Package: rake / 12.3.1-3+deb10u1

CVE-2020-8130.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Description: Use File.open explicitly.
Author: Hiroshi SHIBATA <hsbt@ruby-lang.org>
Author: Utkarsh Gupta <utkarsh@debian.org>
Origin: https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee
Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2020-8130
Last-Update: 2020-02-29

--- a/lib/rake/file_list.rb
+++ b/lib/rake/file_list.rb
@@ -294,7 +294,7 @@
       matched = 0
       each do |fn|
         begin
-          open(fn, "r", *options) do |inf|
+          File.open(fn, "r", *options) do |inf|
             count = 0
             inf.each do |line|
               count += 1