Pullup ticket #6986 - requested by taca

lang/ruby32-base: Security fix

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.299
- lang/ruby32-base/Makefile                                     1.11
- lang/ruby32-base/distinfo                                     1.16
- lang/ruby32-base/patches/patch-lib_resolv.gemspec             1.1
- lang/ruby32-base/patches/patch-lib_resolv.rb                  1.1
- lang/ruby32-base/patches/patch-test_resolv_test__dns.rb       1.1

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Jul 13 15:23:00 UTC 2025

   Modified Files:
   	pkgsrc/lang/ruby: rubyversion.mk
   	pkgsrc/lang/ruby32-base: Makefile distinfo
   Added Files:
   	pkgsrc/lang/ruby32-base/patches: patch-lib_resolv.gemspec
   	    patch-lib_resolv.rb patch-test_resolv_test__dns.rb

   Log Message:
   lang/ruby32-base: update resolv gem

   Update resolve gem to 0.2.3 to fix security problem of CVE-2025-24294.

   Bump PKGREVISION.

Author: coypoop

lang/ruby/rubyversion.mk

@@ -1,4 +1,4 @@
-# $NetBSD: rubyversion.mk,v 1.298 2025/05/27 16:14:47 taca Exp $
+# $NetBSD: rubyversion.mk,v 1.298.2.1 2025/07/17 02:17:59 maya Exp $
 #
 
 # This file determines which Ruby version is used as a dependency for
@@ -324,7 +324,7 @@ RUBY_READLINE_VER=		0.0.3
 RUBY_READLINE_EXT_VER=		0.1.5
 RUBY_RELINE_VER=		0.3.2
 RUBY_RESOLV_REPLACE_VER=	0.1.1
-RUBY_RESOLV_VER=		0.2.2
+RUBY_RESOLV_VER=		0.2.3
 RUBY_RINDA_VER=			0.1.1
 RUBY_RUBY2_KEYWORDS_VER=	0.0.5
 RUBY_SECURERANDOM_VER=		0.2.2

lang/ruby32-base/Makefile

@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.10 2025/03/27 14:12:02 taca Exp $
+# $NetBSD: Makefile,v 1.10.4.1 2025/07/17 02:18:00 maya Exp $
 
 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
+PKGREVISION=	1
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}
 

lang/ruby32-base/distinfo

@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2025/04/21 20:54:55 wiz Exp $
+$NetBSD: distinfo,v 1.15.2.1 2025/07/17 02:18:00 maya Exp $
 
 BLAKE2s (ruby-3.2.8.tar.xz) = 717b23027da787963039642204ff08d23cfe242d58f0ca7371d621194c96d1c0
 SHA512 (ruby-3.2.8.tar.xz) = 19ff96619945d907e509803b85ecf21750ffa4ae033045272feb43c183ab180d0033b98cf47c18804e448f01bc1928e3b833c61c98446dbe6be31fb9ea6b059d
@@ -9,13 +9,16 @@ SHA1 (patch-ext_openssl_openssl__missing.h) = 3f8d79736fd14806dfaf76e333eec63ff3
 SHA1 (patch-include_ruby_internal_static__assert.h) = 7d5c3ae7ff674b9b34639924fcf08237164de9f8
 SHA1 (patch-lib_mkmf.rb) = 4a3cd18548dbdf43a13695d4e76f817c0347e335
 SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
+SHA1 (patch-lib_resolv.gemspec) = bf2fa504fcb2451a3b6b4e6d30a30d01f876c166
+SHA1 (patch-lib_resolv.rb) = 1a04a55d54e7d45c7147605b6335f6623ddd92c1
 SHA1 (patch-lib_rubygems.rb) = 060549c43b84f73c77432a72cdcf22941be4eb17
 SHA1 (patch-lib_rubygems_commands_setup__command.rb) = 66c475a5308deb2ed5096b88cf65549732f87421
 SHA1 (patch-lib_rubygems_config__file.rb) = 1da55a32d931f91321636401e94d89f78f9fa622
 SHA1 (patch-lib_rubygems_dependency__installer.rb) = 47252c99238a0d91b7d28e8287be57404446124b
 SHA1 (patch-lib_rubygems_install__update__options.rb) = 0cd0816e1cd7c84c1dab1e091787c4dc38d28273
 SHA1 (patch-lib_rubygems_installer.rb) = 1c94047a24362b3597dac7ea156982a09cb93234
 SHA1 (patch-lib_rubygems_platform.rb) = 58094b26520623f258ecf035084f4aa7226e9686
+SHA1 (patch-test_resolv_test__dns.rb) = 98fd0533ad92bfb6729abd107d75c4ca436fd660
 SHA1 (patch-test_rubygems_test__gem.rb) = 32f7c7d7f8a024c045d78c2bce93944fc3113d04
 SHA1 (patch-thread__pthread.c) = 7c1231933a2d6ce9d56891ab512371841697fbca
 SHA1 (patch-tool_ifchange) = 1814cd41f0b0a93b181799cb117bd1f57068cf33

lang/ruby32-base/patches/patch-lib_resolv.gemspec

@@ -0,0 +1,14 @@
+$NetBSD: patch-lib_resolv.gemspec,v 1.1.2.2 2025/07/17 02:18:00 maya Exp $
+
+Update resolv gem to 0.2.3.
+
+--- lib/resolv.gemspec.orig	2025-03-26 04:18:02.000000000 +0000
++++ lib/resolv.gemspec
+@@ -1,6 +1,6 @@
+ Gem::Specification.new do |spec|
+   spec.name          = "resolv"
+-  spec.version       = "0.2.2"
++  spec.version       = "0.2.3"
+   spec.authors       = ["Tanaka Akira"]
+   spec.email         = ["akr@fsij.org"]
+ 

lang/ruby32-base/patches/patch-lib_resolv.rb

@@ -0,0 +1,26 @@
+$NetBSD: patch-lib_resolv.rb,v 1.1.2.2 2025/07/17 02:18:00 maya Exp $
+
+Update resolv gem to 0.2.3.
+
+--- lib/resolv.rb.orig	2025-03-26 04:18:02.000000000 +0000
++++ lib/resolv.rb
+@@ -1624,6 +1624,7 @@ class Resolv
+           prev_index = @index
+           save_index = nil
+           d = []
++          size = -1
+           while true
+             raise DecodeError.new("limit exceeded") if @limit <= @index
+             case @data.getbyte(@index)
+@@ -1644,7 +1645,10 @@ class Resolv
+               end
+               @index = idx
+             else
+-              d << self.get_label
++              l = self.get_label
++              d << l
++              size += 1 + l.string.bytesize
++              raise DecodeError.new("name label data exceed 255 octets") if size > 255
+             end
+           end
+         end

lang/ruby32-base/patches/patch-test_resolv_test__dns.rb

@@ -0,0 +1,20 @@
+$NetBSD: patch-test_resolv_test__dns.rb,v 1.1.2.2 2025/07/17 02:18:00 maya Exp $
+
+Update resolv gem to 0.2.3.
+
+--- test/resolv/test_dns.rb.orig	2025-03-26 04:18:02.000000000 +0000
++++ test/resolv/test_dns.rb
+@@ -416,6 +416,13 @@ class TestResolvDNS < Test::Unit::TestCa
+     assert_operator(2**14, :<, m.to_s.length)
+   end
+ 
++  def test_too_long_address
++    too_long_address_message = [0, 0, 1, 0, 0, 0].pack("n*") + "\x01x" * 129 + [0, 0, 0].pack("cnn")
++    assert_raise_with_message(Resolv::DNS::DecodeError, /name label data exceed 255 octets/) do
++      Resolv::DNS::Message.decode too_long_address_message
++    end
++  end
++
+   def assert_no_fd_leak
+     socket = assert_throw(self) do |tag|
+       Resolv::DNS.stub(:bind_random_port, ->(s, *) {throw(tag, s)}) do