Backport webrick patch for CVE-2020-25613

[Backport #17201]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67893 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

lib/webrick/httprequest.rb

@@ -226,9 +226,9 @@ module WEBrick
         raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
       end
 
-      if /close/io =~ self["connection"]
+      if /\Aclose\z/io =~ self["connection"]
         @keep_alive = false
-      elsif /keep-alive/io =~ self["connection"]
+      elsif /\Akeep-alive\z/io =~ self["connection"]
         @keep_alive = true
       elsif @http_version < "1.1"
         @keep_alive = false
@@ -475,7 +475,7 @@ module WEBrick
       return unless socket
       if tc = self['transfer-encoding']
         case tc
-        when /chunked/io then read_chunked(socket, block)
+        when /\Achunked\z/io then read_chunked(socket, block)
         else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
         end
       elsif self['content-length'] || @remaining_size

lib/webrick/version.rb

@@ -14,5 +14,5 @@ module WEBrick
   ##
   # The WEBrick version
 
-  VERSION      = "1.4.2"
+  VERSION      = "1.4.2.1"
 end

version.h

@@ -1,10 +1,10 @@
 #define RUBY_VERSION "2.5.9"
-#define RUBY_RELEASE_DATE "2020-12-09"
+#define RUBY_RELEASE_DATE "2021-02-16"
-#define RUBY_PATCHLEVEL 227
+#define RUBY_PATCHLEVEL 228
 
-#define RUBY_RELEASE_YEAR 2020
+#define RUBY_RELEASE_YEAR 2021
-#define RUBY_RELEASE_MONTH 12
+#define RUBY_RELEASE_MONTH 2
-#define RUBY_RELEASE_DAY 9
+#define RUBY_RELEASE_DAY 16
 
 #include "ruby/version.h"