diff --git a/CVE-2022-24836.patch b/CVE-2022-24836.patch deleted file mode 100644 index 5c27301c50604ead49a8134396ce5fe18a9f1402..0000000000000000000000000000000000000000 --- a/CVE-2022-24836.patch +++ /dev/null @@ -1,23 +0,0 @@ -From e444525ef1634b675cd1cf52d39f4320ef0aecfd Mon Sep 17 00:00:00 2001 -From: Mike Dalessio -Date: Sun, 10 Apr 2022 14:42:04 -0400 -Subject: [PATCH] fix(perf): HTML4::EncodingReader detection - ---- - lib/nokogiri/html4/document.rb | 2 +- - test/html4/test_document_encoding.rb | 12 ++++++++++++ - 2 files changed, 13 insertions(+), 1 deletion(-) - -diff --git a/lib/nokogiri/html4/document.rb b/lib/nokogiri/html4/document.rb -index 177efc04f..fbc22d207 100644 ---- a/lib/nokogiri/html4/document.rb -+++ b/lib/nokogiri/html4/document.rb -@@ -268,7 +268,7 @@ def start_element(name, attrs = []) - end - - def self.detect_encoding(chunk) -- (m = chunk.match(/\A(<\?xml[ \t\r\n]+[^>]*>)/)) && -+ (m = chunk.match(/\A(<\?xml[ \t\r\n][^>]*>)/)) && - (return Nokogiri.XML(m[1]).encoding) - - if Nokogiri.jruby? diff --git a/nokogiri-1.13.1.gem b/nokogiri-1.13.7.gem similarity index 35% rename from nokogiri-1.13.1.gem rename to nokogiri-1.13.7.gem index 481da352f9e72c25c383e78a2ee94a0ea375903f..812022628a95df50acfbea39cf3228de7e6e81d8 100644 Binary files a/nokogiri-1.13.1.gem and b/nokogiri-1.13.7.gem differ diff --git a/rubygem-nokogiri-1.11.0.rc4-shutdown-libxml2-warning.patch b/rubygem-nokogiri-1.11.0.rc4-shutdown-libxml2-warning.patch deleted file mode 100644 index c1ed61c69bbdced956f020d61c53f78fe8fce7f5..0000000000000000000000000000000000000000 --- a/rubygem-nokogiri-1.11.0.rc4-shutdown-libxml2-warning.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- nokogiri-1.11.0.rc4/lib/nokogiri/version/info.rb.warn 2020-12-31 16:56:11.533949657 +0900 -+++ nokogiri-1.11.0.rc4/lib/nokogiri/version/info.rb 2020-12-31 16:59:38.576697147 +0900 -@@ -58,6 +58,7 @@ module Nokogiri - - def warnings - warnings = [] -+ return warnings - - if libxml2? - if compiled_libxml_version != loaded_libxml_version diff --git a/rubygem-nokogiri-1.13.1-full.tar.gz b/rubygem-nokogiri-1.13.7-full.tar.gz similarity index 63% rename from rubygem-nokogiri-1.13.1-full.tar.gz rename to rubygem-nokogiri-1.13.7-full.tar.gz index 776d80adb115f17c44a271826de87e8b9016a1d1..01ed169dfa090bac33662a58b5f625d2495973a2 100644 Binary files a/rubygem-nokogiri-1.13.1-full.tar.gz and b/rubygem-nokogiri-1.13.7-full.tar.gz differ diff --git a/rubygem-nokogiri.spec b/rubygem-nokogiri.spec index d49c520cbb0b27abedfabd24fce39793b10527fa..176a29566be423ab3d9bcf5c13ffd40ea0004736 100644 --- a/rubygem-nokogiri.spec +++ b/rubygem-nokogiri.spec @@ -1,4 +1,4 @@ -%global mainver 1.13.1 +%global mainver 1.13.7 %global mainrel 1 %global prerpmver %(echo "%{?prever}" | sed -e 's|\\.||g') %global gem_name nokogiri @@ -7,16 +7,12 @@ Summary: An HTML, XML, SAX, and Reader parser Name: rubygem-%{gem_name} Version: %{mainver} -Release: 2 +Release: 1 License: MIT and ASL 2.0 URL: https://nokogiri.org Source0: https://rubygems.org/gems/%{gem_name}-%{mainver}%{?prever}.gem Source1: rubygem-%{gem_name}-%{version}%{?prever}-full.tar.gz -Source2: rubygem-%{gem_name}-%{version}%{?prever}-full.tar.gz -# Shut down libxml2 version unmatching warning -Patch0: %{name}-1.11.0.rc4-shutdown-libxml2-warning.patch -# https://github.com/sparklemotion/nokogiri/commit/e444525 -Patch1: CVE-2022-24836.patch + BuildRequires: ruby(release) ruby(rubygems) rubygem(minitest) rubygems-devel Obsoletes: ruby-%{gem_name} <= 1.5.2-2 BuildRequires: gcc libxml2-devel libxslt-devel ruby-devel glibc-all-langpacks rubygem(racc) @@ -53,8 +49,6 @@ This package provides non-Gem support for %{gem_name}. %prep %setup -q -n %{gem_name}-%{version} -a 1 mv ../%{gem_name}-%{version}.gemspec . -%patch0 -p1 -%patch1 -p1 sed -i \ -e 's|, "ports/archives/[^"][^"]*"||g' \ -e 's|, "ports/patches/[^"][^"]*"||g' \ @@ -166,6 +160,9 @@ popd %{gem_dir}/doc/%{gem_name}-%{mainver}%{?prever}/ %changelog +* Thu Jul 14 2022 Ge Wang - 1.13.7-1 +- update to 1.13.7 + * Sun Apr 24 2022 wangkai - 1.13.1-2 - Fix CVE-2022-24836