rubygem-rack/rubygem-rack.spec

%global gem_name rack
%bcond_with bootstrap

Name:    rubygem-%{gem_name}
Version: 2.2.3.1
Epoch:   1
Release: 8
Summary: A modular Ruby webserver interface
License: MIT and BSD
URL:     https://rack.github.io/
Source0: https://rubygems.org/downloads/%{gem_name}-%{version}.gem

Patch0: CVE-2024-39316.patch
Patch1: CVE-2024-26141.patch
Patch2: CVE-2024-26146.patch
Patch3: CVE-2024-25126.patch
Patch4: CVE-2022-44570.patch
Patch5: CVE-2022-44571.patch
Patch6: CVE-2022-44572.patch
Patch7: CVE-2025-27610.patch
Patch8: CVE-2025-27111.patch
Patch9: CVE-2025-25184.patch

BuildRequires: ruby(release) rubygems-devel ruby >= 2.2.2 rubygem(concurrent-ruby)
BuildRequires: memcached rubygem(memcache-client) rubygem(minitest)
BuildRequires: rubygem(memcache-client)
BuildRequires: rubygem(minitest)
%if ! %{with bootstrap}
BuildRequires: rubygem(thin)
%endif
BuildArch: noarch

%global __brp_mangle_shebangs_exclude_from ^%{gem_instdir}/test/cgi/test.ru$

%description
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby.  By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.


%package help
Summary:   Documentation for %{name}
Requires:  %{name} = %{epoch}:%{version}-%{release}
Provides:  %{name}-doc = %{epoch}:%{version}-%{release}
Obsoletes: %{name}-doc < %{epoch}:%{version}-%{release}
BuildArch: noarch

%description help
Documentation for %{name}.

%prep
%autosetup -n %{gem_name}-%{version} -p1

%build
gem build ../%{gem_name}-%{version}.gemspec
%gem_install

%install
mkdir -p %{buildroot}%{gem_dir}
cp -a .%{gem_dir}/* \
        %{buildroot}%{gem_dir}/


mkdir -p %{buildroot}%{_bindir}
cp -a .%{_bindir}/* \
        %{buildroot}%{_bindir}/

find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod a+x
find %{buildroot}%{gem_instdir}/{bin,test/cgi} -type f | \
  xargs sed -i 's|^#!/usr/bin/env ruby$|#!/usr/bin/ruby|'

for file in `find %{buildroot}/%{gem_instdir} -type f -perm /a+x`; do
    [ -z "`head -n 1 $file | grep \"^#!/\"`" ] && chmod -v 644 $file
done

for file in `find %{buildroot}%{gem_instdir} -type f`; do
    [ ! -z "`head -n 1 $file | grep \"^#!\"`" ] && chmod -v 755 $file
done

%check
pushd .%{gem_instdir}
PID=%(mktemp)
memcached -d -u root -P "$PID"
LC_ALL=C.UTF-8 \
ruby -Ilib:test -e 'Dir.glob "./test/spec_*.rb", &method(:require)'
kill -TERM $(< "$PID")
popd

%files
%dir %{gem_instdir}
%{_bindir}/rackup
%license %{gem_instdir}/MIT-LICENSE
%{gem_libdir}
%{gem_instdir}/bin
%exclude %{gem_cache}
%{gem_spec}

%files help
%doc %{gem_docdir}
%doc %{gem_instdir}/CHANGELOG.md
%doc %{gem_instdir}/README.rdoc
%doc %{gem_instdir}/CONTRIBUTING.md
%doc %{gem_instdir}/SPEC.rdoc
%{gem_instdir}/Rakefile
%{gem_instdir}/%{gem_name}.gemspec
%doc %{gem_instdir}/example
%doc %{gem_instdir}/contrib

%changelog
* Tue Mar 18 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-8
- Type:CVE
- CVE:CVE-2025-25184
- SUG:NA
- DESC:fix CVE-2025-25184

* Thu Mar 13 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-7
- Type:CVE
- CVE:CVE-2025-27111
- SUG:NA
- DESC:fix CVE-2025-27111

* Wed Mar 12 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-6
- Type:CVE
- CVE:CVE-2025-27610
- SUG:NA
- DESC:fix CVE-2025-27610

* Fri Jul 05 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.3.1-5
- Type:CVES
- ID:CVE-2022-44570 CVE-2022-44571 CVE-2022-44572
- SUG:NA
- DESC:CVE-2022-44570 CVE-2022-44571 CVE-2022-44572

* Fri Jul 05 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.3.1-4
- Type:CVES
- ID:CVE-2024-26141 CVE-2024-26146 CVE-2024-25126
- SUG:NA
- DESC:CVE-2024-26141 CVE-2024-26146 CVE-2024-25126

* Wed Jul 3 2024 liningjie <liningjie@xfusion.com> - 1:2.2.3.1-3
- Fix CVE-2024-39316

* Wed Apr 19 2023 sjxur <sjxur@isoftstone.com> - 1:2.2.3.1-2
- fix issue(I6UCVJ) for rubygem-rack build problem in openEuler:22.03:LTS:Next

* Tue Jun 28 2022 wangkai <wangkai385@h-partners.com> - 1:2.2.3.1-1
- Upgrade to 2.2.3.1 for fix CVE-2020-8184 CVE-2022-30122 CVE-2022-30123

* Mon Feb  8 2021 sunguoshuai<sunguoshuai@huawei.com>- 1:2.2.2-1
- Upgrade to 1:2.2.2

* Wed Sep 9 2020 Ge Wang <wangge20@huawei.com> - 1:2.0.4-2
- Modify Source0 Url

* Thu Mar 5 2020 openEuler Buildteam <buildteam@openeuler.org> - 1:2.0.4-1
- Package init
package init 2020-03-06 20:11:55 +08:00			`%global gem_name rack`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%bcond_with bootstrap`

			`Name: rubygem-%{gem_name}`
Upgrade to 2.2.3.1 for fix CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 2022-06-28 10:28:07 +08:00			`Version: 2.2.3.1`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`Epoch: 1`
fix CVE-2025-25184 (cherry picked from commit 612d980df88782bcc696ef98e4ce9c04d881f0f4) 2025-02-20 01:08:48 +08:00			`Release: 8`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`Summary: A modular Ruby webserver interface`
			`License: MIT and BSD`
			`URL: https://rack.github.io/`
			`Source0: https://rubygems.org/downloads/%{gem_name}-%{version}.gem`
Fix CVE-2024-39316 2024-07-03 17:55:00 +08:00
			`Patch0: CVE-2024-39316.patch`
fix CVE-2024-26141 CVE-2024-26146 CVE-2024-25126 2024-06-13 02:40:40 +08:00			`Patch1: CVE-2024-26141.patch`
			`Patch2: CVE-2024-26146.patch`
			`Patch3: CVE-2024-25126.patch`
CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 2024-06-13 03:38:57 +08:00			`Patch4: CVE-2022-44570.patch`
			`Patch5: CVE-2022-44571.patch`
			`Patch6: CVE-2022-44572.patch`
fix CVE-2025-27610 (cherry picked from commit de275976fcbf2ca5b9f790edce6626bbea350ac2) 2025-01-19 21:33:22 +08:00			`Patch7: CVE-2025-27610.patch`
fix CVE-2025-27111 (cherry picked from commit c96ffc979d28dc662fa82e70146e49b7dab64a66) 2025-02-18 21:04:11 +08:00			`Patch8: CVE-2025-27111.patch`
fix CVE-2025-25184 (cherry picked from commit 612d980df88782bcc696ef98e4ce9c04d881f0f4) 2025-02-20 01:08:48 +08:00			`Patch9: CVE-2025-25184.patch`
Fix CVE-2024-39316 2024-07-03 17:55:00 +08:00
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`BuildRequires: ruby(release) rubygems-devel ruby >= 2.2.2 rubygem(concurrent-ruby)`
			`BuildRequires: memcached rubygem(memcache-client) rubygem(minitest)`
			`BuildRequires: rubygem(memcache-client)`
			`BuildRequires: rubygem(minitest)`
			`%if ! %{with bootstrap}`
			`BuildRequires: rubygem(thin)`
			`%endif`
			`BuildArch: noarch`

			`%global __brp_mangle_shebangs_exclude_from ^%{gem_instdir}/test/cgi/test.ru$`
package init 2020-03-06 20:11:55 +08:00
			`%description`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`Rack provides a minimal, modular and adaptable interface for developing`
			`web applications in Ruby. By wrapping HTTP requests and responses in`
			`the simplest way possible, it unifies and distills the API for web`
			`servers, web frameworks, and software in between (the so-called`
			`middleware) into a single method call.`


			`%package help`
			`Summary: Documentation for %{name}`
			`Requires: %{name} = %{epoch}:%{version}-%{release}`
			`Provides: %{name}-doc = %{epoch}:%{version}-%{release}`
			`Obsoletes: %{name}-doc < %{epoch}:%{version}-%{release}`
			`BuildArch: noarch`

			`%description help`
			`Documentation for %{name}.`
package init 2020-03-06 20:11:55 +08:00
			`%prep`
fix CVE-2024-26141 CVE-2024-26146 CVE-2024-25126 2024-06-13 02:40:40 +08:00			`%autosetup -n %{gem_name}-%{version} -p1`
package init 2020-03-06 20:11:55 +08:00
			`%build`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`gem build ../%{gem_name}-%{version}.gemspec`
			`%gem_install`
package init 2020-03-06 20:11:55 +08:00
			`%install`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`mkdir -p %{buildroot}%{gem_dir}`
			`cp -a .%{gem_dir}/* \`
			`%{buildroot}%{gem_dir}/`


			`mkdir -p %{buildroot}%{_bindir}`
			`cp -a .%{_bindir}/* \`
			`%{buildroot}%{_bindir}/`
package init 2020-03-06 20:11:55 +08:00
			`find %{buildroot}%{gem_instdir}/bin -type f \| xargs chmod a+x`
			`find %{buildroot}%{gem_instdir}/{bin,test/cgi} -type f \| \`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`xargs sed -i 's\|^#!/usr/bin/env ruby$\|#!/usr/bin/ruby\|'`
package init 2020-03-06 20:11:55 +08:00
			for file in `find %{buildroot}/%{gem_instdir} -type f -perm /a+x`; do
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			[ -z "`head -n 1 $file \| grep \"^#!/\"`" ] && chmod -v 644 $file
package init 2020-03-06 20:11:55 +08:00			`done`

			for file in `find %{buildroot}%{gem_instdir} -type f`; do
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			[ ! -z "`head -n 1 $file \| grep \"^#!\"`" ] && chmod -v 755 $file
package init 2020-03-06 20:11:55 +08:00			`done`

upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%check`
			`pushd .%{gem_instdir}`
			`PID=%(mktemp)`
fix rubygem-rack build problem in openEuler:22.03:LTS:Next 2023-04-19 10:36:51 +08:00			`memcached -d -u root -P "$PID"`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`LC_ALL=C.UTF-8 \`
			`ruby -Ilib:test -e 'Dir.glob "./test/spec_*.rb", &method(:require)'`
			`kill -TERM $(< "$PID")`
			`popd`

package init 2020-03-06 20:11:55 +08:00			`%files`
			`%dir %{gem_instdir}`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%{_bindir}/rackup`
			`%license %{gem_instdir}/MIT-LICENSE`
package init 2020-03-06 20:11:55 +08:00			`%{gem_libdir}`
			`%{gem_instdir}/bin`
			`%exclude %{gem_cache}`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%{gem_spec}`
package init 2020-03-06 20:11:55 +08:00
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%files help`
package init 2020-03-06 20:11:55 +08:00			`%doc %{gem_docdir}`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%doc %{gem_instdir}/CHANGELOG.md`
package init 2020-03-06 20:11:55 +08:00			`%doc %{gem_instdir}/README.rdoc`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%doc %{gem_instdir}/CONTRIBUTING.md`
			`%doc %{gem_instdir}/SPEC.rdoc`
package init 2020-03-06 20:11:55 +08:00			`%{gem_instdir}/Rakefile`
			`%{gem_instdir}/%{gem_name}.gemspec`
upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`%doc %{gem_instdir}/example`
			`%doc %{gem_instdir}/contrib`
package init 2020-03-06 20:11:55 +08:00
			`%changelog`
fix CVE-2025-25184 (cherry picked from commit 612d980df88782bcc696ef98e4ce9c04d881f0f4) 2025-02-20 01:08:48 +08:00			`* Tue Mar 18 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-8`
			`- Type:CVE`
			`- CVE:CVE-2025-25184`
			`- SUG:NA`
			`- DESC:fix CVE-2025-25184`

fix CVE-2025-27111 (cherry picked from commit c96ffc979d28dc662fa82e70146e49b7dab64a66) 2025-02-18 21:04:11 +08:00			`* Thu Mar 13 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-7`
			`- Type:CVE`
			`- CVE:CVE-2025-27111`
			`- SUG:NA`
			`- DESC:fix CVE-2025-27111`

fix CVE-2025-27610 (cherry picked from commit de275976fcbf2ca5b9f790edce6626bbea350ac2) 2025-01-19 21:33:22 +08:00			`* Wed Mar 12 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-6`
			`- Type:CVE`
			`- CVE:CVE-2025-27610`
			`- SUG:NA`
			`- DESC:fix CVE-2025-27610`

CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 2024-06-13 03:38:57 +08:00			`* Fri Jul 05 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.3.1-5`
			`- Type:CVES`
			`- ID:CVE-2022-44570 CVE-2022-44571 CVE-2022-44572`
			`- SUG:NA`
			`- DESC:CVE-2022-44570 CVE-2022-44571 CVE-2022-44572`

fix CVE-2024-26141 CVE-2024-26146 CVE-2024-25126 2024-06-13 02:40:40 +08:00			`* Fri Jul 05 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.3.1-4`
			`- Type:CVES`
			`- ID:CVE-2024-26141 CVE-2024-26146 CVE-2024-25126`
			`- SUG:NA`
			`- DESC:CVE-2024-26141 CVE-2024-26146 CVE-2024-25126`

Fix CVE-2024-39316 2024-07-03 17:55:00 +08:00			`* Wed Jul 3 2024 liningjie <liningjie@xfusion.com> - 1:2.2.3.1-3`
			`- Fix CVE-2024-39316`

fix rubygem-rack build problem in openEuler:22.03:LTS:Next 2023-04-19 10:36:51 +08:00			`* Wed Apr 19 2023 sjxur <sjxur@isoftstone.com> - 1:2.2.3.1-2`
			`- fix issue(I6UCVJ) for rubygem-rack build problem in openEuler:22.03:LTS:Next`

Upgrade to 2.2.3.1 for fix CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 2022-06-28 10:28:07 +08:00			`* Tue Jun 28 2022 wangkai <wangkai385@h-partners.com> - 1:2.2.3.1-1`
			`- Upgrade to 2.2.3.1 for fix CVE-2020-8184 CVE-2022-30122 CVE-2022-30123`

upgrade to 2.2.2 (cherry picked from commit 621a053f7777efe9396075c6a5c3daf7d2db9cac) 2021-02-08 18:37:27 +08:00			`* Mon Feb 8 2021 sunguoshuai<sunguoshuai@huawei.com>- 1:2.2.2-1`
			`- Upgrade to 1:2.2.2`

Modify Source0 Url on master branch 2020-09-17 12:51:08 +08:00			`* Wed Sep 9 2020 Ge Wang <wangge20@huawei.com> - 1:2.0.4-2`
			`- Modify Source0 Url`

package init 2020-03-06 20:11:55 +08:00			`* Thu Mar 5 2020 openEuler Buildteam <buildteam@openeuler.org> - 1:2.0.4-1`
			`- Package init`