diff options
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch | 102 |
1 files changed, 0 insertions, 102 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch deleted file mode 100644 index b78a74a4b5..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch +++ /dev/null @@ -1,102 +0,0 @@ -From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001 -From: Shugo Maeda <shugo@ruby-lang.org> -Date: Tue, 11 May 2021 10:31:27 +0900 -Subject: [PATCH] Fix StartTLS stripping vulnerability - -This fixes CVE-2021-32066. -Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>. - -CVE: CVE-2021-32066 - -Upstream-Status: Backport -[https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/net/imap.rb | 8 +++++++- - test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++ - 2 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/lib/net/imap.rb b/lib/net/imap.rb -index 505b4c8950..d45304f289 100644 ---- a/lib/net/imap.rb -+++ b/lib/net/imap.rb -@@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd) - end - resp = @tagged_responses.delete(tag) - case resp.name -+ when /\A(?:OK)\z/ni -+ return resp - when /\A(?:NO)\z/ni - raise NoResponseError, resp - when /\A(?:BAD)\z/ni - raise BadResponseError, resp - else -- return resp -+ raise UnknownResponseError, resp - end - end - -@@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError - class ByeResponseError < ResponseError - end - -+ # Error raised upon an unknown response from the server. -+ class UnknownResponseError < ResponseError -+ end -+ - RESPONSE_ERRORS = Hash.new(ResponseError) - RESPONSE_ERRORS["NO"] = NoResponseError - RESPONSE_ERRORS["BAD"] = BadResponseError -diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb -index 8b924b524e..85fb71d440 100644 ---- a/test/net/imap/test_imap.rb -+++ b/test/net/imap/test_imap.rb -@@ -127,6 +127,16 @@ def test_starttls - imap.disconnect - end - end -+ -+ def test_starttls_stripping -+ starttls_stripping_test do |port| -+ imap = Net::IMAP.new("localhost", :port => port) -+ assert_raise(Net::IMAP::UnknownResponseError) do -+ imap.starttls(:ca_file => CA_FILE) -+ end -+ imap -+ end -+ end - end - - def start_server -@@ -834,6 +844,27 @@ def starttls_test - end - end - -+ def starttls_stripping_test -+ server = create_tcp_server -+ port = server.addr[1] -+ start_server do -+ sock = server.accept -+ begin -+ sock.print("* OK test server\r\n") -+ sock.gets -+ sock.print("RUBY0001 BUG unhandled command\r\n") -+ ensure -+ sock.close -+ server.close -+ end -+ end -+ begin -+ imap = yield(port) -+ ensure -+ imap.disconnect if imap && !imap.disconnected? -+ end -+ end -+ - def create_tcp_server - return TCPServer.new(server_addr, 0) - end --- -2.25.1 - |