rpms/rubygem-actionpack/F-10 rubygem-actionpack-2.1.x-CVE-2009-3009.patch, NONE, 1.1 rubygem-actionpack.spec, 1.7, 1.8

[Mamoru Tasaka]

Author: mtasaka

Update of /cvs/extras/rpms/rubygem-actionpack/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv5879

Modified Files:
	rubygem-actionpack.spec 
Added Files:
	rubygem-actionpack-2.1.x-CVE-2009-3009.patch 
Log Message:
* Mon Sep 21 2009 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2.1.1-3
- Patch for CVE-2009-3009 (bug 520843)


rubygem-actionpack-2.1.x-CVE-2009-3009.patch:
 tag_helper.rb |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

--- NEW FILE rubygem-actionpack-2.1.x-CVE-2009-3009.patch ---
>From 9af2823b32e001358babde7644e5cc1c0ec29d6e Mon Sep 17 00:00:00 2001
From: Michael Koziarski <michael at koziarski.com>
Date: Mon, 31 Aug 2009 12:07:30 -0700
Subject: [PATCH] Clean tag attributes before passing through the escape_once logic.

Addresses CVE-2009-3009
---
 actionpack/lib/action_view/helpers/tag_helper.rb |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/actionpack/lib/action_view/helpers/tag_helper.rb b/actionpack/lib/action_view/helpers/tag_helper.rb
index ba43b5e..623b8f7 100644
--- a/actionpack/lib/action_view/helpers/tag_helper.rb
+++ b/actionpack/lib/action_view/helpers/tag_helper.rb
@@ -101,7 +101,7 @@ module ActionView
       #   escape_once("<< Accept & Checkout")
       #   # => "<< Accept & Checkout"
       def escape_once(html)
-        html.to_s.gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
+        ActiveSupport::Multibyte.clean(html.to_s).gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
       end
 
       private
-- 
1.6.0.1



Index: rubygem-actionpack.spec
===================================================================
RCS file: /cvs/extras/rpms/rubygem-actionpack/F-10/rubygem-actionpack.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -p -r1.7 -r1.8
--- rubygem-actionpack.spec	27 Feb 2009 15:56:19 -0000	1.7
+++ rubygem-actionpack.spec	20 Sep 2009 19:54:09 -0000	1.8
@@ -7,12 +7,14 @@
 Summary: Web-flow and rendering framework putting the VC in MVC
 Name: rubygem-%{gemname}
 Version: 2.1.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 Group: Development/Languages
 License: MIT
 URL: http://www.rubyonrails.org
 Source0: http://gems.rubyforge.org/gems/%{gemname}-%{version}.tgz
 Patch1: rubygem-actionpack-2.1.2-CVE-2008-5189.patch
+# http://weblog.rubyonrails.org/2009/9/4/xss-vulnerability-in-ruby-on-rails
+Patch2: rubygem-actionpack-2.1.x-CVE-2009-3009.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: rubygems
 Requires: rubygem(activesupport) = %{version}
@@ -30,6 +32,7 @@ unit/integration testing that doesn't re
 %prep
 %setup -q -n %{gemname}-%{version}
 %patch1 -p2
+%patch2 -p2
 
 %build
 rake gem
@@ -62,6 +65,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Mon Sep 21 2009 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2.1.1-3
+- Patch for CVE-2009-3009 (bug 520843)
+
 * Thu Feb 26 2009 Jeroen van Meeuwen <kanarip at fedoraproject.org> - 2.1.1-2
 - Fix CVE-2008-5189