dev-ruby/redcloth/files/redcloth-4.3.2-cve-2023-31606-2.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

From 7429f32bdac4fccf9f5ab702afc9c47092a7b3df Mon Sep 17 00:00:00 2001
From: Kornelius Kalnbach <murphy@rubychan.de>
Date: Thu, 29 Jun 2023 00:31:50 +0200
Subject: [PATCH] simplify fix

---
 lib/redcloth/formatters/html.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/redcloth/formatters/html.rb b/lib/redcloth/formatters/html.rb
index aaeae34..396c2d0 100644
--- a/lib/redcloth/formatters/html.rb
+++ b/lib/redcloth/formatters/html.rb
@@ -324,7 +324,7 @@ def before_transform(text)
   # Clean unauthorized tags.
   def clean_html( text, allowed_tags = BASIC_TAGS )
     text.gsub!( /<!\[CDATA\[/, '' )
-    text.gsub!( /<(\/*)(?>[A-Za-z]\w*)([^>]*?)(\s?\/?)>/ ) do |m|
+    text.gsub!( /<(\/*)([A-Za-z]\w*+)([^>]*?)(\s?\/?)>/ ) do |m|
       raw = $~
       tag = raw[2].downcase
       if allowed_tags.has_key? tag