From 3c723c15514574b8d3b0be1d0babb4da4a7cddef Mon Sep 17 00:00:00 2001 From: jeremy Date: Sat, 28 Mar 2026 01:29:06 +0000 Subject: [PATCH] Update to Ruby 3.3.11 Fixes CVE-2026-27820: Buffer overflow vulnerability in Zlib::GzipReader One patch merged upstream. --- lang/ruby/3.3/Makefile | 3 +- lang/ruby/3.3/distinfo | 4 +- lang/ruby/3.3/patches/patch-configure | 2 +- lang/ruby/3.3/patches/patch-ext_extmk_rb | 2 +- ...patch-include_ruby_internal_core_rstring_h | 98 ------------------- .../3.3/patches/patch-template_Makefile_in | 4 +- lang/ruby/3.3/pkg/PLIST-main | 17 ++-- lang/ruby/3.3/pkg/PLIST-ri_docs | 8 -- 8 files changed, 16 insertions(+), 122 deletions(-) delete mode 100644 lang/ruby/3.3/patches/patch-include_ruby_internal_core_rstring_h diff --git a/lang/ruby/3.3/Makefile b/lang/ruby/3.3/Makefile index fc48c380c9e..fa7b7d1f3cd 100644 --- a/lang/ruby/3.3/Makefile +++ b/lang/ruby/3.3/Makefile @@ -1,5 +1,4 @@ -VERSION = 3.3.10 -REVISION = 2 +VERSION = 3.3.11 DISTNAME = ruby-${VERSION} PKGNAME-main = ruby-${VERSION} PKGNAME-ri_docs = ruby${BINREV}-ri_docs-${VERSION} diff --git a/lang/ruby/3.3/distinfo b/lang/ruby/3.3/distinfo index 16ac0ff2ebc..959f7ebfe62 100644 --- a/lang/ruby/3.3/distinfo +++ b/lang/ruby/3.3/distinfo @@ -1,2 +1,2 @@ -SHA256 (ruby-3.3.10.tar.gz) = tVW6pGejBs/I5sbtJNDSeyfpob7R2R2VUJhZ6saw6Sg= -SIZE (ruby-3.3.10.tar.gz) = 22233705 +SHA256 (ruby-3.3.11.tar.gz) = WfD6+xpZoF3DdlEXrz+mjhU+tIJUcIVJ8yHB6eB416A= +SIZE (ruby-3.3.11.tar.gz) = 21483089 diff --git a/lang/ruby/3.3/patches/patch-configure b/lang/ruby/3.3/patches/patch-configure index 89f7bc703bf..e82bad3869d 100644 --- a/lang/ruby/3.3/patches/patch-configure +++ b/lang/ruby/3.3/patches/patch-configure @@ -35,7 +35,7 @@ Index: configure ;; #( solaris*) : -@@ -34136,7 +34136,7 @@ then : +@@ -34137,7 +34137,7 @@ then : else $as_nop diff --git a/lang/ruby/3.3/patches/patch-ext_extmk_rb b/lang/ruby/3.3/patches/patch-ext_extmk_rb index 4ca11d9c8a8..a33c69db85a 100644 --- a/lang/ruby/3.3/patches/patch-ext_extmk_rb +++ b/lang/ruby/3.3/patches/patch-ext_extmk_rb @@ -3,7 +3,7 @@ Build extensions in verbose mode by default. Index: ext/extmk.rb --- ext/extmk.rb.orig +++ ext/extmk.rb -@@ -722,7 +722,7 @@ exts.map! {|d| "#{ext_prefix}/#{d}/."} +@@ -723,7 +723,7 @@ exts.map! {|d| "#{ext_prefix}/#{d}/."} FileUtils.makedirs(File.dirname($command_output)) begin atomic_write_open($command_output) do |mf| diff --git a/lang/ruby/3.3/patches/patch-include_ruby_internal_core_rstring_h b/lang/ruby/3.3/patches/patch-include_ruby_internal_core_rstring_h deleted file mode 100644 index 4f4216e6b60..00000000000 --- a/lang/ruby/3.3/patches/patch-include_ruby_internal_core_rstring_h +++ /dev/null @@ -1,98 +0,0 @@ -gcc15 workaround: https://github.com/ruby/ruby/pull/15113 - -Index: include/ruby/internal/core/rstring.h ---- include/ruby/internal/core/rstring.h.orig -+++ include/ruby/internal/core/rstring.h -@@ -369,43 +369,8 @@ RSTRING_LEN(VALUE str) - return RSTRING(str)->len; - } - --RBIMPL_WARNING_PUSH() --#if RBIMPL_COMPILER_IS(Intel) --RBIMPL_WARNING_IGNORED(413) --#endif -- --RBIMPL_ATTR_PURE_UNLESS_DEBUG() - RBIMPL_ATTR_ARTIFICIAL() - /** -- * @private -- * -- * "Expands" an embedded string into an ordinal one. This is a function that -- * returns aggregated type. The returned struct always has its `as.heap.len` -- * an `as.heap.ptr` fields set appropriately. -- * -- * This is an implementation detail that 3rd parties should never bother. -- */ --static inline struct RString --rbimpl_rstring_getmem(VALUE str) --{ -- RBIMPL_ASSERT_TYPE(str, RUBY_T_STRING); -- -- if (RB_FL_ANY_RAW(str, RSTRING_NOEMBED)) { -- return *RSTRING(str); -- } -- else { -- /* Expecting compilers to optimize this on-stack struct away. */ -- struct RString retval = {RBASIC_INIT}; -- retval.len = RSTRING_LEN(str); -- retval.as.heap.ptr = RSTRING(str)->as.embed.ary; -- return retval; -- } --} -- --RBIMPL_WARNING_POP() -- --RBIMPL_ATTR_ARTIFICIAL() --/** - * Queries the contents pointer of the string. - * - * @param[in] str String in question. -@@ -415,7 +380,9 @@ RBIMPL_ATTR_ARTIFICIAL() - static inline char * - RSTRING_PTR(VALUE str) - { -- char *ptr = rbimpl_rstring_getmem(str).as.heap.ptr; -+ char *ptr = RB_FL_TEST_RAW(str, RSTRING_NOEMBED) ? -+ RSTRING(str)->as.heap.ptr : -+ RSTRING(str)->as.embed.ary; - - if (RUBY_DEBUG && RB_UNLIKELY(! ptr)) { - /* :BEWARE: @shyouhei thinks that currently, there are rooms for this -@@ -441,14 +408,17 @@ RBIMPL_ATTR_ARTIFICIAL() - static inline char * - RSTRING_END(VALUE str) - { -- struct RString buf = rbimpl_rstring_getmem(str); -+ char *ptr = RB_FL_TEST_RAW(str, RSTRING_NOEMBED) ? -+ RSTRING(str)->as.heap.ptr : -+ RSTRING(str)->as.embed.ary; -+ long len = RSTRING_LEN(str); - -- if (RUBY_DEBUG && RB_UNLIKELY(! buf.as.heap.ptr)) { -+ if (RUBY_DEBUG && RB_UNLIKELY(!ptr)) { - /* Ditto. */ - rb_debug_rstring_null_ptr("RSTRING_END"); - } - -- return &buf.as.heap.ptr[buf.len]; -+ return &ptr[len]; - } - - RBIMPL_ATTR_ARTIFICIAL() -@@ -477,16 +447,7 @@ RSTRING_LENINT(VALUE str) - * @param ptrvar Variable where its contents is stored. - * @param lenvar Variable where its length is stored. - */ --#ifdef HAVE_STMT_AND_DECL_IN_EXPR - # define RSTRING_GETMEM(str, ptrvar, lenvar) \ -- __extension__ ({ \ -- struct RString rbimpl_str = rbimpl_rstring_getmem(str); \ -- (ptrvar) = rbimpl_str.as.heap.ptr; \ -- (lenvar) = rbimpl_str.len; \ -- }) --#else --# define RSTRING_GETMEM(str, ptrvar, lenvar) \ - ((ptrvar) = RSTRING_PTR(str), \ - (lenvar) = RSTRING_LEN(str)) --#endif /* HAVE_STMT_AND_DECL_IN_EXPR */ - #endif /* RBIMPL_RSTRING_H */ diff --git a/lang/ruby/3.3/patches/patch-template_Makefile_in b/lang/ruby/3.3/patches/patch-template_Makefile_in index 7586340021c..c9fd7745744 100644 --- a/lang/ruby/3.3/patches/patch-template_Makefile_in +++ b/lang/ruby/3.3/patches/patch-template_Makefile_in @@ -11,6 +11,6 @@ Index: template/Makefile.in $(ECHO) linking shared-library $@ - $(Q) $(LDSHARED) $(DLDFLAGS) $(OBJS) $(DLDOBJS) $(SOLIBS) $(EXTSOLIBS) $(OUTFLAG)$@ + $(Q) $(LDSHARED) ${LIBRUBY_DLDFLAGS} $(DLDFLAGS) $(OBJS) $(DLDOBJS) $(SOLIBS) $(EXTSOLIBS) $(OUTFLAG)$@ - -$(Q) $(OBJCOPY) -w -L '$(SYMBOL_PREFIX)Init_*' -L '$(SYMBOL_PREFIX)ruby_static_id_*' \ + -$(Q) $(OBJCOPY) -w -L '$(SYMBOL_PREFIX)Init_*' -L '$(SYMBOL_PREFIX)InitVM_*' \ + -L '$(SYMBOL_PREFIX)ruby_static_id_*' \ -L '$(SYMBOL_PREFIX)*_threadptr_*' -L '$(SYMBOL_PREFIX)*_ec_*' $@ - $(Q) $(POSTLINK) diff --git a/lang/ruby/3.3/pkg/PLIST-main b/lang/ruby/3.3/pkg/PLIST-main index 5794144819d..9b86625c074 100644 --- a/lang/ruby/3.3/pkg/PLIST-main +++ b/lang/ruby/3.3/pkg/PLIST-main @@ -1533,6 +1533,7 @@ lib/ruby/${REV}/syntax_suggest/explain_syntax.rb lib/ruby/${REV}/syntax_suggest/left_right_lex_count.rb lib/ruby/${REV}/syntax_suggest/lex_all.rb lib/ruby/${REV}/syntax_suggest/lex_value.rb +lib/ruby/${REV}/syntax_suggest/mini_stringio.rb lib/ruby/${REV}/syntax_suggest/parse_blocks_from_indent_line.rb lib/ruby/${REV}/syntax_suggest/pathname_from_message.rb lib/ruby/${REV}/syntax_suggest/priority_engulf_queue.rb @@ -1968,7 +1969,7 @@ lib/ruby/gems/${REV}/gems/prime-0.1.2/bin/setup lib/ruby/gems/${REV}/gems/prime-0.1.2/lib/ lib/ruby/gems/${REV}/gems/prime-0.1.2/lib/prime.rb lib/ruby/gems/${REV}/gems/prism-0.19.0/ -lib/ruby/gems/${REV}/gems/pstore-0.1.3/ +lib/ruby/gems/${REV}/gems/pstore-0.2.1/ lib/ruby/gems/${REV}/gems/psych-5.1.2/ lib/ruby/gems/${REV}/gems/racc-1.7.3/ lib/ruby/gems/${REV}/gems/racc-1.7.3/COPYING @@ -2836,9 +2837,9 @@ lib/ruby/gems/${REV}/gems/shellwords-0.2.0/ lib/ruby/gems/${REV}/gems/singleton-0.2.0/ lib/ruby/gems/${REV}/gems/stringio-3.1.1/ lib/ruby/gems/${REV}/gems/strscan-3.0.9/ -lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.1/ -lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.1/exe/ -lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.1/exe/syntax_suggest +lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.3/ +lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.3/exe/ +lib/ruby/gems/${REV}/gems/syntax_suggest-2.0.3/exe/syntax_suggest lib/ruby/gems/${REV}/gems/syslog-0.1.2/ lib/ruby/gems/${REV}/gems/tempfile-0.2.1/ lib/ruby/gems/${REV}/gems/test-unit-3.6.1/ @@ -2959,7 +2960,7 @@ lib/ruby/gems/${REV}/gems/un-0.3.0/ lib/ruby/gems/${REV}/gems/uri-0.13.3/ lib/ruby/gems/${REV}/gems/weakref-0.1.3/ lib/ruby/gems/${REV}/gems/yaml-0.3.0/ -lib/ruby/gems/${REV}/gems/zlib-3.1.1/ +lib/ruby/gems/${REV}/gems/zlib-3.1.2/ lib/ruby/gems/${REV}/plugins/ lib/ruby/gems/${REV}/specifications/ lib/ruby/gems/${REV}/specifications/debug-1.9.2.gemspec @@ -3007,7 +3008,7 @@ lib/ruby/gems/${REV}/specifications/default/pathname-0.3.0.gemspec lib/ruby/gems/${REV}/specifications/default/pp-0.5.0.gemspec lib/ruby/gems/${REV}/specifications/default/prettyprint-0.2.0.gemspec lib/ruby/gems/${REV}/specifications/default/prism-0.19.0.gemspec -lib/ruby/gems/${REV}/specifications/default/pstore-0.1.3.gemspec +lib/ruby/gems/${REV}/specifications/default/pstore-0.2.1.gemspec lib/ruby/gems/${REV}/specifications/default/psych-5.1.2.gemspec lib/ruby/gems/${REV}/specifications/default/rdoc-6.6.3.1.gemspec lib/ruby/gems/${REV}/specifications/default/readline-0.0.4.gemspec @@ -3022,7 +3023,7 @@ lib/ruby/gems/${REV}/specifications/default/shellwords-0.2.0.gemspec lib/ruby/gems/${REV}/specifications/default/singleton-0.2.0.gemspec lib/ruby/gems/${REV}/specifications/default/stringio-3.1.1.gemspec lib/ruby/gems/${REV}/specifications/default/strscan-3.0.9.gemspec -lib/ruby/gems/${REV}/specifications/default/syntax_suggest-2.0.1.gemspec +lib/ruby/gems/${REV}/specifications/default/syntax_suggest-2.0.3.gemspec lib/ruby/gems/${REV}/specifications/default/syslog-0.1.2.gemspec lib/ruby/gems/${REV}/specifications/default/tempfile-0.2.1.gemspec lib/ruby/gems/${REV}/specifications/default/time-0.3.0.gemspec @@ -3033,7 +3034,7 @@ lib/ruby/gems/${REV}/specifications/default/un-0.3.0.gemspec lib/ruby/gems/${REV}/specifications/default/uri-0.13.3.gemspec lib/ruby/gems/${REV}/specifications/default/weakref-0.1.3.gemspec lib/ruby/gems/${REV}/specifications/default/yaml-0.3.0.gemspec -lib/ruby/gems/${REV}/specifications/default/zlib-3.1.1.gemspec +lib/ruby/gems/${REV}/specifications/default/zlib-3.1.2.gemspec lib/ruby/gems/${REV}/specifications/matrix-0.4.2.gemspec lib/ruby/gems/${REV}/specifications/minitest-5.20.0.gemspec lib/ruby/gems/${REV}/specifications/net-ftp-0.3.4.gemspec diff --git a/lang/ruby/3.3/pkg/PLIST-ri_docs b/lang/ruby/3.3/pkg/PLIST-ri_docs index 9424792c5bb..cd0433dc189 100644 --- a/lang/ruby/3.3/pkg/PLIST-ri_docs +++ b/lang/ruby/3.3/pkg/PLIST-ri_docs @@ -8399,23 +8399,15 @@ share/ri/${REV}/system/PStore/abort-i.ri share/ri/${REV}/system/PStore/cdesc-PStore.ri share/ri/${REV}/system/PStore/commit-i.ri share/ri/${REV}/system/PStore/delete-i.ri -share/ri/${REV}/system/PStore/empty_marshal_checksum-i.ri -share/ri/${REV}/system/PStore/empty_marshal_data-i.ri share/ri/${REV}/system/PStore/fetch-i.ri share/ri/${REV}/system/PStore/in_transaction-i.ri share/ri/${REV}/system/PStore/in_transaction_wr-i.ri share/ri/${REV}/system/PStore/key%3f-i.ri share/ri/${REV}/system/PStore/keys-i.ri -share/ri/${REV}/system/PStore/load_data-i.ri share/ri/${REV}/system/PStore/new-c.ri -share/ri/${REV}/system/PStore/on_windows%3f-i.ri -share/ri/${REV}/system/PStore/open_and_lock_file-i.ri share/ri/${REV}/system/PStore/path-i.ri share/ri/${REV}/system/PStore/root%3f-i.ri share/ri/${REV}/system/PStore/roots-i.ri -share/ri/${REV}/system/PStore/save_data-i.ri -share/ri/${REV}/system/PStore/save_data_with_atomic_file_rename_strategy-i.ri -share/ri/${REV}/system/PStore/save_data_with_fast_strategy-i.ri share/ri/${REV}/system/PStore/transaction-i.ri share/ri/${REV}/system/PStore/ultra_safe-i.ri share/ri/${REV}/system/PTY/