From 4fcae2800c1a641454dcc6bb56c0588b774e55ca Mon Sep 17 00:00:00 2001
From: =?utf8?q?Elan=20Ruusam=C3=A4e?= <glen@pld-linux.org>
Date: Sun, 4 Nov 2018 23:03:52 +0200
Subject: [PATCH] up to 2.4.5; CVE-2018-16396, CVE-2018-16395

https://www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/

- CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives
- CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
---
 ruby.spec | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ruby.spec b/ruby.spec
index afe22b1..575ad8f 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -10,9 +10,9 @@
 %bcond_with	bootstrap	# build bootstrap version
 %bcond_with	tests		# build without tests
 
-%define		rel		12
+%define		rel		1
 %define		ruby_version	2.4
-%define		patchlevel	4
+%define		patchlevel	5
 %define		pkg_version	%{ruby_version}.%{patchlevel}
 %define		ruby_suffix %{!?with_default_ruby:%{ruby_version}}
 %define		doc_version	2_4_3
@@ -34,7 +34,7 @@ License:	(Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
 Group:		Development/Languages
 # https://www.ruby-lang.org/en/downloads/
 Source0:	https://cache.ruby-lang.org/pub/ruby/%{ruby_version}/%{oname}-%{pkg_version}.tar.xz
-# Source0-md5:	4f30cefb7d50c6fa4d801f47ed9d82ca
+# Source0-md5:	47dec91cf6809785ed02b371c2c5a282
 Source2:	http://www.ruby-doc.org/downloads/%{oname}_%{doc_version}_stdlib_rdocs.tgz
 # Source2-md5:	d21fb29009644bd174dbba0dad53f1f5
 Source3:	http://www.ruby-doc.org/downloads/%{oname}_%{doc_version}_core_rdocs.tgz
-- 
2.44.0