From a8acce46ffa334b1edd3767b52bc5ece1664171d Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Fri, 30 Dec 2022 14:32:05 +0900
Subject: [PATCH 3/5] Make RFC2822 regexp linear

https://hackerone.com/reports/1485501
---
 lib/time.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/time.rb b/lib/time.rb
index ac17410..8af482c 100644
--- a/lib/time.rb
+++ b/lib/time.rb
@@ -507,7 +507,7 @@ class Time
           (\d{2,})\s+
           (\d{2})\s*
           :\s*(\d{2})
-          (?:\s*:\s*(\d{2}))?\s+
+          (?:\s*:\s*(\d\d))?\s+
           ([+-]\d{4}|
            UT|GMT|EST|EDT|CST|CDT|MST|MDT|PST|PDT|[A-IK-Z])/ix =~ date
         # Since RFC 2822 permit comments, the regexp has no right anchor.
-- 
2.33.0