1 |
From: =?utf-8?q?Guido_G=C3=BCnther?= <agx@sigxcpu.org> |
2 |
Date: Thu, 21 Dec 2017 17:02:44 +0100 |
3 |
Subject: CVE-2017-17405: Fix a command injection vulnerability in Net::FTP. |
4 |
|
5 |
These are upstream commits |
6 |
|
7 |
1cfe43fd85c66a9e2b5068480b3e043c31e6b8ca |
8 |
--- |
9 |
lib/net/ftp.rb | 10 +++++----- |
10 |
1 file changed, 5 insertions(+), 5 deletions(-) |
11 |
|
12 |
diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb |
13 |
index 149fc6a..94dcccd 100644 |
14 |
--- a/lib/net/ftp.rb |
15 |
+++ b/lib/net/ftp.rb |
16 |
@@ -563,10 +563,10 @@ module Net |
17 |
if localfile |
18 |
if @resume |
19 |
rest_offset = File.size?(localfile) |
20 |
- f = open(localfile, "a") |
21 |
+ f = File.open(localfile, "a") |
22 |
else |
23 |
rest_offset = nil |
24 |
- f = open(localfile, "w") |
25 |
+ f = File.open(localfile, "w") |
26 |
end |
27 |
elsif !block_given? |
28 |
result = "" |
29 |
@@ -594,7 +594,7 @@ module Net |
30 |
def gettextfile(remotefile, localfile = File.basename(remotefile)) # :yield: line |
31 |
result = nil |
32 |
if localfile |
33 |
- f = open(localfile, "w") |
34 |
+ f = File.open(localfile, "w") |
35 |
elsif !block_given? |
36 |
result = "" |
37 |
end |
38 |
@@ -640,7 +640,7 @@ module Net |
39 |
else |
40 |
rest_offset = nil |
41 |
end |
42 |
- f = open(localfile) |
43 |
+ f = File.open(localfile) |
44 |
begin |
45 |
f.binmode |
46 |
if rest_offset |
47 |
@@ -659,7 +659,7 @@ module Net |
48 |
# passing in the transmitted data one line at a time. |
49 |
# |
50 |
def puttextfile(localfile, remotefile = File.basename(localfile), &block) # :yield: line |
51 |
- f = open(localfile) |
52 |
+ f = File.open(localfile) |
53 |
begin |
54 |
storlines("STOR " + remotefile, f, &block) |
55 |
ensure |