File rubygem-rack.spec of Package rubygem-rack.28303

Overview Repositories Revisions Requests Users Attributes Meta

File rubygem-rack.spec of Package rubygem-rack.28303

#
# spec file for package rubygem-rack
#
# Copyright (c) 2019 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

#
# This file was generated with a gem2rpm.yml and not just plain gem2rpm.
# All sections marked as MANUAL, license headers, summaries and descriptions
# can be maintained in that file. Please consult this file before editing any
# of those fields
#

Name:           rubygem-rack
Version:        2.0.8
Release:        0
%define mod_name rack
%define mod_full_name %{mod_name}-%{version}
# MANUAL
BuildRequires:  fdupes

%if 0%{?suse_version} && 0%{?suse_version} < 1330
%define rb_build_versions ruby23 ruby24 ruby25
%define rb_build_ruby_abi ruby:2.3.0 ruby:2.4.0 ruby:2.5.0
%endif
# /MANUAL
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  %{ruby >= 2.2.2}
BuildRequires:  %{rubygem gem2rpm}
BuildRequires:  ruby-macros >= 5
BuildRequires:  update-alternatives
URL:            https://rack.github.io/
Source:         https://rubygems.org/gems/%{mod_full_name}.gem
Source1:        rubygem-rack-rpmlintrc
Source2:        gem2rpm.yml
# CVE-2022-30123 [bsc#1200750], crafted requests can cause shell escape sequences
Patch0:         rubygem-rack-CVE-2022-30123.patch
# CVE-2022-30122 [bsc#1200748], crafted multipart POST request may cause a DoS
Patch1:         rubygem-rack-CVE-2022-30122.patch
# CVE-2020-8161 [bsc#1172037], directory traversal in Rack:Directory
Patch2:         rubygem-rack-CVE-2020-8161.patch
# CVE-2020-8184 [bsc#1173351], percent-encoded cookies can be used to overwrite existing prefixed cookie names
Patch3:         rubygem-rack-CVE-2020-8184.patch
# CVE-2022-44572 [bsc#1207596], denial of service in Content-Disposition parsing
Patch4:         rubygem-rack-CVE-2022-44572.patch
# CVE-2022-44571 [bsc#1207599], denial of service in Content-Disposition parsing
Patch5:         rubygem-rack-CVE-2022-44571.patch
# CVE-2022-44570 [bsc#1207597], denial of service in Content-Disposition parsing
Patch6:         rubygem-rack-CVE-2022-44570.patch
# CVE-2023-27530 [bsc#1209095], Denial of service in Multipart MIME parsing
Patch7:         rubygem-rack-CVE-2023-27530.patch
# CVE-2023-27539 [bsc#1209503], denial of service in header parsing
Patch8:         rubygem-rack-CVE-2023-27539.patch
Summary:        A modular Ruby webserver interface
License:        MIT
Group:          Development/Languages/Ruby
PreReq:         update-alternatives

%description
Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby.  By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.
Also see https://rack.github.io/.

%prep
%gem_unpack
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1

%build
%gem_build

%install
%gem_install \
  --symlink-binaries \
  --doc-files="COPYING HISTORY.md README.rdoc" \
  -f
# MANUAL
%fdupes %{buildroot}%{_libdir}/ruby/gems/*/gems/%{mod_name}-%{version}/
chmod 644 %{buildroot}%{_libdir}/ruby/gems/*/gems/%{mod_name}-%{version}/test/cgi/test.gz
# /MANUAL

%gem_packages

%changelog

Places

File rubygem-rack.spec of Package rubygem-rack.28303

Places