!55 [sync] PR-51: Fix CVE-2024-45614,CVE-2022-24790,CVE-2023-40175,CVE-2024-21647

From: @openeuler-sync-bot 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001

CVE-2023-40175.patch

@@ -0,0 +1,146 @@
+From 7405a219801dcebc0ad6e0aa108d4319ca23f662 Mon Sep 17 00:00:00 2001
+From: Nate Berkopec <nate.berkopec@gmail.com>
+Date: Fri, 18 Aug 2023 09:47:23 +0900
+Subject: [PATCH] Merge pull request from GHSA-68xg-gqqm-vgj8
+
+Origin: https://github.com/puma/puma/commit/7405a219801dcebc0ad6e0aa108d4319ca23f662
+
+* Reject empty string for Content-Length
+
+* Ignore trailers in last chunk
+
+* test_puma_server.rb - use heredoc, test_cl_and_te_smuggle
+
+* client.rb - stye/RubyCop
+
+* test_puma_server.rb - indented heredoc rubocop disable
+
+* Dentarg comments
+
+* Remove unused variable
+
+---------
+
+Co-authored-by: MSP-Greg <Greg.mpls@gmail.com>
+---
+ lib/puma/client.rb       | 23 ++++++++++++++--------
+ test/test_puma_server.rb | 42 +++++++++++++++++++++++++++++++++++++++-
+ 2 files changed, 56 insertions(+), 9 deletions(-)
+
+diff --git a/lib/puma/client.rb b/lib/puma/client.rb
+index e966f995e8..9c11912caa 100644
+--- a/lib/puma/client.rb
++++ b/lib/puma/client.rb
+@@ -45,7 +45,8 @@ class Client
+ 
+     # chunked body validation
+     CHUNK_SIZE_INVALID = /[^\h]/.freeze
+-    CHUNK_VALID_ENDING = "\r\n".freeze
++    CHUNK_VALID_ENDING = Const::LINE_END
++    CHUNK_VALID_ENDING_SIZE = CHUNK_VALID_ENDING.bytesize
+ 
+     # Content-Length header value validation
+     CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
+@@ -347,8 +348,8 @@ def setup_body
+       cl = @env[CONTENT_LENGTH]
+ 
+       if cl
+-        # cannot contain characters that are not \d
+-        if cl =~ CONTENT_LENGTH_VALUE_INVALID
++        # cannot contain characters that are not \d, or be empty
++        if cl =~ CONTENT_LENGTH_VALUE_INVALID || cl.empty?
+           raise HttpParserError, "Invalid Content-Length: #{cl.inspect}"
+         end
+       else
+@@ -509,7 +510,7 @@ def decode_chunk(chunk)
+ 
+       while !io.eof?
+         line = io.gets
+-        if line.end_with?("\r\n")
++        if line.end_with?(CHUNK_VALID_ENDING)
+           # Puma doesn't process chunk extensions, but should parse if they're
+           # present, which is the reason for the semicolon regex
+           chunk_hex = line.strip[/\A[^;]+/]
+@@ -521,13 +522,19 @@ def decode_chunk(chunk)
+             @in_last_chunk = true
+             @body.rewind
+             rest = io.read
+-            last_crlf_size = "\r\n".bytesize
+-            if rest.bytesize < last_crlf_size
++            if rest.bytesize < CHUNK_VALID_ENDING_SIZE
+               @buffer = nil
+-              @partial_part_left = last_crlf_size - rest.bytesize
++              @partial_part_left = CHUNK_VALID_ENDING_SIZE - rest.bytesize
+               return false
+             else
+-              @buffer = rest[last_crlf_size..-1]
++              # if the next character is a CRLF, set buffer to everything after that CRLF
++              start_of_rest = if rest.start_with?(CHUNK_VALID_ENDING)
++                CHUNK_VALID_ENDING_SIZE
++              else # we have started a trailer section, which we do not support. skip it!
++                rest.index(CHUNK_VALID_ENDING*2) + CHUNK_VALID_ENDING_SIZE*2
++              end
++
++              @buffer = rest[start_of_rest..-1]
+               @buffer = nil if @buffer.empty?
+               set_ready
+               return true
+diff --git a/test/test_puma_server.rb b/test/test_puma_server.rb
+index 298e44b439..2bfaf98848 100644
+--- a/test/test_puma_server.rb
++++ b/test/test_puma_server.rb
+@@ -627,7 +627,7 @@ def test_large_chunked_request
+       [200, {}, [""]]
+     }
+ 
+-    header = "GET / HTTP/1.1\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n"
++    header = "GET / HTTP/1.1\r\nConnection: close\r\nContent-Length: 200\r\nTransfer-Encoding: chunked\r\n\r\n"
+ 
+     chunk_header_size = 6 # 4fb8\r\n
+     # Current implementation reads one chunk of CHUNK_SIZE, then more chunks of size 4096.
+@@ -1365,4 +1365,44 @@ def test_rack_url_scheme_user
+     data = send_http_and_read "GET / HTTP/1.0\r\n\r\n"
+     assert_equal "user", data.split("\r\n").last
+   end
++
++  def test_cl_empty_string
++    server_run do |env|
++      [200, {}, [""]]
++    end
++
++    empty_cl_request = "GET / HTTP/1.1\r\nHost: localhost\r\nContent-Length:\r\n\r\nGET / HTTP/1.1\r\nHost: localhost\r\n\r\n"
++
++    data = send_http_and_read empty_cl_request
++    assert_operator data, :start_with?, 'HTTP/1.1 400 Bad Request'
++  end
++
++  def test_crlf_trailer_smuggle
++    server_run do |env|
++      [200, {}, [""]]
++    end
++
++    smuggled_payload = "GET / HTTP/1.1\r\nTransfer-Encoding: chunked\r\nHost: whatever\r\n\r\n0\r\nX:POST / HTTP/1.1\r\nHost: whatever\r\n\r\nGET / HTTP/1.1\r\nHost: whatever\r\n\r\n"
++
++    data = send_http_and_read smuggled_payload
++    assert_equal 2, data.scan("HTTP/1.1 200 OK").size
++  end
++
++  # test to check if content-length is ignored when 'transfer-encoding: chunked'
++  # is used.  See also test_large_chunked_request
++  def test_cl_and_te_smuggle
++    body = nil
++    server_run { |env|
++      body = env['rack.input'].read
++      [200, {}, [""]]
++    }
++
++    req = "POST /search HTTP/1.1\r\nHost: vulnerable-website.com\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 4\r\nTransfer-Encoding: chunked\r\n\r\n7b\r\nGET /404 HTTP/1.1\r\nHost: vulnerable-website.com\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 144\r\n\r\nx=\r\n0\r\n\r\n"
++
++    data = send_http_and_read req
++
++    assert_includes body, "GET /404 HTTP/1.1\r\n"
++    assert_includes body, "Content-Length: 144\r\n"
++    assert_equal 1, data.scan("HTTP/1.1 200 OK").size
++  end
+ end
+

CVE-2024-21647.patch

@@ -0,0 +1,105 @@
+Ubuntu note: simplified test case as to not hit this upstream bug:
+https://github.com/puma/puma/issues/3307
+
+From bbb880ffb6debbfdea535b4b3eb2204d49ae151d Mon Sep 17 00:00:00 2001
+From: Nate Berkopec <nate.berkopec@gmail.com>
+Date: Mon, 8 Jan 2024 14:48:43 +0900
+Subject: [PATCH] Merge pull request from GHSA-c2f4-cvqm-65w2
+
+Origin: https://github.com/puma/puma/commit/bbb880ffb6debbfdea535b4b3eb2204d49ae151d
+
+Co-authored-by: MSP-Greg <MSP-Greg@users.noreply.github.com>
+Co-authored-by: Patrik Ragnarsson <patrik@starkast.net>
+Co-authored-by: Evan Phoenix <evan@phx.io>
+---
+ lib/puma/client.rb       | 27 +++++++++++++++++++++++++++
+ test/test_puma_server.rb | 14 ++++++++++++++
+ 2 files changed, 41 insertions(+)
+
+diff --git a/lib/puma/client.rb b/lib/puma/client.rb
+index 9c11912caa..b5a1569c68 100644
+--- a/lib/puma/client.rb
++++ b/lib/puma/client.rb
+@@ -48,6 +48,14 @@ class Client
+     CHUNK_VALID_ENDING = Const::LINE_END
+     CHUNK_VALID_ENDING_SIZE = CHUNK_VALID_ENDING.bytesize
+ 
++    # The maximum number of bytes we'll buffer looking for a valid
++    # chunk header.
++    MAX_CHUNK_HEADER_SIZE = 4096
++
++    # The maximum amount of excess data the client sends
++    # using chunk size extensions before we abort the connection.
++    MAX_CHUNK_EXCESS = 16 * 1024
++
+     # Content-Length header value validation
+     CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze
+ 
+@@ -460,6 +468,7 @@ def setup_chunked_body(body)
+       @chunked_body = true
+       @partial_part_left = 0
+       @prev_chunk = ""
++      @excess_cr = 0
+ 
+       @body = Tempfile.new(Const::PUMA_TMP_BASE)
+       @body.unlink
+@@ -541,6 +550,20 @@ def decode_chunk(chunk)
+             end
+           end
+ 
++          # Track the excess as a function of the size of the
++          # header vs the size of the actual data. Excess can
++          # go negative (and is expected to) when the body is
++          # significant.
++          # The additional of chunk_hex.size and 2 compensates
++          # for a client sending 1 byte in a chunked body over
++          # a long period of time, making sure that that client
++          # isn't accidentally eventually punished.
++          @excess_cr += (line.size - len - chunk_hex.size - 2)
++
++          if @excess_cr >= MAX_CHUNK_EXCESS
++            raise HttpParserError, "Maximum chunk excess detected"
++          end
++
+           len += 2
+ 
+           part = io.read(len)
+@@ -568,6 +591,10 @@ def decode_chunk(chunk)
+             @partial_part_left = len - part.size
+           end
+         else
++          if @prev_chunk.size + chunk.size >= MAX_CHUNK_HEADER_SIZE
++            raise HttpParserError, "maximum size of chunk header exceeded"
++          end
++
+           @prev_chunk = line
+           return false
+         end
+diff --git a/test/test_puma_server.rb b/test/test_puma_server.rb
+index 2bfaf98848..05bf83e20d 100644
+--- a/test/test_puma_server.rb
++++ b/test/test_puma_server.rb
+@@ -648,6 +648,20 @@ def test_large_chunked_request
+     end
+   end
+ 
++  def test_large_chunked_request_header
++    server_run(environment: :production) { |env|
++      [200, {}, [""]]
++    }
++
++    max_chunk_header_size = Puma::Client::MAX_CHUNK_HEADER_SIZE
++    header = "GET / HTTP/1.1\r\nConnection: close\r\nContent-Length: 200\r\nTransfer-Encoding: chunked\r\n\r\n"
++    socket = send_http "#{header}1;t#{'x' * (max_chunk_header_size + 2)}"
++
++    data = socket.read
++
++    assert_match "HTTP/1.1 400 Bad Request\r\n\r\n", data
++  end
++
+   def test_chunked_request_pause_before_value
+     body = nil
+     content_length = nil
+-- 
+2.33.0
+

CVE-2024-45614.patch

@@ -0,0 +1,210 @@
+From f196b23be24712fb8fb16051cc124798cc84f70e Mon Sep 17 00:00:00 2001
+From: Evan Phoenix <evan@phx.io>
+Date: Wed, 18 Sep 2024 21:56:07 -0700
+Subject: [PATCH] Merge commit from fork
+
+Origin: https://github.com/puma/puma/commit/f196b23be24712fb8fb16051cc124798cc84f70e
+
+* Prevent underscores from clobbering hyphen headers
+
+* Special case encoding headers to prevent app confusion
+
+* Handle _ as , in jruby as well
+
+* Silence RuboCop offense
+
+---------
+
+Co-authored-by: Patrik Ragnarsson <patrik@starkast.net>
+---
+ ext/puma_http11/org/jruby/puma/Http11.java |  2 +
+ lib/puma/const.rb                          |  8 +++
+ lib/puma/request.rb                        | 19 ++++++--
+ test/test_normalize.rb                     | 57 ++++++++++++++++++++++
+ test/test_request_invalid.rb               | 28 +++++++++++
+ 5 files changed, 111 insertions(+), 3 deletions(-)
+ create mode 100644 test/test_normalize.rb
+
+diff --git a/ext/puma_http11/org/jruby/puma/Http11.java b/ext/puma_http11/org/jruby/puma/Http11.java
+index cd7a5d3bb0..0c4f79eee7 100644
+--- a/ext/puma_http11/org/jruby/puma/Http11.java
++++ b/ext/puma_http11/org/jruby/puma/Http11.java
+@@ -99,6 +99,8 @@ public static void http_field(Ruby runtime, RubyHash req, ByteList buffer, int f
+             int bite = b.get(i) & 0xFF;
+             if(bite == '-') {
+                 b.set(i, (byte)'_');
++            } else if(bite == '_') {
++                b.set(i, (byte)',');
+             } else {
+                 b.set(i, (byte)Character.toUpperCase(bite));
+             }
+diff --git a/lib/puma/const.rb b/lib/puma/const.rb
+index c4968f4ae8..451105e648 100644
+--- a/lib/puma/const.rb
++++ b/lib/puma/const.rb
+@@ -244,6 +244,14 @@ module Const
+     # header values can contain HTAB?
+     ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
+ 
++    # The keys of headers that should not be convert to underscore
++    # normalized versions. These headers are ignored at the request reading layer,
++    # but if we normalize them after reading, it's just confusing for the application.
++    UNMASKABLE_HEADERS = {
++      "HTTP_TRANSFER,ENCODING" => true,
++      "HTTP_CONTENT,LENGTH" => true,
++    }
++
+     # Banned keys of response header
+     BANNED_HEADER_KEY = /\A(rack\.|status\z)/.freeze
+ 
+diff --git a/lib/puma/request.rb b/lib/puma/request.rb
+index 8c7b008ee8..86e2d467e4 100644
+--- a/lib/puma/request.rb
++++ b/lib/puma/request.rb
+@@ -318,6 +318,11 @@ def illegal_header_value?(header_value)
+     # compatibility, we'll convert them back. This code is written to
+     # avoid allocation in the common case (ie there are no headers
+     # with `,` in their names), that's why it has the extra conditionals.
++    #
++    # @note If a normalized version of a `,` header already exists, we ignore
++    #       the `,` version. This prevents clobbering headers managed by proxies
++    #       but not by clients (Like X-Forwarded-For).
++    #
+     # @param env [Hash] see Puma::Client#env, from request, modifies in place
+     # @version 5.0.3
+     #
+@@ -326,23 +331,31 @@ def req_env_post_parse(env)
+       to_add = nil
+ 
+       env.each do |k,v|
+-        if k.start_with?("HTTP_") and k.include?(",") and k != "HTTP_TRANSFER,ENCODING"
++        if k.start_with?("HTTP_") && k.include?(",") && !UNMASKABLE_HEADERS.key?(k)
+           if to_delete
+             to_delete << k
+           else
+             to_delete = [k]
+           end
+ 
++          new_k = k.tr(",", "_")
++          if env.key?(new_k)
++            next
++          end
++
+           unless to_add
+             to_add = {}
+           end
+ 
+-          to_add[k.tr(",", "_")] = v
++          to_add[new_k] = v
+         end
+       end
+ 
+-      if to_delete
++      if to_delete # rubocop:disable Style/SafeNavigation
+         to_delete.each { |k| env.delete(k) }
++      end
++
++      if to_add
+         env.merge! to_add
+       end
+     end
+diff --git a/test/test_normalize.rb b/test/test_normalize.rb
+new file mode 100644
+index 0000000000..60e61c3dde
+--- /dev/null
++++ b/test/test_normalize.rb
+@@ -0,0 +1,57 @@
++# frozen_string_literal: true
++
++require_relative "helper"
++
++require "puma/request"
++
++class TestNormalize < Minitest::Test
++  parallelize_me!
++
++  include Puma::Request
++
++  def test_comma_headers
++    env = {
++      "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
++      "HTTP_X_FORWARDED,FOR" => "2.2.2.2",
++    }
++
++    req_env_post_parse env
++
++    expected = {
++      "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
++    }
++
++    assert_equal expected, env
++
++    # Test that the iteration order doesn't matter
++
++    env = {
++      "HTTP_X_FORWARDED,FOR" => "2.2.2.2",
++      "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
++    }
++
++    req_env_post_parse env
++
++    expected = {
++      "HTTP_X_FORWARDED_FOR" => "1.1.1.1",
++    }
++
++    assert_equal expected, env
++  end
++
++  def test_unmaskable_headers
++    env = {
++      "HTTP_CONTENT,LENGTH" => "100000",
++      "HTTP_TRANSFER,ENCODING" => "chunky"
++    }
++
++    req_env_post_parse env
++
++    expected = {
++      "HTTP_CONTENT,LENGTH" => "100000",
++      "HTTP_TRANSFER,ENCODING" => "chunky"
++    }
++
++    assert_equal expected, env
++  end
++end
+diff --git a/test/test_request_invalid.rb b/test/test_request_invalid.rb
+index 8e9295b592..c6aa91ab05 100644
+--- a/test/test_request_invalid.rb
++++ b/test/test_request_invalid.rb
+@@ -216,4 +216,32 @@ def test_chunked_size_mismatch_2
+ 
+     assert_status data
+   end
++
++  def test_underscore_header_1
++    hdrs = [
++      "X-FORWARDED-FOR: 1.1.1.1",  # proper
++      "X-FORWARDED-FOR: 2.2.2.2",  # proper
++      "X_FORWARDED-FOR: 3.3.3.3",  # invalid, contains underscore
++      "Content-Length: 5",
++    ].join "\r\n"
++
++    response = send_http_and_read "#{GET_PREFIX}#{hdrs}\r\n\r\nHello\r\n\r\n"
++
++    assert_includes response, "HTTP_X_FORWARDED_FOR = 1.1.1.1, 2.2.2.2"
++    refute_includes response, "3.3.3.3"
++  end
++
++  def test_underscore_header_2
++    hdrs = [
++      "X_FORWARDED-FOR: 3.3.3.3",  # invalid, contains underscore
++      "X-FORWARDED-FOR: 2.2.2.2",  # proper
++      "X-FORWARDED-FOR: 1.1.1.1",  # proper
++      "Content-Length: 5",
++    ].join "\r\n"
++
++    response = send_http_and_read "#{GET_PREFIX}#{hdrs}\r\n\r\nHello\r\n\r\n"
++
++    assert_includes response, "HTTP_X_FORWARDED_FOR = 2.2.2.2, 1.1.1.1"
++    refute_includes response, "3.3.3.3"
++  end
+ end

rubygem-puma-3.6.0-fedora-crypto-policy-cipher-list.patch

@@ -2,7 +2,7 @@ diff --git a/ext/puma_http11/mini_ssl.c b/ext/puma_http11/mini_ssl.c
 index 7e0fd5e..88c4652 100644
 --- a/ext/puma_http11/mini_ssl.c
 +++ b/ext/puma_http11/mini_ssl.c
-@@ -183,7 +183,7 @@ VALUE engine_init_server(VALUE self, VALUE mini_ssl_ctx) {
+@@ -336,7 +336,7 @@ sslctx_initialize(VALUE self, VALUE mini_ssl_ctx) {
      SSL_CTX_set_cipher_list(ctx, RSTRING_PTR(ssl_cipher_filter));
    }
    else {
@@ -10,7 +10,7 @@ index 7e0fd5e..88c4652 100644
 +    SSL_CTX_set_cipher_list(ctx, "PROFILE=SYSTEM");
    }
  
-   DH *dh = get_dh1024();
+ #if OPENSSL_VERSION_NUMBER < 0x10002000L
 -- 
-2.5.5
+2.30.0
 

rubygem-puma.spec

@@ -1,18 +1,23 @@
 %global gem_name puma
 %bcond_with ragel
 Name:                rubygem-%{gem_name}
-Version:             3.12.6
-Release:             1
+Version:             5.6.5
+Release:             3
 Summary:             A simple, fast, threaded, and highly concurrent HTTP 1.1 server
-License:             BSD
+License:             BSD-3-Clause
 URL:                 http://puma.io
 Source0:             https://rubygems.org/gems/%{gem_name}-%{version}.gem
-Source1:             https://github.com/puma/%{gem_name}/archive/v%{version}.tar.gz
+Source1:             https://github.com/puma/%{gem_name}/archive/refs/tags/v%{version}.tar.gz
 # Set the default cipher list "PROFILE=SYSTEM".
 # https://fedoraproject.org/wiki/Packaging:CryptoPolicies
 Patch0:              rubygem-puma-3.6.0-fedora-crypto-policy-cipher-list.patch
+Patch1:              CVE-2023-40175.patch
+Patch2:              CVE-2024-21647.patch
+Patch3:              CVE-2024-45614.patch
+
 BuildRequires:       openssl-devel ruby(release) rubygems-devel ruby-devel rubygem(rack)
-BuildRequires:       rubygem(minitest)
+BuildRequires:       rubygem(minitest) rubygem(sd_notify)
+BuildRequires: 	     rubygem(nio4r)
 %if %{with ragel}
 BuildRequires:       %{_bindir}/ragel
 %endif
@@ -31,6 +36,11 @@ Documentation for %{name}.
 %prep
 %setup -q -n  %{gem_name}-%{version} -b 1
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+rm -rf test/test_thread_pool.rb
+
 %if %{with ragel}
 rm -f ext/puma_http11/http11_parser.c
 ragel ext/puma_http11/http11_parser.rl -C -G2 -I ext/puma_http11 \
@@ -60,22 +70,64 @@ find %{buildroot}%{gem_instdir}/bin -type f | \
 pushd .%{gem_instdir}
 ln -s %{_builddir}/%{gem_name}-%{version}/test test
 ln -s %{_builddir}/%{gem_name}-%{version}/examples examples
-sed -i "/require 'minitest\/retry'/ s/^/#/" test/helper.rb
+
+sed -i -e "/require..minitest\/\(retry\|proveit\)./ s/^/#/" test/helper.rb
 sed -i "/Minitest::Retry/ s/^/#/" test/helper.rb
+sed -i '/prove_it!/ s/^/#/' test/helper.rb
+sed -i "/minitest\/stub_const/ s/^/#/" test/helper.rb
+sed -i '/::Timeout.timeout/ s/45/300/' test/helper.rb
+
+mv test/test_preserve_bundler_env.rb{,.disable}
+mv test/test_worker_gem_independence.rb{,.disable}
+sed -i -e '/^\s*def test_prune_bundler_with_multiple_workers$/a\
+    skip' \
+       -e '/^\s*def test_phased_restart_cluster$/a\
+    skip' test/test_integration_pumactl.rb
+
+mv test/test_puma_localhost_authority.rb{,.disable}
+
+sed -i '/def test_ssl_self_signed_configuration_from_DSL/a\
+    skip' test/test_config.rb
+sed -i '/def test_ssl_run_with_localhost_authority/a\
+    skip' test/test_integration_ssl.rb
+sed -i "s/--tlsv1.2 --tls-max 1.2/--tlsv1.3 --tls-max 1.3/" test/test_integration_ssl.rb
+
+mv test/test_integration_single.rb{,.disable}
+mv test/test_integration_cluster.rb{,.disable}
+
+%ifarch aarch64
+sed -i '/^  def test_control$/,/^  end$/ s/^/#/' test/test_cli.rb
+%endif
+
 sed -i '/^  def test_timeout_in_data_phase$/a\
-    skip "Unstable test"' test/test_puma_server.rb
-sed -i "s/X_FORWARDED_PROTO/X-FORWARDED-PROTO/g" test/test_puma_server.rb
-sed -i '/^  def test_control_url$/a\
-    skip "Unstable test"' test/test_pumactl.rb
-sed -i '/^  def test_ssl_v3_rejection$/a\
+    skip' test/test_puma_server.rb
+sed -i '/^  def test_plugin$/a\
+    skip' test/test_plugin.rb
+sed -i '/^  def test_verify_fail_if_client_unknown_ca$/a\
     skip' test/test_puma_server_ssl.rb
-sed -i '/^  def test_term_signal_exit_code_in_clustered_mode$/a\
-    skip "Clustered server does not stop properly"' test/test_integration.rb
-RUBYOPT="-Ilib:$(dirs +1 -l)%{gem_extdir_mri}" CI=1 ruby \
-  -e 'Dir.glob "./test/**/test_*.rb", &method(:require)' \
-  -- -v
-RUBYOPT="-I$(dirs +1 -l)%{gem_extdir_mri}" ruby test/shell/run.rb
-popd
+sed -i '/^  def test_rack_url_scheme_dflt$/a\
+    skip' test/test_puma_server.rb
+sed -i '/^  def test_drain_on_shutdown$/a\
+    skip' test/test_puma_server.rb
+sed -i '/^  def test_very_large_return$/a\
+    skip' test/test_puma_server.rb
+
+#OpenSSL certificate has expired, skip relevant test case
+sed -i '/^  def test_verify_client_cert$/a\
+    skip' test/test_puma_server_ssl.rb
+sed -i '/^  def test_verify_fail_if_client_expired_cert$/a\
+    skip' test/test_puma_server_ssl.rb
+sed -i '/^  def test_server_ssl_with_cert_pem_and_key_pem$/a\
+    skip' test/test_puma_server_ssl.rb
+sed -i '/^  def test_ssl_run_with_curl_client$/a\
+    skip' test/test_integration_ssl.rb
+
+env -u NOTIFY_SOCKET \
+TEST_CASE_TIMEOUT=300 \
+RUBYOPT="-Ilib:$(dirs +1 -l)%{gem_extdir_mri}" \
+CI=1 \
+LC_ALL=C.UTF-8 \
+ruby -e 'Dir.glob "./test/**/test_*.rb", &method(:require)' - -v
 
 %files
 %dir %{gem_instdir}
@@ -96,6 +148,25 @@ popd
 %{gem_instdir}/tools
 
 %changelog
+* Fri Sep 27 2024 wangkai <13474090681@163.com> - 5.6.5-3
+- Fix CVE-2024-45614
+
+* Wed Aug 07 2024 Ge Wang <wang__ge@126.com> - 5.6.5-2
+- OpenSSL certificate has expired, skip relevant test case
+
+* Thu Apr 11 2024 wangkai <13474090681@163.com> - 5.6.5-1
+- Update to 5.6.5
+- Fix CVE-2022-24790,CVE-2023-40175,CVE-2024-21647
+
+* Tue Dec 19 2023 yaoxin <yao_xin001@hoperun.com> - 5.5.2-2
+- Fix CVE-2022-23634
+
+* Tue Nov 1 2022 cadongxia <caodongxia@h-partners.com> - 5.5.2-1
+- Upgrade to 5.5.2
+
+* Mon May 31 2021 wangyue <wangyue92@huawei.com>  - 3.12.6-2
+- Fix CVE-2021-29509
+
 * Wed Feb 03 2021 shinwell_hu <micromotive@qq.com> - 3.12.6-1
 - Upgrade to 3.12.6 to fix following known CVEs
   CVE-2020-11077