/[packages]/updates/5/ruby/current/SOURCES/ruby-2.0.0-CVE-2017-17405.patch
ViewVC logotype

Annotation of /updates/5/ruby/current/SOURCES/ruby-2.0.0-CVE-2017-17405.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1187965 - (hide annotations) (download)
Sat Dec 30 17:15:36 2017 UTC (2 years, 8 months ago) by luigiwalser
File size: 1639 byte(s)
add patches from debian to fix CVE-2017-17405 and CVE-2017-17790
1 luigiwalser 1187965 From: =?utf-8?q?Guido_G=C3=BCnther?= <agx@sigxcpu.org>
2     Date: Thu, 21 Dec 2017 17:02:44 +0100
3     Subject: CVE-2017-17405: Fix a command injection vulnerability in Net::FTP.
4    
5     These are upstream commits
6    
7     1cfe43fd85c66a9e2b5068480b3e043c31e6b8ca
8     ---
9     lib/net/ftp.rb | 10 +++++-----
10     1 file changed, 5 insertions(+), 5 deletions(-)
11    
12     diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
13     index 149fc6a..94dcccd 100644
14     --- a/lib/net/ftp.rb
15     +++ b/lib/net/ftp.rb
16     @@ -563,10 +563,10 @@ module Net
17     if localfile
18     if @resume
19     rest_offset = File.size?(localfile)
20     - f = open(localfile, "a")
21     + f = File.open(localfile, "a")
22     else
23     rest_offset = nil
24     - f = open(localfile, "w")
25     + f = File.open(localfile, "w")
26     end
27     elsif !block_given?
28     result = ""
29     @@ -594,7 +594,7 @@ module Net
30     def gettextfile(remotefile, localfile = File.basename(remotefile)) # :yield: line
31     result = nil
32     if localfile
33     - f = open(localfile, "w")
34     + f = File.open(localfile, "w")
35     elsif !block_given?
36     result = ""
37     end
38     @@ -640,7 +640,7 @@ module Net
39     else
40     rest_offset = nil
41     end
42     - f = open(localfile)
43     + f = File.open(localfile)
44     begin
45     f.binmode
46     if rest_offset
47     @@ -659,7 +659,7 @@ module Net
48     # passing in the transmitted data one line at a time.
49     #
50     def puttextfile(localfile, remotefile = File.basename(localfile), &block) # :yield: line
51     - f = open(localfile)
52     + f = File.open(localfile)
53     begin
54     storlines("STOR " + remotefile, f, &block)
55     ensure

  ViewVC Help
Powered by ViewVC 1.1.28