From 3dce6f73d14f5fad6d9b302393fd02df48797b11 Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Fri, 30 Dec 2022 14:32:05 +0900
Subject: [PATCH] Make RFC2822 regexp linear

https://hackerone.com/reports/1485501
---
 lib/time.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/time.rb b/lib/time.rb
index 2c85f94..6a13212 100644
--- a/lib/time.rb
+++ b/lib/time.rb
@@ -510,7 +510,7 @@ class Time
           (\d{2,})\s+
           (\d{2})\s*
           :\s*(\d{2})
-          (?:\s*:\s*(\d{2}))?\s+
+          (?:\s*:\s*(\d\d))?\s+
           ([+-]\d{4}|
            UT|GMT|EST|EDT|CST|CDT|MST|MDT|PST|PDT|[A-IK-Z])/ix =~ date
         # Since RFC 2822 permit comments, the regexp has no right anchor.
-- 
2.33.0