From: merch-redmine@...
Date: 2019-03-06T02:52:39+00:00
Subject: [ruby-core:91685] [Ruby trunk Bug#15637] Backport RubyGems	3.0.3/2.7.9

Issue #15637 has been updated by jeremyevans0 (Jeremy Evans).


It looks like the uploaded patch files for 2.4.5 and 2.5.3 do not apply with either BSD or GNU patch, resulting in:

```
patch: **** malformed patch at line 391:      package = Gem::Package.new @gem
```

Line 350 in both patch files should probably be changed from:

```
@@ -480,6 +480,40 @@ def test_extract_symlink_parent
```

to

```
@@ -480,6 +480,42 @@ def test_extract_symlink_parent
```

as there were 36 lines added by that patch hunk.

----------------------------------------
Bug #15637: Backport RubyGems 3.0.3/2.7.9
https://bugs.ruby-lang.org/issues/15637#change-76947

* Author: hsbt (Hiroshi SHIBATA)
* Status: Closed
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 
* Backport: 2.4: REQUIRED, 2.5: REQUIRED, 2.6: REQUIRED
----------------------------------------
I released RubyGems 3.0.3 and 2.7.9 today. They contain multiple vulnerability fixes.

* https://blog.rubygems.org/2019/03/05/3.0.3-released.html
* https://blog.rubygems.org/2019/03/05/2.7.9-released.html

I attached the patches for Ruby 2.4, 2.5 and 2.6.

---Files--------------------------------
ruby-2.4.5-rubygems.patch (12.4 KB)
ruby-2.5.3-rubygems.patch (12.4 KB)
ruby-2.6.1-rubygems.patch (17.6 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>