From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ruby-core-bounces@ruby-lang.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-Status: No, score=-3.8 required=3.0 tests=AWL,BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	SPF_HELO_NONE,SPF_PASS,UNPARSEABLE_RELAY shortcircuit=no autolearn=ham
	autolearn_force=no version=3.4.2
Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75])
	by dcvr.yhbt.net (Postfix) with ESMTP id 4CDFF1F4B4
	for <normalperson@yhbt.net>; Sun, 31 Jan 2021 09:57:09 +0000 (UTC)
Received: from neon.ruby-lang.org (localhost [IPv6:::1])
	by neon.ruby-lang.org (Postfix) with ESMTP id DA8741209F2;
	Sun, 31 Jan 2021 18:56:16 +0900 (JST)
Received: from xtrwkhkc.outbound-mail.sendgrid.net
 (xtrwkhkc.outbound-mail.sendgrid.net [167.89.16.28])
 by neon.ruby-lang.org (Postfix) with ESMTPS id 68A74120959
 for <ruby-core@ruby-lang.org>; Sun, 31 Jan 2021 18:56:15 +0900 (JST)
Received: by filterdrecv-p3las1-598b7f99cd-kpdlb with SMTP id
 filterdrecv-p3las1-598b7f99cd-kpdlb-19-60167EF0-2E
 2021-01-31 09:57:04.886540686 +0000 UTC m=+210213.185018600
Received: from herokuapp.com (unknown) by ismtpd0040p1iad2.sendgrid.net (SG)
 with ESMTP id mGmx65sNQH2omsk4HaCM4w for <ruby-core@ruby-lang.org>;
 Sun, 31 Jan 2021 09:57:04.763 +0000 (UTC)
Date: Sun, 31 Jan 2021 09:57:04 +0000 (UTC)
From: usa@garbagecollect.jp
Message-ID: <redmine.journal-90192.20210131095704.572@ruby-lang.org>
References: <redmine.issue-17201.20200929090807.572@ruby-lang.org>
Mime-Version: 1.0
X-Redmine-MailingListIntegration-Message-Ids: 78250
X-Redmine-Project: ruby-master
X-Redmine-Issue-Tracker: Bug
X-Redmine-Issue-Id: 17201
X-Redmine-Issue-Author: hsbt
X-Redmine-Sender: usa
X-Mailer: Redmine
X-Redmine-Host: bugs.ruby-lang.org
X-Redmine-Site: Ruby Issue Tracking System
X-Auto-Response-Suppress: All
Auto-Submitted: auto-generated
X-SG-EID: =?us-ascii?Q?9Ij0W+xF+66shKwcOf8RvdqxJGkEJjaCZuueI4cieuCrsPE9X2o2M6ZatQka=2Fa?=
 =?us-ascii?Q?p0aMmG1RtzdG2NsStBknWXbX+9kMGerknN6N08D?=
 =?us-ascii?Q?h4YTVa5UKjH4AcK+qMsuByAKddiN9hRQ0K=2FWawD?=
 =?us-ascii?Q?TGnsTG7OT6nH9ZGfgVGhQ1ageuovPpwvFRP11gx?=
 =?us-ascii?Q?CYhPQ5WIjKck3U2eQLU9TJtUglDJJLR1PCxXdqK?=
 =?us-ascii?Q?GqVYWCXxvWTpsTt2M=3D?=
To: ruby-core@ruby-lang.org
X-Entity-ID: b/2+PoftWZ6GuOu3b0IycA==
X-ML-Name: ruby-core
X-Mail-Count: 102332
Subject: [ruby-core:102332] [Ruby master Bug#17201] Backport webrick patch
	for CVE-2020-25613
X-BeenThere: ruby-core@ruby-lang.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Ruby developers <ruby-core@ruby-lang.org>
List-Id: Ruby developers <ruby-core.ruby-lang.org>
List-Unsubscribe: <https://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>, 
 <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
List-Post: <mailto:ruby-core@ruby-lang.org>
List-Help: <mailto:ruby-core-request@ruby-lang.org?subject=help>
List-Subscribe: <https://lists.ruby-lang.org/cgi-bin/mailman/listinfo/ruby-core>, 
 <mailto:ruby-core-request@ruby-lang.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ruby-core-bounces@ruby-lang.org
Sender: "ruby-core" <ruby-core-bounces@ruby-lang.org>

Issue #17201 has been updated by usa (Usaku NAKAMURA).

Backport changed from 2.5: REQUIRED, 2.6: REQUIRED, 2.7: DONE to 2.5: REQUIRED, 2.6: DONE, 2.7: DONE

backported at r67892 for ruby_2_6

----------------------------------------
Bug #17201: Backport webrick patch for CVE-2020-25613
https://bugs.ruby-lang.org/issues/17201#change-90192

* Author: hsbt (Hiroshi SHIBATA)
* Status: Closed
* Priority: Normal
* Backport: 2.5: REQUIRED, 2.6: DONE, 2.7: DONE
----------------------------------------
I created the patch sets for Ruby 2.5, 2.6 and 2.7 for CVE-2020-25613

---Files--------------------------------
ruby_2_7_webrick_1_6_1.patch (1.95 KB)
ruby_2_6_webrick_1_4_4.patch (2.94 KB)
ruby_2_5_webrick.patch (1.26 KB)


-- 
https://bugs.ruby-lang.org/