diff options
Diffstat (limited to 'lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb')
-rw-r--r-- | lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb b/lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb deleted file mode 100644 index c4144cc9942..00000000000 --- a/lang/ruby200-base/patches/patch-lib_rubygems_remote__fetcher.rb +++ /dev/null @@ -1,21 +0,0 @@ -$NetBSD: patch-lib_rubygems_remote__fetcher.rb,v 1.1 2015/06/23 14:03:02 taca Exp $ - -Fix for CVE-2015-3900. - ---- lib/rubygems/remote_fetcher.rb.orig 2013-10-24 14:31:17.000000000 +0000 -+++ lib/rubygems/remote_fetcher.rb -@@ -103,7 +103,13 @@ class Gem::RemoteFetcher - rescue Resolv::ResolvError - uri - else -- URI.parse "#{res.target}#{uri.path}" -+ target = res.target.to_s.strip -+ -+ if /\.#{Regexp.quote(host)}\z/ =~ target -+ return URI.parse "#{uri.scheme}://#{target}#{uri.path}" -+ end -+ -+ uri - end - end - |