From 85fd60643dcfdcc871af86aaeac45d158466af26 Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Mon, 23 Mar 2020 22:14:43 -0500
Subject: system/ruby: patch CVE-2020-8130

---
 system/ruby/CVE-2020-8130.patch | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 system/ruby/CVE-2020-8130.patch

(limited to 'system/ruby/CVE-2020-8130.patch')

diff --git a/system/ruby/CVE-2020-8130.patch b/system/ruby/CVE-2020-8130.patch
new file mode 100644
index 000000000..3cb6e4adf
--- /dev/null
+++ b/system/ruby/CVE-2020-8130.patch
@@ -0,0 +1,18 @@
+Note: adjusted paths since it's being vendored inside ruby.
+
+From 5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee Mon Sep 17 00:00:00 2001
+From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
+Date: Mon, 22 Jul 2019 10:23:43 +0900
+Subject: [PATCH] Use File.open explicitly.
+
+--- ruby-2.5.7/gems/rake-12.3.0/lib/rake/file_list.rb
++++ ruby-2.5.7/gems/rake-12.3.0/lib/rake/file_list.rb
+@@ -294,7 +294,7 @@ def egrep(pattern, *options)
+       matched = 0
+       each do |fn|
+         begin
+-          open(fn, "r", *options) do |inf|
++          File.open(fn, "r", *options) do |inf|
+             count = 0
+             inf.each do |line|
+               count += 1
-- 
cgit v1.2.3-70-g09d2