File rubygem-rack-CVE-2022-30123.patch of Package rubygem-rack.32804

Index: rack-2.0.8/lib/rack/common_logger.rb
===================================================================
--- rack-2.0.8.orig/lib/rack/common_logger.rb
+++ rack-2.0.8/lib/rack/common_logger.rb
@@ -54,6 +54,8 @@ module Rack
         length,
         now - began_at ]
 
+      msg.gsub!(/[^[:print:]\n]/) { |c| "\\x#{c.ord}" }
+
       logger = @logger || env[RACK_ERRORS]
       # Standard library logger doesn't support write but it supports << which actually
       # calls to write on the log device without formatting

Places

File rubygem-rack-CVE-2022-30123.patch of Package rubygem-rack.32804

Places