[arch-commits] Commit in ruby/trunk (PKGBUILD webrick.patch)
Anatol Pomozov
anatolik at archlinux.org
Wed Sep 30 22:12:50 UTC 2020
Date: Wednesday, September 30, 2020 @ 22:12:49
Author: anatolik
Revision: 397016
FS#68051: Patch for CVE-2020-25613
Added:
ruby/trunk/webrick.patch
Modified:
ruby/trunk/PKGBUILD
---------------+
PKGBUILD | 10 +++++++---
webrick.patch | 40 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 47 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-09-30 20:59:15 UTC (rev 397015)
+++ PKGBUILD 2020-09-30 22:12:49 UTC (rev 397016)
@@ -5,7 +5,7 @@
pkgname=(ruby ruby-docs)
pkgver=2.7.1
-pkgrel=3
+pkgrel=4
arch=(x86_64)
url='https://www.ruby-lang.org/en/'
license=(BSD custom)
@@ -12,13 +12,17 @@
depends=(libxcrypt)
makedepends=(gdbm openssl libffi doxygen graphviz libyaml ttf-dejavu tk)
options=(!emptydirs)
-source=(https://cache.ruby-lang.org/pub/ruby/${pkgver:0:3}/ruby-${pkgver}.tar.xz)
-sha512sums=('79f98b1ea98e0b10ec79da1883e8fc84d48ffe5c09ae945cbebde94365e35a589d919aac965f74d70ca7e21370ecee631ac5a8f9c4eac61d62f5aa629f27bf31')
+source=(https://cache.ruby-lang.org/pub/ruby/${pkgver:0:3}/ruby-${pkgver}.tar.xz
+ webrick.patch) # simplified upstream patch https://github.com/ruby/ruby/commit/828c34e58b63d64558ec0f2d1d7ae401c5e6b21f
+sha512sums=('79f98b1ea98e0b10ec79da1883e8fc84d48ffe5c09ae945cbebde94365e35a589d919aac965f74d70ca7e21370ecee631ac5a8f9c4eac61d62f5aa629f27bf31'
+ '60688c02bdbed087dc41613e335abd5602964f13e0cdf900ed2f7a830eb4d10a93396e8ef6e87a5c17aa6c50f63098199aa729302c8e6cf44505eecec2aed9e2')
prepare() {
cd ruby-${pkgver}
# remove bundled gems, we are going to ship them as separate packages
rm -rf gems/
+
+ patch -p1 < ../webrick.patch # FS#68051 CVE-2020-25613
}
build() {
Added: webrick.patch
===================================================================
--- webrick.patch (rev 0)
+++ webrick.patch 2020-09-30 22:12:49 UTC (rev 397016)
@@ -0,0 +1,40 @@
+From 828c34e58b63d64558ec0f2d1d7ae401c5e6b21f Mon Sep 17 00:00:00 2001
+From: nagachika <nagachika at ruby-lang.org>
+Date: Tue, 29 Sep 2020 22:46:14 +0900
+Subject: [PATCH] merge revision(s) d23d2f3f6fbb5d787b0dd80675c489a692be23e2:
+
+ [ruby/webrick] Make it more strict to interpret some headers
+
+ Some regexps were too tolerant.
+
+ https://github.com/ruby/webrick/commit/8946bb38b4
+---
+ lib/webrick/httprequest.rb | 6 +++---
+ version.h | 2 +-
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
+index 87dc879175c0..6af0cee97dbf 100644
+--- a/lib/webrick/httprequest.rb
++++ b/lib/webrick/httprequest.rb
+@@ -226,9 +226,9 @@ def parse(socket=nil)
+ raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
+ end
+
+- if /close/io =~ self["connection"]
++ if /\Aclose\z/io =~ self["connection"]
+ @keep_alive = false
+- elsif /keep-alive/io =~ self["connection"]
++ elsif /\Akeep-alive\z/io =~ self["connection"]
+ @keep_alive = true
+ elsif @http_version < "1.1"
+ @keep_alive = false
+@@ -503,7 +503,7 @@ def read_body(socket, block)
+ return unless socket
+ if tc = self['transfer-encoding']
+ case tc
+- when /chunked/io then read_chunked(socket, block)
++ when /\Achunked\z/io then read_chunked(socket, block)
+ else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
+ end
+ elsif self['content-length'] || @remaining_size
More information about the arch-commits
mailing list