| 1 |
From: =?utf-8?q?Guido_G=C3=BCnther?= <agx@sigxcpu.org> |
| 2 |
Date: Thu, 21 Dec 2017 17:02:44 +0100 |
| 3 |
Subject: CVE-2017-17405: Fix a command injection vulnerability in Net::FTP. |
| 4 |
|
| 5 |
These are upstream commits |
| 6 |
|
| 7 |
1cfe43fd85c66a9e2b5068480b3e043c31e6b8ca |
| 8 |
--- |
| 9 |
lib/net/ftp.rb | 10 +++++----- |
| 10 |
1 file changed, 5 insertions(+), 5 deletions(-) |
| 11 |
|
| 12 |
diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb |
| 13 |
index 149fc6a..94dcccd 100644 |
| 14 |
--- a/lib/net/ftp.rb |
| 15 |
+++ b/lib/net/ftp.rb |
| 16 |
@@ -563,10 +563,10 @@ module Net |
| 17 |
if localfile |
| 18 |
if @resume |
| 19 |
rest_offset = File.size?(localfile) |
| 20 |
- f = open(localfile, "a") |
| 21 |
+ f = File.open(localfile, "a") |
| 22 |
else |
| 23 |
rest_offset = nil |
| 24 |
- f = open(localfile, "w") |
| 25 |
+ f = File.open(localfile, "w") |
| 26 |
end |
| 27 |
elsif !block_given? |
| 28 |
result = "" |
| 29 |
@@ -594,7 +594,7 @@ module Net |
| 30 |
def gettextfile(remotefile, localfile = File.basename(remotefile)) # :yield: line |
| 31 |
result = nil |
| 32 |
if localfile |
| 33 |
- f = open(localfile, "w") |
| 34 |
+ f = File.open(localfile, "w") |
| 35 |
elsif !block_given? |
| 36 |
result = "" |
| 37 |
end |
| 38 |
@@ -640,7 +640,7 @@ module Net |
| 39 |
else |
| 40 |
rest_offset = nil |
| 41 |
end |
| 42 |
- f = open(localfile) |
| 43 |
+ f = File.open(localfile) |
| 44 |
begin |
| 45 |
f.binmode |
| 46 |
if rest_offset |
| 47 |
@@ -659,7 +659,7 @@ module Net |
| 48 |
# passing in the transmitted data one line at a time. |
| 49 |
# |
| 50 |
def puttextfile(localfile, remotefile = File.basename(localfile), &block) # :yield: line |
| 51 |
- f = open(localfile) |
| 52 |
+ f = File.open(localfile) |
| 53 |
begin |
| 54 |
storlines("STOR " + remotefile, f, &block) |
| 55 |
ensure |
Parent Directory
| 
Revision Log