Overview

File rubygem-rack-CVE-2022-44571.patch of Package rubygem-rack.27576

Index: rack-1.6.13/lib/rack/multipart.rb
===================================================================
--- rack-1.6.13.orig/lib/rack/multipart.rb
+++ rack-1.6.13/lib/rack/multipart.rb
@@ -17,7 +17,7 @@ module Rack
     VALUE = /"(?:\\"|[^"])*"|#{TOKEN}/
     BROKEN = /^#{CONDISP}.*;\s*filename=(#{VALUE})/i
     MULTIPART_CONTENT_TYPE = /Content-Type: (.*)#{EOL}/ni
-    MULTIPART_CONTENT_DISPOSITION = /Content-Disposition:.*\s+name="?([^\";]*)"?/ni
+    MULTIPART_CONTENT_DISPOSITION = /Content-Disposition:[^:]*\s+name="?([^\";]*)"?/ni
     MULTIPART_CONTENT_ID = /Content-ID:\s*([^#{EOL}]*)/ni
 
     class << self
openSUSE Build Service is sponsored by
Places