From b76e42362150263bb6c0aa18bd344e9a3fe0c383 Mon Sep 17 00:00:00 2001
From: Saul Paredes <saulparedes@microsoft.com>
Date: Mon, 4 Nov 2024 13:27:33 -0800
Subject: [PATCH 1/2] rubygem-rexml: patch CVE-2024-49761

Patch adapted from https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
which fixes CVE-2024-49761 per https://nvd.nist.gov/vuln/detail/CVE-2024-49761

Needed for rubygem-rexml versions < 3.3.9

Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
---
 SPECS/rubygem-rexml/CVE-2024-49761.patch | 40 ++++++++++++++++++++++++
 SPECS/rubygem-rexml/rubygem-rexml.spec   |  6 +++-
 2 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 SPECS/rubygem-rexml/CVE-2024-49761.patch

diff --git a/SPECS/rubygem-rexml/CVE-2024-49761.patch b/SPECS/rubygem-rexml/CVE-2024-49761.patch
new file mode 100644
index 00000000000..420561274da
--- /dev/null
+++ b/SPECS/rubygem-rexml/CVE-2024-49761.patch
@@ -0,0 +1,40 @@
+From 73938fa3d122d9110b6128711af90667ecc7321a Mon Sep 17 00:00:00 2001
+From: Saul Paredes <saulparedes@microsoft.com>
+Date: Mon, 4 Nov 2024 12:37:13 -0800
+Subject: [PATCH] rubygem-rexml: patch CVE-2024-49761
+
+Patch adapted from https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
+which fixes CVE-2024-49761 per https://nvd.nist.gov/vuln/detail/CVE-2024-49761
+
+Needed for rubygem-rexml versions < 3.3.9
+
+Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
+---
+ lib/rexml/parsers/baseparser.rb | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/lib/rexml/parsers/baseparser.rb b/lib/rexml/parsers/baseparser.rb
+index d09237c..99e375c 100644
+--- a/lib/rexml/parsers/baseparser.rb
++++ b/lib/rexml/parsers/baseparser.rb
+@@ -474,10 +474,14 @@ module REXML
+         rv = string.gsub( /\r\n?/, "\n" )
+         matches = rv.scan( REFERENCE_RE )
+         return rv if matches.size == 0
+-        rv.gsub!( /&#0*((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
++        rv.gsub!( /&#((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
+           m=$1
+-          m = "0#{m}" if m[0] == ?x
+-          [Integer(m)].pack('U*')
++          if m.start_with?("x")
++            code_point = Integer(m[1..-1], 16)
++          else
++            code_point = Integer(m, 10)
++          end
++          [code_point].pack('U*')
+         }
+         matches.collect!{|x|x[0]}.compact!
+         if matches.size > 0
+-- 
+2.25.1
+
diff --git a/SPECS/rubygem-rexml/rubygem-rexml.spec b/SPECS/rubygem-rexml/rubygem-rexml.spec
index b9bfdb3b1c3..b924d8bf42b 100644
--- a/SPECS/rubygem-rexml/rubygem-rexml.spec
+++ b/SPECS/rubygem-rexml/rubygem-rexml.spec
@@ -3,7 +3,7 @@
 Summary:        REXML is an XML toolkit for Ruby
 Name:           rubygem-%{gem_name}
 Version:        3.2.7
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -11,6 +11,7 @@ Group:          Development/Languages
 URL:            https://github.com/ruby/rexml
 Source0:        https://github.com/ruby/rexml/archive/refs/tags/v%{version}.tar.gz#/%{gem_name}-%{version}.tar.gz
 Patch0:         CVE-2024-41946.patch
+Patch1:         CVE-2024-49761.patch
 BuildRequires:  git
 BuildRequires:  ruby
 Requires:       ruby(release)
@@ -35,6 +36,9 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{gem_name}-
 %{gemdir}
 
 %changelog
+* Mon Nov 4 2024 Saul Paredes <saulparedes@microsoft.com> - 3.2.7-3
+- Add patch for CVE-2024-49761
+
 * Thu Sep 19 2024 Harshit Gupta <guptaharshit@microsoft.com> - 3.2.7-2
 - Add patch for CVE-2024-41946
 

From b2a2662b1c77623b850bd33e7e2307adba5b7fd8 Mon Sep 17 00:00:00 2001
From: Saul Paredes <saulparedes@microsoft.com>
Date: Mon, 4 Nov 2024 14:03:34 -0800
Subject: [PATCH 2/2] ruby: patch CVE-2024-49761

Patch adapted from https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
which fixes CVE-2024-49761 per https://nvd.nist.gov/vuln/detail/CVE-2024-49761

Needed for ruby versions < 3.2.0

Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
---
 SPECS/ruby/CVE-2024-49761.patch        | 40 ++++++++++++++++++++++++++
 SPECS/ruby/ruby.spec                   |  7 ++++-
 SPECS/rubygem-rexml/rubygem-rexml.spec |  2 +-
 3 files changed, 47 insertions(+), 2 deletions(-)
 create mode 100644 SPECS/ruby/CVE-2024-49761.patch

diff --git a/SPECS/ruby/CVE-2024-49761.patch b/SPECS/ruby/CVE-2024-49761.patch
new file mode 100644
index 00000000000..66914431c3c
--- /dev/null
+++ b/SPECS/ruby/CVE-2024-49761.patch
@@ -0,0 +1,40 @@
+From 42ab972c3b93321be351539a24ee95d31523a35d Mon Sep 17 00:00:00 2001
+From: Saul Paredes <saulparedes@microsoft.com>
+Date: Mon, 4 Nov 2024 12:40:10 -0800
+Subject: [PATCH] ruby: patch CVE-2024-49761
+
+Patch adapted from https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f
+which fixes CVE-2024-49761 per https://nvd.nist.gov/vuln/detail/CVE-2024-49761
+
+Needed for ruby versions < 3.2.0
+
+Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
+---
+ .../gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb   | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb b/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
+index 305b120..4944074 100644
+--- a/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
++++ b/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
+@@ -467,10 +467,14 @@ module REXML
+         rv.gsub!( /\r\n?/, "\n" )
+         matches = rv.scan( REFERENCE_RE )
+         return rv if matches.size == 0
+-        rv.gsub!( /&#0*((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
++        rv.gsub!( /&#((?:\d+)|(?:x[a-fA-F0-9]+));/ ) {
+           m=$1
+-          m = "0#{m}" if m[0] == ?x
+-          [Integer(m)].pack('U*')
++          if m.start_with?("x")
++            code_point = Integer(m[1..-1], 16)
++          else
++            code_point = Integer(m, 10)
++          end
++          [code_point].pack('U*')
+         }
+         matches.collect!{|x|x[0]}.compact!
+         if matches.size > 0
+-- 
+2.25.1
+
diff --git a/SPECS/ruby/ruby.spec b/SPECS/ruby/ruby.spec
index ba84ca4d9c2..3ef3be440b3 100644
--- a/SPECS/ruby/ruby.spec
+++ b/SPECS/ruby/ruby.spec
@@ -83,7 +83,7 @@ Name:           ruby
 # provides should be versioned according to the ruby version.
 # More info: https://stdgems.org/
 Version:        3.1.4
-Release:        7%{?dist}
+Release:        8%{?dist}
 License:        (Ruby OR BSD) AND Public Domain AND MIT AND CC0 AND zlib AND UCD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -106,6 +106,8 @@ Patch3:         CVE-2024-27282.patch
 Patch4:         CVE-2024-35176.patch
 # Patch no longer needed if REXML gem is 3.3.3 or later. Now is 3.2.5
 Patch5:         CVE-2024-41946.patch
+# Patch no longer needed if REXML gem is 3.3.9 or later. Now is 3.2.5
+Patch6:         CVE-2024-49761.patch
 BuildRequires:  openssl-devel
 BuildRequires:  readline
 BuildRequires:  readline-devel
@@ -408,6 +410,9 @@ sudo -u test make test TESTS="-v"
 %{_rpmconfigdir}/rubygems.con
 
 %changelog
+* Mon Nov 04 2024 Saul Paredes <saulparedes@microsoft.com> - 3.1.4-8
+- Patch CVE-2024-49761
+
 * Thu Sep 19 2024 Harshit Gupta <guptaharshit@microsoft.com> - 3.1.4-7
 - Patch CVE-2024-41946
 
diff --git a/SPECS/rubygem-rexml/rubygem-rexml.spec b/SPECS/rubygem-rexml/rubygem-rexml.spec
index b924d8bf42b..34f782b8c3d 100644
--- a/SPECS/rubygem-rexml/rubygem-rexml.spec
+++ b/SPECS/rubygem-rexml/rubygem-rexml.spec
@@ -36,7 +36,7 @@ gem install -V --local --force --install-dir %{buildroot}/%{gemdir} %{gem_name}-
 %{gemdir}
 
 %changelog
-* Mon Nov 4 2024 Saul Paredes <saulparedes@microsoft.com> - 3.2.7-3
+* Mon Nov 04 2024 Saul Paredes <saulparedes@microsoft.com> - 3.2.7-3
 - Add patch for CVE-2024-49761
 
 * Thu Sep 19 2024 Harshit Gupta <guptaharshit@microsoft.com> - 3.2.7-2