Merge branch 'master-2.6' into dist/2.6/focal

Author: sorah

ChangeLog

@@ -1,7 +1,127 @@
 ------------------------------------------------------------------------
-r67941 | usa | 2021-04-05 20:48:34 +0900 (Mon, 05 Apr 2021) | 1 line
+r67951 | usa | 2021-07-07 19:38:58 +0900 (Wed, 07 Jul 2021) | 1 line
+
+add tag v2_6_8
+------------------------------------------------------------------------
+r67950 | usa | 2021-07-07 19:38:10 +0900 (Wed, 07 Jul 2021) | 6 lines
+
+Fix StartTLS stripping vulnerability
+
+Reported by Alexandr Savca in https://hackerone.com/reports/1178562
+
+Co-authored-by: Shugo Maeda <[email protected]>
+
+------------------------------------------------------------------------
+r67949 | usa | 2021-07-07 19:34:08 +0900 (Wed, 07 Jul 2021) | 7 lines
+
+Ignore IP addresses in PASV responses by default, and add new option use_pasv_ip
+
+This fixes CVE-2021-31810.
+Reported by Alexandr Savca.
+
+Co-authored-by: Shugo Maeda <[email protected]>
+
+------------------------------------------------------------------------
+r67948 | usa | 2021-07-04 02:10:56 +0900 (Sun, 04 Jul 2021) | 2 lines
+
+patchlevel for previous commit
+
+------------------------------------------------------------------------
+r67947 | usa | 2021-07-04 02:10:28 +0900 (Sun, 04 Jul 2021) | 8 lines
+
+merge revision(s) b1c73f23,c9ab8fe2: [Backport #17877]
+
+	[ruby/rdoc] Use File.open to fix the OS Command Injection vulnerability in CVE-2021-31799
+	
+	https://github.com/ruby/rdoc/commit/a7f5d6ab88
+
+	The test for command injection on Unix platforms should be omitted on Windows
+
+------------------------------------------------------------------------
+r67946 | usa | 2021-07-04 01:56:34 +0900 (Sun, 04 Jul 2021) | 23 lines
+
+merge revision(s) 9edc1625: [Backport #17781]
+
+	[ruby/resolv] Fix confusion of received response message
+
+	This is a follow up for commit 33fb966197f1 ("Remove sender/message_id
+	pair after response received in resolv", 2020-09-11).
+
+	As the @senders instance variable is also used for tracking transaction
+	ID allocation, simply removing an entry without releasing the ID would
+	eventually deplete the ID space and cause
+	Resolv::DNS.allocate_request_id to hang.
+
+	It seems the intention of the code was to check that the received DNS
+	message is actually the response for the question made within the method
+	earlier. Let's have it actually do so.
+
+	[Bug #12838] https://bugs.ruby-lang.org/issues/12838
+	[Bug #17748] https://bugs.ruby-lang.org/issues/17748
+
+	https://github.com/ruby/resolv/commit/53ca9c9209
+	---
+	 lib/resolv.rb | 6 +++---
+	 1 file changed, 3 insertions(+), 3 deletions(-)
+------------------------------------------------------------------------
+r67945 | usa | 2021-07-04 01:53:29 +0900 (Sun, 04 Jul 2021) | 11 lines
+
+merge revision(s) d8a13e50: [Backport #17780]
+
+	[Bug #17780] Fix Method#super_method for module alias
+
+	Method#super_method crashes for aliased module methods because they are
+	not defined on a class. This bug was introduced in
+	c60aaed1856b2b6f90de0992c34771830019e021 as part of bug #17130.
+	---
+	 proc.c                   |  2 +-
+	 test/ruby/test_method.rb | 13 +++++++++++++
+	 2 files changed, 14 insertions(+), 1 deletion(-)
+------------------------------------------------------------------------
+r67944 | usa | 2021-06-24 00:47:43 +0900 (Thu, 24 Jun 2021) | 30 lines
+
+merge revision(s) 17aeff3e77e6fe0d37a9943dd93bcb16c4bb9f66,1616dcb16ef34ebf4ffc2167292f9a779f3e121e,1616dcb16ef34ebf4ffc2167292f9a779f3e121e:
+
+	make-snapshot: get rid of circular dependency
+
+	git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66865 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+	---
+	 tool/make-snapshot | 5 ++---
+	 1 file changed, 2 insertions(+), 3 deletions(-)
+
+	make-snapshot: try downloading Unicode files
+
+	[Bug #15593]
+
+	git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67038 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+	---
+	 tool/make-snapshot | 7 +------
+	 1 file changed, 1 insertion(+), 6 deletions(-)
+
+	make-snapshot: try downloading Unicode files
+
+	[Bug #15593]
+
+	git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67038 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
+	---
+	 tool/make-snapshot | 7 +------
+	 1 file changed, 1 insertion(+), 6 deletions(-)
+
+	these patches are not for security issue, but are needed to resolv a
+	packaging problem.
+
+------------------------------------------------------------------------
+r67943 | usa | 2021-05-10 12:24:37 +0900 (Mon, 10 May 2021) | 1 line
+
+fix previous commit
+------------------------------------------------------------------------
+r67942 | usa | 2021-05-10 01:11:52 +0900 (Mon, 10 May 2021) | 5 lines
+
+fix macos build
+
+note that this is not a security fix, but recognized as critical build problem.
+[Backport #17777]
 
-add tag v2_6_7
 ------------------------------------------------------------------------
 r67940 | usa | 2021-04-05 20:48:23 +0900 (Mon, 05 Apr 2021) | 2 lines
 

debian/changelog

@@ -1,3 +1,10 @@
+ruby2.6 (2.6.8-0nkmi1~dist) unstable; urgency=medium
+
+  * 2.6.8
+  * Update maintainer email
+
+ -- Sorah Fukumori <[email protected]>  Thu, 08 Jul 2021 04:25:43 +0900
+
 ruby2.6 (2.6.7-0nkmi1~dist) unstable; urgency=medium
 
   * 2.6.7

debian/control

@@ -1,8 +1,7 @@
 Source: ruby2.6
 Section: ruby
 Priority: optional
-Maintainer: Sorah Fukumori <[email protected]>,
-  Sorah Fukumori <[email protected]>
+Maintainer: Sorah Fukumori <[email protected]>
 Build-Depends: bison,
                chrpath,
                coreutils (>= 7.5),

ext/fiddle/closure.c

@@ -14,10 +14,7 @@ typedef struct {
 } fiddle_closure;
 
 #if defined(USE_FFI_CLOSURE_ALLOC)
-#elif defined(__OpenBSD__) || defined(__APPLE__) || defined(__linux__)
-# define USE_FFI_CLOSURE_ALLOC 0
-#elif defined(RUBY_LIBFFI_MODVERSION) && RUBY_LIBFFI_MODVERSION < 3000005 && \
-	(defined(__i386__) || defined(__x86_64__) || defined(_M_IX86) || defined(_M_AMD64))
+#elif !defined(HAVE_FFI_CLOSURE_ALLOC)
 # define USE_FFI_CLOSURE_ALLOC 0
 #else
 # define USE_FFI_CLOSURE_ALLOC 1

ext/fiddle/extconf.rb

@@ -13,7 +13,7 @@
   if have_header(ffi_header = 'ffi.h')
     true
   elsif have_header(ffi_header = 'ffi/ffi.h')
-    $defs.push(format('-DUSE_HEADER_HACKS'))
+    $defs.push('-DUSE_HEADER_HACKS')
     true
   end and (have_library('ffi') || have_library('libffi'))
 end or
@@ -114,8 +114,17 @@
 
 if ver
   ver = ver.gsub(/-rc\d+/, '') # If ver contains rc version, just ignored.
-  ver = (ver.split('.') + [0,0])[0,3]
+  ver = (ver.split('.').map(&:to_i) + [0,0])[0,3]
   $defs.push(%{-DRUBY_LIBFFI_MODVERSION=#{ '%d%03d%03d' % ver }})
+  warn "libffi_version: #{ver.join('.')}"
+end
+
+case
+when $mswin, $mingw, (ver && (ver <=> [3, 2]) >= 0)
+  $defs << "-DUSE_FFI_CLOSURE_ALLOC=1"
+when (ver && (ver <=> [3, 2]) < 0)
+else
+  have_func('ffi_closure_alloc', ffi_header)
 end
 
 have_header 'sys/mman.h'
@@ -142,7 +151,7 @@
   if /^\#define\s+SIZEOF_#{type}\s+(SIZEOF_(.+)|\d+)/ =~ config
     if size = $2 and size != 'VOIDP'
       size = types.fetch(size) {size}
-      $defs << format("-DTYPE_%s=TYPE_%s", signed||type, size)
+      $defs << "-DTYPE_#{signed||type}=TYPE_#{size}"
     end
     if signed
       check_signedness(type.downcase, "stddef.h")

lib/net/ftp.rb

@@ -97,6 +97,10 @@ class FTP < Protocol
     # When +true+, the connection is in passive mode.  Default: +true+.
     attr_accessor :passive
 
+    # When +true+, use the IP address in PASV responses.  Otherwise, it uses
+    # the same IP address for the control connection.  Default: +false+.
+    attr_accessor :use_pasv_ip
+
     # When +true+, all traffic to and from the server is written
     # to +$stdout+.  Default: +false+.
     attr_accessor :debug_mode
@@ -205,6 +209,9 @@ def FTP.open(host, *args)
     #                          handshake.
     #                          See Net::FTP#ssl_handshake_timeout for
     #                          details.  Default: +nil+.
+    # use_pasv_ip::  When +true+, use the IP address in PASV responses.
+    #                Otherwise, it uses the same IP address for the control
+    #                connection.  Default: +false+.
     # debug_mode::  When +true+, all traffic to and from the server is
     #               written to +$stdout+.  Default: +false+.
     #
@@ -265,6 +272,7 @@ def initialize(host = nil, user_or_options = {}, passwd = nil, acct = nil)
       @open_timeout = options[:open_timeout]
       @ssl_handshake_timeout = options[:ssl_handshake_timeout]
       @read_timeout = options[:read_timeout] || 60
+      @use_pasv_ip = options[:use_pasv_ip] || false
       if host
         connect(host, options[:port] || FTP_PORT)
         if options[:username]
@@ -1330,7 +1338,12 @@ def parse227(resp) # :nodoc:
         raise FTPReplyError, resp
       end
       if m = /\((?<host>\d+(,\d+){3}),(?<port>\d+,\d+)\)/.match(resp)
-        return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
+        if @use_pasv_ip
+          host = parse_pasv_ipv4_host(m["host"])
+        else
+          host = @bare_sock.remote_address.ip_address
+        end
+        return host, parse_pasv_port(m["port"])
       else
         raise FTPProtoError, resp
       end

lib/net/imap.rb

@@ -1215,12 +1215,14 @@ def get_tagged_response(tag, cmd)
       end
       resp = @tagged_responses.delete(tag)
       case resp.name
+      when /\A(?:OK)\z/ni
+        return resp
       when /\A(?:NO)\z/ni
         raise NoResponseError, resp
       when /\A(?:BAD)\z/ni
         raise BadResponseError, resp
       else
-        return resp
+        raise UnknownResponseError, resp
       end
     end
 
@@ -3716,6 +3718,10 @@ class BadResponseError < ResponseError
     class ByeResponseError < ResponseError
     end
 
+    # Error raised upon an unknown response from the server.
+    class UnknownResponseError < ResponseError
+    end
+
     RESPONSE_ERRORS = Hash.new(ResponseError)
     RESPONSE_ERRORS["NO"] = NoResponseError
     RESPONSE_ERRORS["BAD"] = BadResponseError

lib/rdoc/rdoc.rb

@@ -430,7 +430,7 @@ def remove_unparseable files
     files.reject do |file|
       file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
         (file =~ /tags$/i and
-         open(file, 'rb') { |io|
+         File.open(file, 'rb') { |io|
            io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
          })
     end

lib/rdoc/version.rb

@@ -3,6 +3,6 @@ module RDoc
   ##
   # RDoc version you are using
 
-  VERSION = '6.1.2'
+  VERSION = '6.1.2.1'
 
 end

lib/resolv.rb

@@ -691,17 +691,17 @@ def request(sender, tout)
           rescue DecodeError
             next # broken DNS message ignored
           end
-          if s = sender_for(from, msg)
+          if sender == sender_for(from, msg)
             break
           else
             # unexpected DNS message ignored
           end
         end
-        return msg, s.data
+        return msg, sender.data
       end
 
       def sender_for(addr, msg)
-        @senders.delete([addr,msg.id])
+        @senders[[addr,msg.id]]
       end
 
       def close