rexml-to-3.3.1.patch
 Provides:  %{name}-libs = %{version}-%{release}
 Obsoletes: %{name}-libs < %{version}-%{release}
@ -1198,6 +1199,9 @@ make runruby TESTRUN_SCRIPT=%{SOURCE13}
 %doc %{gem_dir}/gems/typeprof-%{typeprof_version}/testbed
 %changelog
 * Sat Jul 06 2024 shixuantong <shixuantong1@huawei.com> - 3.0.3-136
 - upgrade rexml to fix CVE-2024-36176
 * Tue Jun 18 2024 shixuantong <shixuantong1@huawei.com> - 3.0.3-135
 - fix CVE-2024-35221
--- a/upgrade-lib-rexml-to-3.3.1.patch
+++ b/upgrade-lib-rexml-to-3.3.1.patch