lang/ruby26-base: update to 2.6.7

Ruby 2.6.7 Released (2021-04-05)

This release includes security fixes.  Please check the topics below for
details.

* CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in
  WEBrick
* CVE-2021-28965: XML round-trip vulnerability in REXML

See the commit logs for details.

By this release, we end the normal maintenance phase of Ruby 2.6, and Ruby
2.6 enters the security maintenance phase.  This means that we will no
longer backport any bug fixes to Ruby 2.6 except security fixes.  The term
of the security maintenance phase is scheduled for a year.  Ruby 2.6 reaches
EOL and its official support ends by the end of the security maintenance
phase.  Therefore, we recommend that you start to plan upgrade to Ruby 2.7
or 3.0.

5 files changed, 23 insertions, 68 deletions

diff --git a/lang/ruby26-base/Makefile b/lang/ruby26-base/Makefile
index 7badaa47adc..133513d22e0 100644
--- a/lang/ruby26-base/Makefile
+++ b/lang/ruby26-base/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2021/02/14 15:31:02 taca Exp $
+# $NetBSD: Makefile,v 1.13 2021/04/11 12:28:37 taca Exp $
 
 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION}
-PKGREVISION=	1
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}
 
diff --git a/lang/ruby26-base/PLIST b/lang/ruby26-base/PLIST
index 9e86f2ce3a6..1b0236cff1a 100644
--- a/lang/ruby26-base/PLIST
+++ b/lang/ruby26-base/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2020/04/01 15:21:57 taca Exp $
+@comment $NetBSD: PLIST,v 1.5 2021/04/11 12:28:37 taca Exp $
 bin/bundle${RUBY_SUFFIX}
 bin/bundler${RUBY_SUFFIX}
 bin/erb${RUBY_SUFFIX}
@@ -910,9 +910,8 @@ ${RUBY_LIB}/rubygems/source_specific_file.rb
 ${RUBY_LIB}/rubygems/spec_fetcher.rb
 ${RUBY_LIB}/rubygems/specification.rb
 ${RUBY_LIB}/rubygems/specification_policy.rb
-${RUBY_LIB}/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem
-${RUBY_LIB}/rubygems/ssl_certs/rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem
-${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA.pem
+${RUBY_LIB}/rubygems/ssl_certs/rubygems.org/GlobalSignRootCA_R3.pem
 ${RUBY_LIB}/rubygems/stub_specification.rb
 ${RUBY_LIB}/rubygems/syck_hack.rb
 ${RUBY_LIB}/rubygems/test_case.rb
diff --git a/lang/ruby26-base/distinfo b/lang/ruby26-base/distinfo
index bb03aa50df1..de78782f6fe 100644
--- a/lang/ruby26-base/distinfo
+++ b/lang/ruby26-base/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.9 2020/10/04 03:41:12 taca Exp $
+$NetBSD: distinfo,v 1.10 2021/04/11 12:28:37 taca Exp $
 
-SHA1 (ruby-2.6.6.tar.xz) = 4dc8d4f7abc1d498b7bac68e82efc01a849f300f
-RMD160 (ruby-2.6.6.tar.xz) = 3091dc207ad5089305c105582e39f73ca9dfeb2b
-SHA512 (ruby-2.6.6.tar.xz) = 86caf93dbf61d03781767ab5375a7edf4761f13ba08ccfefe16c0a7550499237e7390c2f72a95d42670d4fe76b2401b4218936187c62ec1572799e9e04c50d62
-Size (ruby-2.6.6.tar.xz) = 11567284 bytes
-SHA1 (patch-configure) = d66204877531fe147361adf843819c3db6d40919
+SHA1 (ruby-2.6.7.tar.xz) = 1fd1448125a00cd7b9994637b5e561506de6a6d3
+RMD160 (ruby-2.6.7.tar.xz) = 25d606c0338322e96e61a9e7a5821b1a5e543261
+SHA512 (ruby-2.6.7.tar.xz) = ba6fc0a36af2a08cf1b008851e805f59ea1047724fc7b61d4bc674533b8f123cb12fa0969e9a3f57290477c0d75f974ca7e304836e4905bd96a737211df9bd21
+Size (ruby-2.6.7.tar.xz) = 11591404 bytes
+SHA1 (patch-configure) = ccfad7b5e35e87308e187e6c5fb3ffea57ad763d
 SHA1 (patch-ext_dbm_extconf.rb) = c998f8735db54b1ae2bc8b6caa359ce88bc7a45b
 SHA1 (patch-lib_mkmf.rb) = 75d2261a8282a00cd5f811a5e629302d1667207e
 SHA1 (patch-lib_rdoc_encoding.rb) = 0e82d2942d9bfcb67dc7c994889d7bc5ec2ae85a
@@ -17,6 +17,5 @@ SHA1 (patch-lib_rubygems_dependency__installer.rb) = 1776508907f17547ffe93f637d6
 SHA1 (patch-lib_rubygems_install__update__options.rb) = 1e953b5a517a805fd7184e359fbc06e67a5ff9b3
 SHA1 (patch-lib_rubygems_installer.rb) = bce2fe5bcc88ba15352c1e3017bdf97e19d0cbfa
 SHA1 (patch-lib_rubygems_platform.rb) = 8608f9e29728101789a990d73b4a6780054dd278
-SHA1 (patch-lib_webrick_httprequest.rb) = 71d2d01e27d23aa5f0b7bc77f2cda1fd85aeeab4
 SHA1 (patch-test_rubygems_test__gem.rb) = 80d646b95df81bacca6d277d2801dba16df291f5
 SHA1 (patch-thread__pthread.c) = ce3dfbc7e953cdd04522bcc8e443b60e541845ce
diff --git a/lang/ruby26-base/patches/patch-configure b/lang/ruby26-base/patches/patch-configure
index ea4e32002f1..d4fcb6a03c0 100644
--- a/lang/ruby26-base/patches/patch-configure
+++ b/lang/ruby26-base/patches/patch-configure
@@ -1,15 +1,14 @@
-$NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
+$NetBSD: patch-configure,v 1.3 2021/04/11 12:28:37 taca Exp $
 
 * Adding Interix support.
 * Ignore doxygen.
 * Ignore VCS.
 * Handle SSP in pkgsrc.
 * Put -std= in CFLAGS not CPPFLAGS.
-* Fix argument for pthread_self() on NetBSD.
 
---- configure.orig	2019-01-30 10:41:14.000000000 +0000
+--- configure.orig	2021-04-05 11:48:36.000000000 +0000
 +++ configure
-@@ -6048,7 +6048,7 @@ else
+@@ -6064,7 +6064,7 @@ else
      if test x"$target_alias" = x; then :
  
  	case "$target_os" in #(
@@ -18,7 +17,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  
  	    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for real target cpu" >&5
  $as_echo_n "checking for real target cpu... " >&6; }
-@@ -8393,6 +8393,7 @@ fi
+@@ -8431,6 +8431,7 @@ fi
  	stack_protector=no
       ;; #(
    *) :
@@ -26,7 +25,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
       ;;
  esac
      if test -z "${stack_protector+set}"; then :
-@@ -10239,6 +10240,10 @@ esac
+@@ -10277,6 +10278,10 @@ esac
  
  			ac_cv_func___builtin_setjmp=no
  		 ;; #(
@@ -37,7 +36,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
    *) :
       ;;
  esac
-@@ -21600,6 +21605,8 @@ else
+@@ -21638,6 +21643,8 @@ else
  # ifdef _MSC_VER
  #  include <malloc.h>
  #  define alloca _alloca
@@ -46,21 +45,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  # else
  #  ifdef HAVE_ALLOCA_H
  #   include <alloca.h>
-@@ -26151,11 +26158,11 @@ if ${rb_cv_func_pthread_setname_np_argum
- else
-   rb_cv_func_pthread_setname_np_arguments=
- 	    # Linux,AIX,  (pthread_self(), name)
--	    # NetBSD (pthread_self(), name, \"%s\")
-+	    # NetBSD (pthread_self(), \"%s\", name)
- 	    # Darwin (name)
- 	    for mac in \
- 		"(pthread_self(), name)" \
--		"(pthread_self(), name, \"%s\")" \
-+		"(pthread_self(), \"%s\", name)" \
- 		"(name)" \
- 		; do
- 		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -26749,7 +26756,9 @@ fi
+@@ -26842,7 +26849,9 @@ fi
    interix*) :
      	: ${LDSHARED='$(CC) -shared'}
  			XLDFLAGS="$XLDFLAGS -Wl,-E"
@@ -70,7 +55,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  			rb_cv_dlopen=yes ;; #(
    freebsd*|dragonfly*) :
  
-@@ -27991,7 +28000,7 @@ fi
+@@ -28084,7 +28093,7 @@ fi
  	 ;; #(
    freebsd*|dragonfly*) :
  
@@ -79,7 +64,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  	LIBRUBY_SONAME='$(LIBRUBY_SO)'
  	if test "$rb_cv_binary_elf" != "yes" ; then :
  
-@@ -28070,9 +28079,10 @@ esac
+@@ -28163,9 +28172,10 @@ esac
  	 ;; #(
    darwin*) :
  
@@ -92,7 +77,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  	if test "$load_relative" = yes; then :
  
  	    libprefix="@executable_path/../${libdir_basename}"
-@@ -28093,7 +28103,12 @@ fi
+@@ -28186,7 +28196,12 @@ fi
  	 ;; #(
    interix*) :
  
@@ -106,7 +91,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
  	 ;; #(
    mingw*|cygwin*|mswin*) :
  
-@@ -28275,7 +28290,7 @@ if test "$enable_rpath" = yes; then :
+@@ -28368,7 +28383,7 @@ if test "$enable_rpath" = yes; then :
  esac
      rpathflag=`IFS="$PATH_SEPARATOR"
          echo x "$rpathflag" |
@@ -115,7 +100,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
      `
      LIBRUBY_RPATHFLAGS="$LIBRUBY_RPATHFLAGS${rpathflag}"
      LIBRUBYARG_SHARED="$LIBRUBY_RPATHFLAGS $LIBRUBYARG_SHARED"
-@@ -28817,15 +28832,7 @@ fi
+@@ -28910,15 +28925,7 @@ fi
  
  if test "$install_doc" != no; then :
  
@@ -132,7 +117,7 @@ $NetBSD: patch-configure,v 1.2 2019/03/14 09:57:54 jperkin Exp $
      if test "$install_capi" != no -a -n "$DOXYGEN"; then :
  
  	CAPITARGET="capi"
-@@ -30979,31 +30988,7 @@ which seems to be undefined.  Please mak
+@@ -31072,31 +31079,7 @@ which seems to be undefined.  Please mak
      "Makefile":F)
      tmpmk=confmk$$.tmp
      {
diff --git a/lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb b/lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb
deleted file mode 100644
index 0dbfd67c943..00000000000
--- a/lang/ruby26-base/patches/patch-lib_webrick_httprequest.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-$NetBSD: patch-lib_webrick_httprequest.rb,v 1.1 2020/10/04 03:41:12 taca Exp $
-
-Add fix for CVE-2020-25613.
-
---- lib/webrick/httprequest.rb.orig	2020-03-31 11:23:13.000000000 +0000
-+++ lib/webrick/httprequest.rb
-@@ -226,9 +226,9 @@ module WEBrick
-         raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
-       end
- 
--      if /close/io =~ self["connection"]
-+      if /\Aclose\z/io =~ self["connection"]
-         @keep_alive = false
--      elsif /keep-alive/io =~ self["connection"]
-+      elsif /\Akeep-alive\z/io =~ self["connection"]
-         @keep_alive = true
-       elsif @http_version < "1.1"
-         @keep_alive = false
-@@ -503,7 +503,7 @@ module WEBrick
-       return unless socket
-       if tc = self['transfer-encoding']
-         case tc
--        when /chunked/io then read_chunked(socket, block)
-+        when /\Achunked\z/io then read_chunked(socket, block)
-         else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
-         end
-       elsif self['content-length'] || @remaining_size