Fix ReDoS vulnerability in Time.
Do not include the test case, as assert_linear_time was introduced in Ruby 2.7. Backported from: Ruby 2.7.8 Backported from the following commits:2cb830602f
e3f18f7d2e
Resolves: CVE-2023-28756
This commit is contained in:
parent
838b4276a7
commit
73cefa374b
@ -0,0 +1,41 @@
|
|||||||
|
From 71c37c29defeab2c98ad4291807efe12427a209f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
|
||||||
|
Date: Tue, 29 Nov 2022 16:22:15 +0900
|
||||||
|
Subject: [PATCH] Fix CVE-2023-28756 ReDoS vulnerability in Time.
|
||||||
|
|
||||||
|
Backported from: Ruby 2.7.8
|
||||||
|
Backported from the following commits:
|
||||||
|
https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
|
||||||
|
https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
|
||||||
|
|
||||||
|
Do not include the test case, as assert_linear_time was introduced in Ruby 2.7.
|
||||||
|
|
||||||
|
==== Original commit message(s)
|
||||||
|
|
||||||
|
Fix quadratic backtracking on invalid time
|
||||||
|
|
||||||
|
Make RFC2822 regexp linear
|
||||||
|
|
||||||
|
https://hackerone.com/reports/1485501
|
||||||
|
---
|
||||||
|
lib/time.rb | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/time.rb b/lib/time.rb
|
||||||
|
index eb46a03..cb6f1e4 100644
|
||||||
|
--- a/lib/time.rb
|
||||||
|
+++ b/lib/time.rb
|
||||||
|
@@ -474,8 +474,8 @@ class Time
|
||||||
|
(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s+
|
||||||
|
(\d{2,})\s+
|
||||||
|
(\d{2})\s*
|
||||||
|
- :\s*(\d{2})\s*
|
||||||
|
- (?::\s*(\d{2}))?\s+
|
||||||
|
+ :\s*(\d{2})
|
||||||
|
+ (?:\s*:\s*(\d\d))?\s+
|
||||||
|
([+-]\d{4}|
|
||||||
|
UT|GMT|EST|EDT|CST|CDT|MST|MDT|PST|PDT|[A-IK-Z])/ix =~ date
|
||||||
|
# Since RFC 2822 permit comments, the regexp has no right anchor.
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -224,6 +224,12 @@ Patch40: ruby-2.6.10-Fix-CVE-2022-28739-Buffer-overrun-in-str2float.patch
|
|||||||
# Backported from:
|
# Backported from:
|
||||||
# https://github.com/ruby/ruby/commit/6855779d580358a6a0b4c9ee06f20e7cae72955a
|
# https://github.com/ruby/ruby/commit/6855779d580358a6a0b4c9ee06f20e7cae72955a
|
||||||
Patch41: ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
|
Patch41: ruby-2.7.8-Fix-CVE-2023-28755-ReDos-vulnerability-in-URI.patch
|
||||||
|
# CVE-2023-28756 ReDoS vulnerability in Time.
|
||||||
|
# Tests not included as assert_linear_time was introduced in Ruby 2.7.
|
||||||
|
# Backported from:
|
||||||
|
# https://github.com/ruby/ruby/commit/2cb830602f52e7e76c6781115e7938b21f881c4f
|
||||||
|
# https://github.com/ruby/ruby/commit/e3f18f7d2e034f20053d7bf2fc7a50f8b7e1a27a
|
||||||
|
Patch42: ruby-2.7.8-Fix-CVE-2023-28756-ReDoS-vulnerability-in-Time.patch
|
||||||
|
|
||||||
|
|
||||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||||
@ -636,6 +642,7 @@ sed -i 's/"evaluation\/incorrect_words.yaml"\.freeze, //' \
|
|||||||
%patch39 -p1
|
%patch39 -p1
|
||||||
%patch40 -p1
|
%patch40 -p1
|
||||||
%patch41 -p1
|
%patch41 -p1
|
||||||
|
%patch42 -p1
|
||||||
|
|
||||||
# Provide an example of usage of the tapset:
|
# Provide an example of usage of the tapset:
|
||||||
cp -a %{SOURCE3} .
|
cp -a %{SOURCE3} .
|
||||||
@ -1195,6 +1202,8 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
|
|||||||
Resolves: CVE-2022-28739
|
Resolves: CVE-2022-28739
|
||||||
- Fix ReDoS vulnerability in URI.
|
- Fix ReDoS vulnerability in URI.
|
||||||
Resolves: CVE-2023-28755
|
Resolves: CVE-2023-28755
|
||||||
|
- Fix ReDoS vulnerability in Time.
|
||||||
|
Resolves: CVE-2023-28756
|
||||||
|
|
||||||
* Thu May 25 2023 Todd Zullinger <tmz@pobox.com> - 2.5.9-111
|
* Thu May 25 2023 Todd Zullinger <tmz@pobox.com> - 2.5.9-111
|
||||||
- Fix rdoc parsing of nil text tokens.
|
- Fix rdoc parsing of nil text tokens.
|
||||||
|
Loading…
Reference in New Issue
Block a user