Backport webrick patch for CVE-2020-25613

[Backport #17201]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67893 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 9 insertions, 9 deletions

diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index b40bcb0d57..5cf5844caf 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -226,9 +226,9 @@ module WEBrick
         raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
       end
 
-      if /close/io =~ self["connection"]
+      if /\Aclose\z/io =~ self["connection"]
         @keep_alive = false
-      elsif /keep-alive/io =~ self["connection"]
+      elsif /\Akeep-alive\z/io =~ self["connection"]
         @keep_alive = true
       elsif @http_version < "1.1"
         @keep_alive = false
@@ -475,7 +475,7 @@ module WEBrick
       return unless socket
       if tc = self['transfer-encoding']
         case tc
-        when /chunked/io then read_chunked(socket, block)
+        when /\Achunked\z/io then read_chunked(socket, block)
         else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
         end
       elsif self['content-length'] || @remaining_size
diff --git a/lib/webrick/version.rb b/lib/webrick/version.rb
index ee6b415eef..839afb151d 100644
--- a/lib/webrick/version.rb
+++ b/lib/webrick/version.rb
@@ -14,5 +14,5 @@ module WEBrick
   ##
   # The WEBrick version
 
-  VERSION      = "1.4.2"
+  VERSION      = "1.4.2.1"
 end
diff --git a/version.h b/version.h
index 818752f4d2..4239637fe4 100644
--- a/version.h
+++ b/version.h
@@ -1,10 +1,10 @@
 #define RUBY_VERSION "2.5.9"
-#define RUBY_RELEASE_DATE "2020-12-09"
-#define RUBY_PATCHLEVEL 227
+#define RUBY_RELEASE_DATE "2021-02-16"
+#define RUBY_PATCHLEVEL 228
 
-#define RUBY_RELEASE_YEAR 2020
-#define RUBY_RELEASE_MONTH 12
-#define RUBY_RELEASE_DAY 9
+#define RUBY_RELEASE_YEAR 2021
+#define RUBY_RELEASE_MONTH 2
+#define RUBY_RELEASE_DAY 16
 
 #include "ruby/version.h"