Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
rubygem-actionpack-4_2.27663
CVE-2023-22795.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2023-22795.patch of Package rubygem-actionpack-4_2.27663
From: John Hawthorn <john@hawthorn.email> Date: Fri, 13 Jan 2023 15:54:40 -0800 Subject: [PATCH] Avoid regex backtracking on If-None-Match header [CVE-2023-22795] SUSE: adapt for version 4.2.9 --- --- actionpack.orig/lib/action_dispatch/http/cache.rb 2023-01-27 09:58:44.763931562 +0100 +++ actionpack/lib/action_dispatch/http/cache.rb 2023-01-27 10:55:19.187279885 +0100 @@ -18,7 +18,7 @@ module ActionDispatch end def if_none_match_etags - (if_none_match ? if_none_match.split(/\s*,\s*/) : []).collect do |etag| + (if_none_match ? if_none_match.split(",").each(&:strip!) : []).collect do |etag| etag.gsub(/^\"|\"$/, "") end end
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
