From b0d28eacbf0d179cba7716975178317a314f5f29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Thu, 19 Jan 2023 16:58:12 +0100 Subject: [PATCH] Update to rack-protection 3.0.5. Resolves: rhbz#2107686 --- ...protection-2.0.8.1-Fix-failing-tests.patch | 34 ------------------- rubygem-rack-protection.spec | 10 ++++-- sources | 4 +-- 3 files changed, 9 insertions(+), 39 deletions(-) delete mode 100644 rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch diff --git a/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch b/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch deleted file mode 100644 index ddb2e0a..0000000 --- a/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 750aa3b0de06dad41539bdb402123b5416a3475d Mon Sep 17 00:00:00 2001 -From: Jordan Owens -Date: Tue, 10 Mar 2020 10:24:05 -0400 -Subject: [PATCH] Fix failing tests - -Rack added support for Multi-part ranges and apparently changed the -format of cookie expires timestamp format to match specs. ---- - .../spec/lib/rack/protection/cookie_tossing_spec.rb | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb b/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb -index af46ffc2b..f973bd476 100644 ---- a/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb -+++ b/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb -@@ -28,12 +28,12 @@ - get '/some/path', {}, 'HTTP_COOKIE' => 'rack.%73ession=EVIL_SESSION_TOKEN; rack.session=EVIL_SESSION_TOKEN; rack.session=SESSION_TOKEN' - - expected_header = <<-END.chomp --rack.%2573ession=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 -0000 --rack.%2573ession=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 -0000 --rack.%2573ession=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 -0000 --rack.session=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 -0000 --rack.session=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 -0000 --rack.session=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 -0000 -+rack.%2573ession=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT -+rack.%2573ession=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 GMT -+rack.%2573ession=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 GMT -+rack.session=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT -+rack.session=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 GMT -+rack.session=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 GMT - END - expect(last_response.headers['Set-Cookie']).to eq(expected_header) - end diff --git a/rubygem-rack-protection.spec b/rubygem-rack-protection.spec index 1a4752c..90769e0 100644 --- a/rubygem-rack-protection.spec +++ b/rubygem-rack-protection.spec @@ -3,14 +3,14 @@ %bcond_with bootstrap Name: rubygem-%{gem_name} -Version: 2.2.0 -Release: 2%{?dist} +Version: 3.0.5 +Release: 1%{?dist} Summary: Ruby gem that protects against typical web attacks License: MIT URL: http://sinatrarb.com/protection/ Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem # git clone https://github.com/sinatra/sinatra.git && cd sinatra/rack-protection -# git archive -v -o rack-protection-2.2.0-spec.txz v2.2.0 spec/ +# git archive -v -o rack-protection-3.0.5-spec.txz v3.0.5 spec/ Source1: %{gem_name}-%{version}-spec.txz BuildRequires: ruby(release) BuildRequires: rubygems-devel @@ -71,6 +71,10 @@ popd %{gem_instdir}/rack-protection.gemspec %changelog +* Thu Jan 19 2023 Vít Ondruch - 3.0.5-1 +- Update to rack-protection 3.0.5. + Resolves: rhbz#2107686 + * Sat Jul 23 2022 Fedora Release Engineering - 2.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild diff --git a/sources b/sources index 724ff64..ecebb84 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (rack-protection-2.2.0.gem) = 06d6c2026e3e93131a2405bbaa8a514ddde48607979828b9fc41309dbdfff2b7c8cac48a6981e76b5dda554f0cbdc7c6ff5f44b8925fce1cb9b7de0a16380ca4 -SHA512 (rack-protection-2.2.0-spec.txz) = a7bbf80a06989ad43113516cef581c4417d80f5c1e6cf7225b9fef3b3b13892801d24910a323d706d5092ed5a6a36f7c59bf978e65e1d385e8da1328d4d8ec14 +SHA512 (rack-protection-3.0.5-spec.txz) = 72f560cecfa7392b4deedeb127f3bd5a1c64c2a6ba817bfe8511a023e983a8978dc7711dee0516b25d9c7281b9a61b7850e2870b374839aab6ec95d872d7f26a +SHA512 (rack-protection-3.0.5.gem) = 4ed0ee9e8fe08532ff7f2905251af110f3fff0e419da5be50ae3e5a90906e43c39cf8edc219fcfe3e27a72591500c040afcc9552da875773375b170fb91aa9ff