import ruby-2.5.9-113.module+el8.10.0+22581+23fc9c9e

1 month ago · 44d4f263b3
parent f2073d2a17
commit 44d4f263b3
2 changed files with 41 additions and 1 deletions
--- a/SOURCES/rubygem-rexml-3.3.9-Fix-ReDoS-CVE-2024-49761.patch
+++ b/SOURCES/rubygem-rexml-3.3.9-Fix-ReDoS-CVE-2024-49761.patch
@ -0,0 +1,31 @@
+From ce59f2eb1aeb371fe1643414f06618dbe031979f Mon Sep 17 00:00:00 2001
+From: Sutou Kouhei <kou@clear-code.com>
+Date: Thu, 24 Oct 2024 14:45:31 +0900
+Subject: [PATCH] parser: fix a bug that &#0x...; is accepted as a character
+ reference
+
+---
+ lib/rexml/parsers/baseparser.rb        | 10 +++++++---
+ test/parse/test_character_reference.rb |  6 ++++++
+ 2 files changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/lib/rexml/parsers/baseparser.rb b/lib/rexml/parsers/baseparser.rb
+index 7bd8adf..b4547ba 100644
+--- a/lib/rexml/parsers/baseparser.rb
+++ b/lib/rexml/parsers/baseparser.rb
+@@ -492,8 +492,12 @@ def unnormalize( string, entities=nil, filter=nil )
+         return rv if matches.size == 0
+-        rv.gsub!( /&#0*((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
+        rv.gsub!( /&#((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
+           m=$1
+-          m = "0#{m}" if m[0] == ?x
+-          [Integer(m)].pack('U*')
+          if m.start_with?("x")
+            code_point = Integer(m[1..-1], 16)
+          else
+            code_point = Integer(m, 10)
+          end
+          [code_point].pack('U*')
+         }
+         matches.collect!{|x|x[0]}.compact!
+         if matches.size > 0
--- a/SPECS/ruby.spec
+++ b/SPECS/ruby.spec
@ -21,7 +21,7 @@
 %endif


-%global release 112
+%global release 113

 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}

@ -266,6 +266,10 @@ Patch48: rubygem-strscan-1.0.2-Accept-String-as-a-pattern.patch
 # https://github.com/ruby/rexml/commit/4325835f92f3f142ebd91a3fdba4e1f1ab7f1cfb
 # https://github.com/ruby/rexml/commit/f1df7d13b3e57a5e059273d2f0870163c08d7420
 Patch49: rubygem-rexml-3.2.9-Fix-CVE-2024-35176-DoS-in-REXML.patch
+# Tests not included, this Ruby release does not include the specific
+# test file to patch.
+# https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
+Patch50: rubygem-rexml-3.3.9-Fix-ReDoS-CVE-2024-49761.patch


 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@ -686,6 +690,7 @@ sed -i 's/"evaluation\/incorrect_words.yaml"\.freeze, //' \
 %patch47 -p1
 %patch48 -p1
 %patch49 -p1
+%patch50 -p1

 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@ -1250,6 +1255,10 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
 %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec

 %changelog
+* Tue Nov 26 2024 Jarek Prokop <jprokop@redhat.com> - 2.5.9-113
+- Fix REXML ReDoS vulnerability. (CVE-2024-49761)
+  Resolves: RHEL-68515
+
 * Tue May 21 2024 Jarek Prokop <jprokop@redhat.com> - 2.5.9-112
 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755.
  (CVE-2023-36617)