ruby/ruby-2.4.3-Fix-Command-injection-in-lib-resolv-lazy_initialize.patch

From e7464561b5151501beb356fc750d5dd1a88014f7 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 20 Dec 2017 04:18:31 +0000
Subject: [PATCH] Fixed command Injection

* resolv.rb (Resolv::Hosts#lazy_initialize): fixed potential
  command Injection in Hosts::new() by use of Kernel#open.
  [Fix GH-1777] [ruby-core:84347] [Bug #14205]

From: Drigg3r <drigg3r@yandex.com>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/resolv.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/resolv.rb b/lib/resolv.rb
index 1044b95e6810..56183b837d81 100644
--- a/lib/resolv.rb
+++ b/lib/resolv.rb
@@ -189,7 +189,7 @@ def lazy_initialize # :nodoc:
         unless @initialized
           @name2addr = {}
           @addr2name = {}
-          open(@filename, 'rb') {|f|
+          File.open(@filename, 'rb') {|f|
             f.each {|line|
               line.sub!(/#.*/, '')
               addr, hostname, *aliases = line.split(/\s+/)