iirc 0.6.2 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/lib/iirc/bot.rb +1 -1
  4. data/lib/iirc/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 49f724afe62aa2f76c2d5effda29ce98c9f9b5ae8d83f175ac0de51385e9c431
4
- data.tar.gz: e61a5053975303f7e45dc4be44f3cebddc63a3171a984c1785fcae666be27d07
3
+ metadata.gz: 35506ead9be0accbdd02186045edf0ff02f5cce1872a430b7f8a73dac493ebae
4
+ data.tar.gz: 0b3e2e0c4bbb74340429601dea13dd13ccbca51f2dec20e8cc6063995092d9d1
5
5
  SHA512:
6
- metadata.gz: fc76b8e4d7455058a20dff37d6d29cb0082d69b65681a0e36b7eeccb7abdb25cf58b52bbb23bb652c34747756e0352e2969bb99a669349cada61041cfcdd0dec
7
- data.tar.gz: 3c4a85314c46eb87752f1a85e2235d1744a0e2f3b9a024af7c5bc5e8b7a604d505edf9905022393bacb973b7bfd7e94da815321cba5d651cea21776d1dc07486
6
+ metadata.gz: 264f63137eb223d2143facc99ef5a8b7970597185223b1c5e64dc14a3197915b2e26059cfeb90ac3b181344e5c2e55196561815c9e1be7a4e9696bdf039451cf
7
+ data.tar.gz: 2c99f6934ebb734ff03882e4833596363843c6f64b43b7720040e61933529be52adaeca64609891f3b9f36953bfe96053233206a434eaf8ecd0968d469d1393e
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## [0.6.3] - 2022-05-04
2
+
3
+ - [Bot#<<] Strip all CR / LF characters passed to Bot#<<
4
+ - This will help prevent vulns such as:
5
+ https://matrix.org/blog/2022/05/04/0-34-0-security-release-for-matrix-appservice-irc-high-severity
6
+
1
7
  ## [0.6.2] - 2022-04-28
2
8
 
3
9
  - [Event] Add CTCP parsing methods
data/lib/iirc/bot.rb CHANGED
@@ -5,7 +5,7 @@ module IIRC
5
5
  alias :me :user
6
6
 
7
7
  def <<(text)
8
- socket << text + "\r\n"
8
+ socket << text.tr("\r", "").tr("\n", "") + "\r\n"
9
9
  self
10
10
  end
11
11
 
data/lib/iirc/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module IIRC
4
- VERSION = "0.6.2"
4
+ VERSION = "0.6.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: iirc
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.2
4
+ version: 0.6.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - mooff
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-04-28 00:00:00.000000000 Z
11
+ date: 2022-05-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ircparser