https://bugs.ruby-lang.org/
https://bugs.ruby-lang.org/favicon.ico?1711330511
2015-12-21T15:01:39Z
Ruby Issue Tracking System
Ruby master - Bug #11855: CGI.escapeHTML and taint/frozen
https://bugs.ruby-lang.org/issues/11855?journal_id=55712
2015-12-21T15:01:39Z
k0kubun (Takashi Kokubun)
takashikkbn@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/5664">0001-Preserve-original-state-for-tainted-and-frozen.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/5664/0001-Preserve-original-state-for-tainted-and-frozen.patch">0001-Preserve-original-state-for-tainted-and-frozen.patch</a> added</li><li><strong>ruby -v</strong> changed from <i>ruby 2.3.0dev (2015-12-21 trunk 53230) [x86_64-darwin14]</i> to <i>ruby 2.3.0dev (2015-12-21 trunk 53230) [x86_64-darwin15]</i></li></ul><p>ご報告ありがとうございます。修正パッチを書きました。</p>
<p><a href="https://github.com/ruby/ruby/pull/1166" class="external">https://github.com/ruby/ruby/pull/1166</a></p>
Ruby master - Bug #11855: CGI.escapeHTML and taint/frozen
https://bugs.ruby-lang.org/issues/11855?journal_id=55716
2015-12-21T20:40:13Z
nobu (Nobuyoshi Nakada)
nobu@ruby-lang.org
<ul><li><strong>Status</strong> changed from <i>Open</i> to <i>Closed</i></li></ul><p>Applied in changeset r53233.</p>
<hr>
<p>escape.c: Preserve original state</p>
<ul>
<li>ext/cgi/escape/escape.c (preserve_original_state): Preserve<br>
original state for tainted and frozen. [Fix GH-1166]<br>
<a href="/issues/11855">[ruby-dev:49451]</a> [Bug <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: CGI.escapeHTML and taint/frozen (Closed)" href="https://bugs.ruby-lang.org/issues/11855">#11855</a>]</li>
</ul>
Ruby master - Bug #11855: CGI.escapeHTML and taint/frozen
https://bugs.ruby-lang.org/issues/11855?journal_id=56868
2016-02-03T10:44:51Z
usa (Usaku NAKAMURA)
usa@garbagecollect.jp
<ul><li><strong>Backport</strong> changed from <i>2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN</i> to <i>2.0.0: DONTNEED, 2.1: DONTNEED, 2.2: DONTNEED</i></li></ul>