Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP5:Update
rubygem-railties-5.2.18164
rubygem-railties-5.2-CVE-2023-23913.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rubygem-railties-5.2-CVE-2023-23913.patch of Package rubygem-railties-5.2.18164
Index: railties-5.2.3/lib/rails/secrets.rb =================================================================== --- railties-5.2.3.orig/lib/rails/secrets.rb +++ railties-5.2.3/lib/rails/secrets.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true require "yaml" +require "tempfile" require "active_support/message_encryptor" require "active_support/core_ext/string/strip" @@ -85,17 +86,18 @@ module Rails end def writing(contents) - tmp_file = "#{File.basename(path)}.#{Process.pid}" - tmp_path = File.join(Dir.tmpdir, tmp_file) - IO.binwrite(tmp_path, contents) + file_name = "#{File.basename(path)}.#{Process.pid}" - yield tmp_path + Tempfile.create(["", "-" + file_name]) do |tmp_file| + tmp_path = Pathname.new(tmp_file) + tmp_path.binwrite contents - updated_contents = IO.binread(tmp_path) + yield tmp_path - write(updated_contents) if updated_contents != contents - ensure - FileUtils.rm(tmp_path) if File.exist?(tmp_path) + updated_contents = tmp_path.binread + + write(updated_contents) if updated_contents != contents + end end def encryptor
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor