diff options
| author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-11-26 10:22:10 +0000 |
|---|---|---|
| committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-11-26 10:22:10 +0000 |
| commit | 3c132baed3d494c0ef50687c6bd5adb7d5ec6d2e (patch) | |
| tree | 1bdd0c4e878b2c02d510e6489ec555ab18d744c7 | |
| parent | ff02cef124b6a8ecef2cb148e48de67423489aba (diff) | |
backport CVE-2006-5467 fix.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@11309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | lib/cgi.rb | 2 | ||||
| -rw-r--r-- | version.h | 8 |
3 files changed, 10 insertions, 5 deletions
@@ -3,6 +3,11 @@ Sun Nov 26 16:36:46 2006 URABE Shyouhei <shyouhei@ruby-lang.org> * version.h: addition of RUBY_PATCHLEVEL. * version.c: ditto. +Sat Sep 23 21:34:15 2006 Yukihiro Matsumoto <matz@ruby-lang.org> + + * lib/cgi.rb (CGI::QueryExtension::read_multipart): CGI content + may be empty. a patch from Jamis Buck <jamis at 37signals.com>. + Fri Aug 25 17:15:17 2006 Yukihiro Matsumoto <matz@ruby-lang.org> * stable version 1.8.5 released. diff --git a/lib/cgi.rb b/lib/cgi.rb index 1598df89f2..7303cccdbe 100644 --- a/lib/cgi.rb +++ b/lib/cgi.rb @@ -1018,7 +1018,7 @@ class CGI else stdinput.read(content_length) end - if c.nil? + if c.nil? || c.empty? raise EOFError, "bad content body" end buf.concat(c) @@ -1,15 +1,15 @@ #define RUBY_VERSION "1.8.5" #define RUBY_RELEASE_DATE "2006-11-26" #define RUBY_VERSION_CODE 185 -#define RUBY_RELEASE_CODE 20060825 -#define RUBY_PATCHLEVEL 0 +#define RUBY_RELEASE_CODE 20061126 +#define RUBY_PATCHLEVEL 1 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 #define RUBY_VERSION_TEENY 5 #define RUBY_RELEASE_YEAR 2006 -#define RUBY_RELEASE_MONTH 8 -#define RUBY_RELEASE_DAY 25 +#define RUBY_RELEASE_MONTH 11 +#define RUBY_RELEASE_DAY 26 RUBY_EXTERN const char ruby_version[]; RUBY_EXTERN const char ruby_release_date[]; |