Adds the backport PR #2092

Return empty when parsing a multi-part POST with only one end delimiter.

Fixed: #2103

Sending the following request in a browser generates a request with
with only one end delimiter.

```javascript
const formData = new FormData();
const request = new Request('http://127.0.0.1:8080/', {
  method: 'POST',
  body: formData,
});
const response = fetch(request);
```

```
curl 'http://127.0.0.1:8080/' \
  -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryR1LC4tR6ayskIXJm' \
  --data-raw $'------WebKitFormBoundaryR1LC4tR6ayskIXJm--\r\n'
```

This request is not compliant RFC7578, but is generated by major browsers such as
FireFox and Chrome.
Supporting this request will cause the multipart parser to return an empty value.

* 2-2-sec:
  bump version
  Avoid 2nd degree polynomial regexp in MediaType
  Return an empty array when ranges are too large
  Fixing ReDoS in header parsing

* Remove dependency on `base64`

The gem was made a default gems, so it should be added to the gemspec,
but most gems out there decided to just use `pack/unpack` to not add
a dependency, that's the approach I used there.

* Fix URI deprecation warnings

Ref: ruby/uri#114

* Update CI matrix

* Restore Ruby 2.3 compatibility

---------

Co-authored-by: Jean Boussier <jean.boussier@gmail.com>