[DRE-commits] [SCM] ruby-actionpack-3.2.git branch, master, updated. debian/3.2.6-3-3-g95bfdc7
Antonio Terceiro
terceiro at debian.org
Fri Aug 10 17:20:02 UTC 2012
The following commit has been merged in the master branch:
commit 95bfdc7ff42f78568513e4509ffc61f26ad8fcff
Author: Antonio Terceiro <terceiro at debian.org>
Date: Fri Aug 10 13:32:05 2012 -0300
Fix filenames / remove test file changes
(no test files in the Debian package)
diff --git a/debian/changelog b/debian/changelog
index f2636a2..1d1defa 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,10 @@ ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high
+ CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag
prompt
+ CVE-2012-3465 - XSS Vulnerability in strip_tags
+ + Both patches were edited from their original versions in two ways:
+ - the leading a/ and b/ from the filenames were stripped
+ - changes over test files were removed, since the Debian package
+ contains no test files.
-- Antonio Terceiro <terceiro at debian.org> Fri, 10 Aug 2012 13:08:08 -0300
diff --git a/debian/patches/CVE-2012-3463.patch b/debian/patches/CVE-2012-3463.patch
index 9aa6962..356f8d0 100644
--- a/debian/patches/CVE-2012-3463.patch
+++ b/debian/patches/CVE-2012-3463.patch
@@ -5,13 +5,12 @@ Subject: [PATCH] escape select_tag :prompt values
---
actionpack/lib/action_view/helpers/form_tag_helper.rb | 4 ++--
- actionpack/test/template/form_tag_helper_test.rb | 6 ++++++
2 files changed, 8 insertions(+), 2 deletions(-)
-diff --git a/actionpack/lib/action_view/helpers/form_tag_helper.rb b/actionpack/lib/action_view/helpers/form_tag_helper.rb
+diff --git actionpack/lib/action_view/helpers/form_tag_helper.rb actionpack/lib/action_view/helpers/form_tag_helper.rb
index 066b98d..9e0ec17 100644
---- a/actionpack/lib/action_view/helpers/form_tag_helper.rb
-+++ b/actionpack/lib/action_view/helpers/form_tag_helper.rb
+--- actionpack/lib/action_view/helpers/form_tag_helper.rb
++++ actionpack/lib/action_view/helpers/form_tag_helper.rb
@@ -122,11 +122,11 @@ module ActionView
html_name = (options[:multiple] == true && !name.to_s.ends_with?("[]")) ? "#{name}[]" : name
@@ -26,23 +25,6 @@ index 066b98d..9e0ec17 100644
end
content_tag :select, option_tags, { "name" => html_name, "id" => sanitize_to_id(name) }.update(options.stringify_keys)
-diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb
-index 68dfcee..6f0d0c3 100644
---- a/actionpack/test/template/form_tag_helper_test.rb
-+++ b/actionpack/test/template/form_tag_helper_test.rb
-@@ -208,6 +208,12 @@ class FormTagHelperTest < ActionView::TestCase
- assert_dom_equal expected, actual
- end
-
-+ def test_select_tag_escapes_prompt
-+ actual = select_tag "places", "<option>Home</option><option>Work</option><option>Pub</option>".html_safe, :prompt => "<script>alert(1337)</script>"
-+ expected = %(<select id="places" name="places"><option value=""><script>alert(1337)</script></option><option>Home</option><option>Work</option><option>Pub</option></select>)
-+ assert_dom_equal expected, actual
-+ end
-+
- def test_select_tag_with_prompt_and_include_blank
- actual = select_tag "places", "<option>Home</option><option>Work</option><option>Pub</option>".html_safe, :prompt => "string", :include_blank => true
- expected = %(<select name="places" id="places"><option value="">string</option><option value=""></option><option>Home</option><option>Work</option><option>Pub</option></select>)
--
1.7.11.1
diff --git a/debian/patches/CVE-2012-3465.patch b/debian/patches/CVE-2012-3465.patch
index a0cee93..2d583d9 100644
--- a/debian/patches/CVE-2012-3465.patch
+++ b/debian/patches/CVE-2012-3465.patch
@@ -6,13 +6,12 @@ Subject: [PATCH] Do not mark strip_tags result as html_safe
Thanks to Marek Labos & Nethemba
---
actionpack/lib/action_view/helpers/sanitize_helper.rb | 2 +-
- actionpack/test/template/sanitize_helper_test.rb | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
-diff --git a/actionpack/lib/action_view/helpers/sanitize_helper.rb b/actionpack/lib/action_view/helpers/sanitize_helper.rb
+diff --git actionpack/lib/action_view/helpers/sanitize_helper.rb actionpack/lib/action_view/helpers/sanitize_helper.rb
index 7768c8c..0f6a5ed 100644
---- a/actionpack/lib/action_view/helpers/sanitize_helper.rb
-+++ b/actionpack/lib/action_view/helpers/sanitize_helper.rb
+--- actionpack/lib/action_view/helpers/sanitize_helper.rb
++++ actionpack/lib/action_view/helpers/sanitize_helper.rb
@@ -80,7 +80,7 @@ module ActionView
# strip_tags("<div id='top-bar'>Welcome to my website!</div>")
# # => Welcome to my website!
@@ -22,22 +21,6 @@ index 7768c8c..0f6a5ed 100644
end
# Strips all link tags from +text+ leaving just the link text.
-diff --git a/actionpack/test/template/sanitize_helper_test.rb b/actionpack/test/template/sanitize_helper_test.rb
-index 222d4db..cc93b53 100644
---- a/actionpack/test/template/sanitize_helper_test.rb
-+++ b/actionpack/test/template/sanitize_helper_test.rb
-@@ -42,9 +42,9 @@ class SanitizeHelperTest < ActionView::TestCase
- [nil, '', ' '].each do |blank|
- stripped = strip_tags(blank)
- assert_equal blank, stripped
-- assert stripped.html_safe? unless blank.nil?
- end
-- assert strip_tags("<script>").html_safe?
-+ assert_equal "", strip_tags("<script>")
-+ assert_equal "something <img onerror=alert(1337)", ERB::Util.html_escape(strip_tags("something <img onerror=alert(1337)"))
- end
-
- def test_sanitize_is_marked_safe
--
1.7.11.1
--
ruby-actionpack-3.2.git
More information about the Pkg-ruby-extras-commits
mailing list