File CVE-2021-43809.patch of Package rubygem-bundler

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2021-43809.patch of Package rubygem-bundler

diff -ru bundler-1.16.1.orig/lib/bundler/source/git/git_proxy.rb bundler-1.16.1/lib/bundler/source/git/git_proxy.rb
--- bundler-1.16.1.orig/lib/bundler/source/git/git_proxy.rb	2024-10-07 16:22:34.994983415 +0200
+++ bundler-1.16.1/lib/bundler/source/git/git_proxy.rb	2024-10-07 16:22:00.574359794 +0200
@@ -100,7 +100,7 @@
             SharedHelpers.filesystem_access(path.dirname) do |p|
               FileUtils.mkdir_p(p)
             end
-            git_retry %(clone #{uri_escaped_with_configured_credentials} "#{path}" --bare --no-hardlinks --quiet)
+            git_retry %(clone --bare --no-hardlinks --quiet -- #{uri_escaped_with_configured_credentials} "#{path}")
             return unless extra_ref
           end
 
@@ -119,7 +119,7 @@
               SharedHelpers.filesystem_access(destination) do |p|
                 FileUtils.rm_rf(p)
               end
-              git_retry %(clone --no-checkout --quiet "#{path}" "#{destination}")
+              git_retry %(clone --no-checkout --quiet "--" "#{path}" "#{destination}")
               File.chmod(((File.stat(destination).mode | 0o777) & ~File.umask), destination)
             rescue Errno::EEXIST => e
               file_path = e.message[%r{.*?(/.*)}, 1]

Places

File CVE-2021-43809.patch of Package rubygem-bundler

Places