From 47e9c578da69e989ac204d497e73195e8d278ad7 Mon Sep 17 00:00:00 2001
From: changtao <changtao@kylinos.cn>
Date: Sun, 19 Jan 2025 21:42:41 +0800
Subject: [PATCH] fix CVE-2025-27610

---
 CVE-2025-27610.patch | 28 ++++++++++++++++++++++++++++
 rubygem-rack.spec    |  9 ++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-27610.patch

diff --git a/CVE-2025-27610.patch b/CVE-2025-27610.patch
new file mode 100644
index 0000000..d2abf1d
--- /dev/null
+++ b/CVE-2025-27610.patch
@@ -0,0 +1,28 @@
+From 50caab74fa01ee8f5dbdee7bb2782126d20c6583 Mon Sep 17 00:00:00 2001
+From: Samuel Williams <samuel.williams@oriontransfer.co.nz>
+Date: Sat, 8 Mar 2025 11:13:39 +1300
+Subject: [PATCH] Use a fully resolved file path when confirming if a
+file can
+ be served by `Rack::Static`.
+---
+ lib/rack/static.rb | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/rack/static.rb b/lib/rack/static.rb
+index 8cb58b2..0ea78a1 100644
+--- a/lib/rack/static.rb
++++ b/lib/rack/static.rb
+@@ -122,8 +122,9 @@ module Rack
+ 
+     def call(env)
+       path = env[PATH_INFO]
++      actual_path = Utils.clean_path_info(Utils.unescape_path(path))
+ 
+-      if can_serve(path)
++      if can_serve(actual_path)
+         if overwrite_file_path(path)
+           env[PATH_INFO] = (add_index_root?(path) ? path + @index : @urls[path])
+         elsif @gzip && env['HTTP_ACCEPT_ENCODING'] && /\bgzip\b/.match?(env['HTTP_ACCEPT_ENCODING'])
+-- 
+2.41.0
+
diff --git a/rubygem-rack.spec b/rubygem-rack.spec
index 890567d..120a2c2 100644
--- a/rubygem-rack.spec
+++ b/rubygem-rack.spec
@@ -4,7 +4,7 @@
 Name:    rubygem-%{gem_name}
 Version: 2.2.3.1
 Epoch:   1
-Release: 4
+Release: 5
 Summary: A modular Ruby webserver interface
 License: MIT and BSD
 URL:     https://rack.github.io/
@@ -17,6 +17,7 @@ Patch3: CVE-2024-25126.patch
 Patch4: CVE-2022-44570.patch
 Patch5: CVE-2022-44571.patch
 Patch6: CVE-2022-44572.patch
+Patch7: CVE-2025-27610.patch
 
 BuildRequires: ruby(release) rubygems-devel ruby >= 2.2.2 rubygem(concurrent-ruby)
 BuildRequires: memcached rubygem(memcache-client) rubygem(minitest)
@@ -106,6 +107,12 @@ popd
 %doc %{gem_instdir}/contrib
 
 %changelog
+* Wed Mar 12 2025 changtao <changtao@kylinos.cn> - 1:2.2.3.1-5
+- Type:CVE
+- CVE:CVE-2025-27610
+- SUG:NA
+- DESC:fix CVE-2025-27610
+
 * Fri Jul 05 2024 zouzhimin <zouzhimin@kylinos.cn> - 1:2.2.3.1-4
 - Type:CVES
 - ID:CVE-2022-44570 CVE-2022-44571 CVE-2022-44572
-- 
Gitee