rpms/rubygem-actionpack/F-11 rubygem-actionpack-2.3.x-CVE-2009-4214.patch, NONE, 1.1 rubygem-actionpack.spec, 1.13, 1.14

David Lutterkort lutter at fedoraproject.org
Fri Dec 11 00:10:36 UTC 2009 

Author: lutter

Update of /cvs/pkgs/rpms/rubygem-actionpack/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv4795

Modified Files:
	rubygem-actionpack.spec 
Added Files:
	rubygem-actionpack-2.3.x-CVE-2009-4214.patch 
Log Message:
Patch for CVE-2009-4214 (bz 542786)

rubygem-actionpack-2.3.x-CVE-2009-4214.patch:
 lib/action_controller/vendor/html-scanner/html/node.rb |    2 +-
 test/controller/html-scanner/sanitizer_test.rb         |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

--- NEW FILE rubygem-actionpack-2.3.x-CVE-2009-4214.patch ---
>From bfe032858077bb2946abe25e95e485ba6da86bd5 Mon Sep 17 00:00:00 2001
From: Gabe da Silveira <gabe at websaviour.com>
Date: Mon, 16 Nov 2009 21:17:35 -0800
Subject: [PATCH] Make sure strip_tags removes tags which start with a non-printable character

Signed-off-by: Michael Koziarski <michael at koziarski.com>
---
 .../vendor/html-scanner/html/node.rb               |    2 +-
 .../test/controller/html-scanner/sanitizer_test.rb |    1 +
 2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
index 6c03316..0cd05d8 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
@@ -162,7 +162,7 @@ module HTML #:nodoc:
           end
           
           closing = ( scanner.scan(/\//) ? :close : nil )
-          return Text.new(parent, line, pos, content) unless name = scanner.scan(/[\w:-]+/)
+          return Text.new(parent, line, pos, content) unless name = scanner.scan(/[-:\w\x00-\x09\x0b-\x0c\x0e-\x1f]+/)
           name.downcase!
   
           unless closing
diff --git a/actionpack/test/controller/html-scanner/sanitizer_test.rb b/actionpack/test/controller/html-scanner/sanitizer_test.rb
index e85a5c7..1923544 100644
--- a/actionpack/test/controller/html-scanner/sanitizer_test.rb
+++ b/actionpack/test/controller/html-scanner/sanitizer_test.rb
@@ -19,6 +19,7 @@ class SanitizerTest < ActionController::TestCase
     assert_equal "This has a  here.", sanitizer.sanitize("This has a <!-- comment --> here.")
     assert_equal "This has a  here.", sanitizer.sanitize("This has a <![CDATA[<section>]]> here.")
     assert_equal "This has an unclosed ", sanitizer.sanitize("This has an unclosed <![CDATA[<section>]] here...")
+    assert_equal "non printable char is a tag", sanitizer.sanitize("<\x07a href='/hello'>non printable char is a tag</a>")
     [nil, '', '   '].each { |blank| assert_equal blank, sanitizer.sanitize(blank) }
   end
 
-- 
1.6.0.1



Index: rubygem-actionpack.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rubygem-actionpack/F-11/rubygem-actionpack.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -p -r1.13 -r1.14
--- rubygem-actionpack.spec	21 Oct 2009 14:36:10 -0000	1.13
+++ rubygem-actionpack.spec	11 Dec 2009 00:10:36 -0000	1.14
@@ -8,7 +8,7 @@ Summary:        Web-flow and rendering f
 Name:           rubygem-%{gemname}
 Epoch:          1
 Version:        2.3.2
-Release:        3%{?dist}
+Release:        4%{?dist}
 Group:          Development/Languages
 License:        MIT
 URL:            http://www.rubyonrails.org
@@ -17,6 +17,7 @@ Patch0:         rubygem-actionpack-2.3.x
 # Ticket #2200 upstream. see also:
 # https://rails.lighthouseapp.com/projects/8994/tickets/2200-session-support-broken#ticket-2200-23
 Patch1:         rubygem-actionpack-2.3.2-fix-reset_session.patch
+Patch2:         rubygem-actionpack-2.3.x-CVE-2009-4214.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires:       rubygems
 Requires:       rubygem(activesupport) = %{version}
@@ -42,6 +43,7 @@ gem install --local --install-dir %{buil
 pushd %{buildroot}%{geminstdir}
 patch -s -p2 < %{PATCH0}
 patch -s -p2 < %{PATCH1}
+patch -s -p2 < %{PATCH2}
 popd
 
 # Remove backup files
@@ -80,6 +82,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Thu Dec 10 2009 David Lutterkort <lutter at redhat.com> - 1:2.3.2-4
+- Patch for CVE-2009-4214 (bz 542786)
+
 * Wed Oct 21 2009 Jeroen van Meeuwen <j.van.meeuwen at ogd.nl> - 1:2.3.2-3
 - Fix activerecord test for reset_session (#2200 upstream)

More information about the fedora-extras-commits mailing list