From aad8ccf1263bc8848efec5140cc02ef593f0e1d4 Mon Sep 17 00:00:00 2001
From: Tim Smith <tsmith@chef.io>
Date: Fri, 5 Jan 2018 16:01:06 -0800
Subject: Update to Ruby 2.4.3

This resolves this CVE https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/

It also backports a few bugfixes from 2.5.0:
https://github.com/ruby/ruby/compare/v2_4_2...v2_4_3

Signed-off-by: Tim Smith <tsmith@chef.io>
---
 .travis.yml          | 54 ++++++++++++++++++++++++++--------------------------
 Gemfile.lock         |  2 +-
 omnibus/Gemfile.lock | 28 +++++++++++++--------------
 omnibus_overrides.rb |  2 +-
 4 files changed, 42 insertions(+), 44 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 4fd6e8c780..b68193644c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -38,7 +38,7 @@ matrix:
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       INTEGRATION_SPECS_24: 1
-    rvm: 2.4.2
+    rvm: 2.4.3
     sudo: true
     script: sudo -E $(which bundle) exec rake spec:integration;
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
@@ -50,7 +50,7 @@ matrix:
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       FUNCTIONAL_SPECS_24: 1
-    rvm: 2.4.2
+    rvm: 2.4.3
     sudo: true
     script: sudo -E $(which bundle) exec rake spec:functional;
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
@@ -64,7 +64,7 @@ matrix:
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       UNIT_SPECS_24: 1
-    rvm: 2.4.2
+    rvm: 2.4.3
     sudo: true
     script:
       - sudo -E $(which bundle) exec rake spec:unit;
@@ -72,13 +72,13 @@ matrix:
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       CHEFSTYLE: 1
-    rvm: 2.4.2
+    rvm: 2.4.3
     script: bundle exec rake style
     # also remove integration / external tests
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
   - env:
       AUDIT_CHECK: 1
-    rvm: 2.4.2
+    rvm: 2.4.3
     script: bundle exec bundle-audit check --update
     # also remove integration / external tests
     bundler_args: --without ci docgen guard integration maintenance omnibus_package --frozen
@@ -88,43 +88,43 @@ matrix:
   - env:
       TEST_GEM: sethvargo/chef-sugar
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       PEDANT_OPTS: --skip-oc_id
       TEST_GEM: chef/chef-zero
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec cheffs
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: chef/cheffish
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: chefspec/chefspec
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: foodcritic/foodcritic
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake test
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: poise/halite
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: chef/knife-windows
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake unit_spec
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: poise/poise
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec
-    rvm: 2.4.2
+    rvm: 2.4.3
   - env:
       TEST_GEM: chef/knife-windows
     script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake unit_spec
-    rvm: 2.4.2
+    rvm: 2.4.3
   ### START TEST KITCHEN ONLY ###
   #
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -141,7 +141,7 @@ matrix:
     env:
       - AMAZON=LATEST
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -158,7 +158,7 @@ matrix:
     env:
       - UBUNTU=14.04
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -175,7 +175,7 @@ matrix:
     env:
       - UBUNTU=16.04
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -192,7 +192,7 @@ matrix:
     env:
       - DEBIAN=7
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -209,7 +209,7 @@ matrix:
     env:
       - DEBIAN=8
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -226,7 +226,7 @@ matrix:
     env:
       - DEBIAN=9
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -243,7 +243,7 @@ matrix:
     env:
       - CENTOS=6
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -260,7 +260,7 @@ matrix:
     env:
       - CENTOS=7
       - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -277,7 +277,7 @@ matrix:
     env:
      - FEDORA=latest
      - KITCHEN_YAML=.kitchen.travis.yml
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     services: docker
     sudo: required
     gemfile: kitchen-tests/Gemfile
@@ -294,7 +294,7 @@ matrix:
     env:
      - OPENSUSELEAP=42
      - KITCHEN_YAML=.kitchen.travis.yml
-#  - rvm: 2.4.2
+#  - rvm: 2.4.3
 #    services: docker
 #    sudo: required
 #    gemfile: kitchen-tests/Gemfile
@@ -311,7 +311,7 @@ matrix:
 #    env:
 #      - AWESOME_CUSTOMERS_UBUNTU=1
 #      - KITCHEN_YAML=.kitchen.travis.yml
-#  - rvm: 2.4.2
+#  - rvm: 2.4.3
 #    services: docker
 #    sudo: required
 #    gemfile: kitchen-tests/Gemfile
@@ -329,7 +329,7 @@ matrix:
 #      - AWESOME_CUSTOMERS_RHEL=1
 #      - KITCHEN_YAML=.kitchen.travis.yml
 #    ### END TEST KITCHEN ONLY ###
-  - rvm: 2.4.2
+  - rvm: 2.4.3
     sudo: required
     before_install:
       - gem update --system $(grep rubygems omnibus_overrides.rb | cut -d'"' -f2)
diff --git a/Gemfile.lock b/Gemfile.lock
index 3b7bc8ab9c..90b86832ad 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -414,4 +414,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   1.16.0
+   1.16.1
diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock
index 06ef842859..928cc8eeaf 100644
--- a/omnibus/Gemfile.lock
+++ b/omnibus/Gemfile.lock
@@ -1,6 +1,6 @@
 GIT
   remote: https://github.com/chef/license_scout
-  revision: d736df0d72f84ed3f0c8e3eb66b12562a3dccbda
+  revision: d044136f0b464ed3894a172f06a50167106ec5d1
   specs:
     license_scout (0.1.3)
       ffi-yajl (~> 2.2)
@@ -26,7 +26,7 @@ GIT
 
 GIT
   remote: https://github.com/chef/omnibus-software
-  revision: d6accc79f166cc6fc552e07088951bf467c30989
+  revision: 918dcb6b883ce2edb1528040875257b8e9b1c79f
   specs:
     omnibus-software (4.0.0)
       chef-sugar (>= 3.4.0)
@@ -38,13 +38,13 @@ GEM
     addressable (2.5.2)
       public_suffix (>= 2.0.2, < 4.0)
     awesome_print (1.8.0)
-    aws-sdk (2.10.99)
-      aws-sdk-resources (= 2.10.99)
-    aws-sdk-core (2.10.99)
+    aws-sdk (2.10.112)
+      aws-sdk-resources (= 2.10.112)
+    aws-sdk-core (2.10.112)
       aws-sigv4 (~> 1.0)
       jmespath (~> 1.0)
-    aws-sdk-resources (2.10.99)
-      aws-sdk-core (= 2.10.99)
+    aws-sdk-resources (2.10.112)
+      aws-sdk-core (= 2.10.112)
     aws-sigv4 (1.0.2)
     berkshelf (4.3.5)
       addressable (~> 2.3, >= 2.3.4)
@@ -108,7 +108,7 @@ GEM
       ffi (>= 1.0.1)
     gyoku (1.3.1)
       builder (>= 2.1.2)
-    hashie (3.5.6)
+    hashie (3.5.7)
     hitimes (1.2.6)
     hitimes (1.2.6-x86-mingw32)
     httpclient (2.7.2)
@@ -130,7 +130,7 @@ GEM
     mixlib-authentication (1.4.2)
     mixlib-cli (1.7.0)
     mixlib-config (2.2.4)
-    mixlib-install (3.8.0)
+    mixlib-install (3.9.0)
       mixlib-shellout
       mixlib-versioning
       thor
@@ -148,9 +148,9 @@ GEM
     net-ssh (4.2.0)
     net-ssh-gateway (1.3.0)
       net-ssh (>= 2.6.5)
-    nio4r (2.1.0)
+    nio4r (2.2.0)
     nori (2.6.0)
-    octokit (4.7.0)
+    octokit (4.8.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     ohai (8.25.1)
       chef-config (>= 12.5.0.alpha.1, < 14)
@@ -170,7 +170,7 @@ GEM
       multipart-post (~> 2.0.0)
       progressbar
       zhexdump (>= 0.0.2)
-    plist (3.3.0)
+    plist (3.4.0)
     progressbar (1.9.0)
     pry (0.11.3)
       coderay (~> 1.1.0)
@@ -204,7 +204,6 @@ GEM
     ruby-progressbar (1.9.0)
     rubyntlm (0.6.2)
     rubyzip (1.2.1)
-    safe_yaml (1.0.4)
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
@@ -219,7 +218,6 @@ GEM
       net-scp (~> 1.1)
       net-ssh (>= 2.9, < 5.0)
       net-ssh-gateway (~> 1.2)
-      safe_yaml (~> 1.0)
       thor (~> 0.19, < 0.19.2)
       winrm (~> 2.0)
       winrm-elevated (~> 1.0)
@@ -273,4 +271,4 @@ DEPENDENCIES
   winrm-fs (~> 1.0)
 
 BUNDLED WITH
-   1.16.0
+   1.16.1
diff --git a/omnibus_overrides.rb b/omnibus_overrides.rb
index c88ebfdcc1..8da7dc9940 100644
--- a/omnibus_overrides.rb
+++ b/omnibus_overrides.rb
@@ -14,7 +14,7 @@ override "libyaml", version: "0.1.7"
 override "makedepend", version: "1.0.5"
 override "ncurses", version: "5.9"
 override "pkg-config-lite", version: "0.28-1"
-override "ruby", version: "2.4.2"
+override "ruby", version: "2.4.3"
 override "ruby-windows-devkit-bash", version: "3.1.23-4-msys-1.0.18"
 override "util-macros", version: "1.19.0"
 override "xproto", version: "7.0.28"
-- 
cgit v1.2.1