summaryrefslogtreecommitdiff
path: root/system/ruby/CVE-2020-8130.patch
diff options
context:
space:
mode:
Diffstat (limited to 'system/ruby/CVE-2020-8130.patch')
-rw-r--r--system/ruby/CVE-2020-8130.patch18
1 files changed, 18 insertions, 0 deletions
diff --git a/system/ruby/CVE-2020-8130.patch b/system/ruby/CVE-2020-8130.patch
new file mode 100644
index 000000000..3cb6e4adf
--- /dev/null
+++ b/system/ruby/CVE-2020-8130.patch
@@ -0,0 +1,18 @@
+Note: adjusted paths since it's being vendored inside ruby.
+
+From 5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Mon, 22 Jul 2019 10:23:43 +0900
+Subject: [PATCH] Use File.open explicitly.
+
+--- ruby-2.5.7/gems/rake-12.3.0/lib/rake/file_list.rb
++++ ruby-2.5.7/gems/rake-12.3.0/lib/rake/file_list.rb
+@@ -294,7 +294,7 @@ def egrep(pattern, *options)
+ matched = 0
+ each do |fn|
+ begin
+- open(fn, "r", *options) do |inf|
++ File.open(fn, "r", *options) do |inf|
+ count = 0
+ inf.each do |line|
+ count += 1
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-12-02 05:48:13 +0000