Hi,
A regression in the latest ruby2.7 update was found by a Ubuntu user and
reported here:
https://bugs.launchpad.net/ubuntu/+source/ruby2.7/+bug/2097527
Since we addressed the same CVEs in our latest update, I tried to
reproduce this with it, and we are also impacted:
(bullseye-amd64-sbuild)root@atena:~# dpkg -l | grep ruby2.7
ii libruby2.7:amd64 2.7.4-1+deb11u3 amd64 Libraries
necessary to run Ruby 2.7
ii ruby2.7 2.7.4-1+deb11u3 amd64 Interpreter
of object-oriented scripting language Ruby
(bullseye-amd64-sbuild)root@atena:~# ruby -r rexml/document -e
'REXML::Document.new(%(<?xml version="1.0"?><html
xmlns="http://www.w3.org/1999/xhtml"; xml:lang="ja" lang="ja"></html>))'
Traceback (most recent call last):
7: from -e:1:in `<main>'
6: from -e:1:in `new'
5: from /usr/lib/ruby/2.7.0/rexml/document.rb:45:in `initialize'
4: from /usr/lib/ruby/2.7.0/rexml/document.rb:288:in `build'
3: from /usr/lib/ruby/2.7.0/rexml/parsers/treeparser.rb:23:in `parse'
2: from /usr/lib/ruby/2.7.0/rexml/parsers/baseparser.rb:209:in `pull'
1: from /usr/lib/ruby/2.7.0/rexml/parsers/baseparser.rb:432:in
`pull_event'
/usr/lib/ruby/2.7.0/rexml/parsers/baseparser.rb:748:in
`parse_attributes': Namespace conflict in adding attribute "lang":
Prefix "xml" = "" and prefix "" = "" (REXML::ParseException)
Line: 1
Position: 88
Last 80 unconsumed characters:
>
The fix for the above seems straightforward. This is the patch applied
by Ubuntu:
https://pastebin.ubuntu.com/p/VCvB6DrHnm/
<https://pastebin.ubuntu.com/p/VCvB6DrHnm/>
Bastien, I'd like to know if you want to follow-up on that since you
released this DLA. Otherwise, I can release the fix for this regression.
Cheers
--
Lucas Kanashiro
