rubygem-rack/Fix-CVE-2025-27111.patch

From 803aa221e8302719715e224f4476e438f2531a53 Mon Sep 17 00:00:00 2001
From: Samuel Williams <samuel.williams@oriontransfer.co.nz>
Date: Sat, 22 Feb 2025 16:37:33 +1300
Subject: [PATCH] Use `#inspect` to prevent log injection.
---
 lib/rack/sendfile.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/rack/sendfile.rb b/lib/rack/sendfile.rb
index 3d5e786..0b7b2f2 100644
--- a/lib/rack/sendfile.rb
+++ b/lib/rack/sendfile.rb
@@ -133,7 +133,7 @@ module Rack
           end
         when '', nil
         else
-          env[RACK_ERRORS].puts "Unknown x-sendfile variation: '#{type}'.\n"
+          env[RACK_ERRORS].puts "Unknown x-sendfile variation: #{type.inspect}"
         end
       end
       [status, headers, body]
-- 
2.46.0
fix CVE-2025-27111 (cherry picked from commit 60f1bf643e3e170ea07ef2962e4a3566e02092de) 2025-02-18 20:52:18 +08:00			`From 803aa221e8302719715e224f4476e438f2531a53 Mon Sep 17 00:00:00 2001`
			`From: Samuel Williams <samuel.williams@oriontransfer.co.nz>`
			`Date: Sat, 22 Feb 2025 16:37:33 +1300`
			Subject: [PATCH] Use `#inspect` to prevent log injection.
			`---`
			`lib/rack/sendfile.rb \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/lib/rack/sendfile.rb b/lib/rack/sendfile.rb`
			`index 3d5e786..0b7b2f2 100644`
			`--- a/lib/rack/sendfile.rb`
			`+++ b/lib/rack/sendfile.rb`
			`@@ -133,7 +133,7 @@ module Rack`
			`end`
			`when '', nil`
			`else`
			`- env[RACK_ERRORS].puts "Unknown x-sendfile variation: '#{type}'.\n"`
			`+ env[RACK_ERRORS].puts "Unknown x-sendfile variation: #{type.inspect}"`
			`end`
			`end`
			`[status, headers, body]`
			`--`
			`2.46.0`