Bug#889117: marked as done (ruby2.3 FTBFS with tzdata 2018c-1)

[Debian Bug Tracking System]

Your message dated Sat, 09 Mar 2019 18:47:08 +0000
with message-id <e1h2h00-0007w0...@fasolo.debian.org>
and subject line Bug#889117: fixed in ruby2.3 2.3.3-1+deb9u3
has caused the Debian Bug report #889117,
regarding ruby2.3 FTBFS with tzdata 2018c-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889117: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889117
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: ruby2.3
Version: 2.3.3-1
Severity: serious

https://buildd.debian.org/status/package.php?p=ruby2.3&suite=sid

...
  5) Failure:
TestTimeTZ#test_asia_tokyo [/<<PKGBUILDDIR>>/test/ruby/test_time_tz.rb:129]:
TZ=Asia/Tokyo Time.local(1951, 5, 6, 2, 0, 0).
<"1951-05-06 03:00:00 +1000"> expected but was
<"1951-05-06 02:00:00 +1000">.

  6) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_24 
[/<<PKGBUILDDIR>>/test/ruby/test_time_tz.rb:259]:
TZ=Asia/Tokyo Time.utc(1951, 5, 5, 16, 59, 59).localtime.
<"1951-05-06 01:59:59 +0900"> expected but was
<"1951-05-06 02:59:59 +1000">.

  7) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_27 
[/<<PKGBUILDDIR>>/test/ruby/test_time_tz.rb:259]:
TZ=Asia/Tokyo Time.utc(1951, 9, 7, 16, 0, 0).localtime.
<"1951-09-08 01:00:00 +0900"> expected but was
<"1951-09-08 02:00:00 +1000">.

  8) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_69 
[/<<PKGBUILDDIR>>/test/ruby/test_time_tz.rb:277]:
TZ=Asia/Tokyo Time.local(1951, 5, 6, 1, 59, 59).
<"1951-05-06 01:59:59 +0900"> expected but was
<"1951-05-06 01:59:59 +1000">.

  9) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_72 
[/<<PKGBUILDDIR>>/test/ruby/test_time_tz.rb:295]:
TZ=Asia/Tokyo Time.local(0, 0, 1, 8, 9, 1951, nil, nil, false, nil).
<"1951-09-08 01:00:00 +0900"> expected but was
<"1951-09-08 01:00:00 +1000">.
...


The same FTBFS in ruby2.5 was reported as #889046.

Additional unrelated failures in unstable caused by the
gdbm transition are handled in #832020.

I have reproduced this FTBFS with tzdata 2018c-1 in stretch,
and it is expected that tzdata >= 2018c will enter stretch.

--- End Message ---

--- Begin Message ---

Source: ruby2.3
Source-Version: 2.3.3-1+deb9u3

We believe that the bug you reported is fixed in the latest version of
ruby2.3, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago R.R. <santiag...@riseup.net> (supplier of updated ruby2.3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 19 Jul 2018 13:28:10 +0200
Source: ruby2.3
Binary: ruby2.3 libruby2.3 ruby2.3-dev ruby2.3-doc ruby2.3-tcltk
Architecture: source
Version: 2.3.3-1+deb9u3
Distribution: stretch-security
Urgency: medium
Maintainer: Antonio Terceiro <terce...@debian.org>
Changed-By: Santiago R.R. <santiag...@riseup.net>
Description:
 libruby2.3 - Libraries necessary to run Ruby 2.3
 ruby2.3    - Interpreter of object-oriented scripting language Ruby
 ruby2.3-dev - Header files for compiling extension modules for the Ruby 2.3
 ruby2.3-doc - Documentation for Ruby 2.3
 ruby2.3-tcltk - Ruby/Tk for Ruby 2.3
Closes: 889117 898694
Changes:
 ruby2.3 (2.3.3-1+deb9u3) stretch-security; urgency=medium
 .
   [ Santiago R.R. ]
   * Fix Command injection vulnerability in Net::FTP.
     [CVE-2017-17405]
   * webrick: use IO.copy_stream for multipart response. Required changes in
     WEBrick to fix CVE-2017-17742 and CVE-2018-8777
   * Fix HTTP response splitting in WEBrick.
     [CVE-2017-17742]
   * Fix Command Injection in Hosts::new() by use of Kernel#open.
     [CVE-2017-17790]
   * Fix Unintentional directory traversal by poisoned NUL byte in Dir
     [CVE-2018-8780]
   * Fix multiple vulnerabilities in RubyGems.
     CVE-2018-1000073: Prevent Path Traversal issue during gem installation.
     CVE-2018-1000074: Fix possible Unsafe Object Deserialization
     Vulnerability in gem owner.
     CVE-2018-1000075: Strictly interpret octal fields in tar headers.
     CVE-2018-1000076: Raise a security error when there are duplicate files
     in a package.
     CVE-2018-1000077: Enforce URL validation on spec homepage attribute.
     CVE-2018-1000078: Mitigate XSS vulnerability in homepage attribute when
     displayed via gem server.
     CVE-2018-1000079: Prevent path traversal when writing to a symlinked
     basedir outside of the root.
   * Fix directory traversal vulnerability in the Dir.mktmpdir method in the
     tmpdir library
     [CVE-2018-6914]
   * Fix Unintentional socket creation by poisoned NUL byte in UNIXServer and
     UNIXSocket
     [CVE-2018-8779]
   * Fix Buffer under-read in String#unpack
     [CVE-2018-8778]
   * Fix tests to cope with updates in tzdata (Closes: #889117)
   * Exclude Rinda TestRingFinger and TestRingServer test units requiring
     network access (Closes: #898694)
 .
   [ Antonio Terceiro ]
   * debian/tests/excludes/any/TestTimeTZ.rb: ignore tests failing due to
     assumptions that don't hold on newer tzdata update. Upstream bug:
     https://bugs.ruby-lang.org/issues/14655
Checksums-Sha1:
 5afa01b2458ca3ae446afafc81199d74e4d7bede 2503 ruby2.3_2.3.3-1+deb9u3.dsc
 b178b5349ce51fdc6d64f8f09a2e5c8666afbf69 115108 
ruby2.3_2.3.3-1+deb9u3.debian.tar.xz
 07c8c87633399d1206a19f7ab886f7daffe7f216 10673 
ruby2.3_2.3.3-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
 bb63c143540a31a71a1982219266580434c35e4f09ff5db3bb1cced5cf611e0d 2503 
ruby2.3_2.3.3-1+deb9u3.dsc
 076c1973276eb48d0adb655e595dfcce62d0273ebc3beaa2ef6815c862fd2aab 115108 
ruby2.3_2.3.3-1+deb9u3.debian.tar.xz
 37a7b6f3e106d6d54fe5649a72b23066a3edd4e6f9a5cabae4467a477b5c9f7a 10673 
ruby2.3_2.3.3-1+deb9u3_amd64.buildinfo
Files:
 1d4de9b04ccbcb46357fcdbff8b2b620 2503 ruby optional ruby2.3_2.3.3-1+deb9u3.dsc
 21fc61cef0ddad1b284d011f177b2326 115108 ruby optional 
ruby2.3_2.3.3-1+deb9u3.debian.tar.xz
 3a4b287deb5600e5ce35827925d87170 10673 ruby optional 
ruby2.3_2.3.3-1+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwUqnBPVvaa0NAVzHFX/a4RXx4q0FAltYTTAACgkQFX/a4RXx
4q2owRAAhuXWZ4QoepiexTPQ/I/qNNQRrhS2aL6PexpaHnHJHzAsx8b/Fox8QTYN
5W+tIKnW7oYqWEUikoWy7p8wLto78ltCB1iaQWiXyrS79YWj6xiwl+A0qnadEU3S
4OoYwXwgXxgyTnYGNsLIv/QWF0Hbm3tMmyiv9UzKzbm403foXNheBVbiYT3EgKby
ckxWo8fF3oYsphDg6qUXyGfFC0CToPuHI2LmyZe17L0pp/BIk+nYvAPez11uC1Qq
zfOtCE8unMEx1H7S1t9kol84Em+M935XdqZ9aEO4/YVEsnPY1NbCHo8joyG9w7LL
ScsN7Ts+2MxDDl/9lqT65/E9WfUvt9bWggczl36Edo+oS+zJTxqSUNhgtQRHADG8
VaFpkSbBuoCKqcCUrwGpyNcWT5pbWYNN6q8D01YO1puM8gXm7SIBMGuV/al2TsXv
0r82PXNiSBrqcOzTC8jD0yw8d6w1CW224hrlKyfQubKgZ5NqTwY4Rb9maHnfU+RU
8N78nu+U8ETgPIM74+Hyji7W6PBQYCjTBtCWWA9648PfYTlgGcrQh3gEVlHIASfA
B7PTKe2AFMLWfTIQ4D7WjvfVoNCSnfn2wQfbRILGy36z8B8OoGmwBpWeM0gpxOZU
nMe1DrjBb7UUdFTAdF6wkcqGXYZa2+Y9Gnm4Vd5jiZm6GPojeME=
=OTgZ
-----END PGP SIGNATURE-----

--- End Message ---