ruby-changes:63100
From: SzymonKowalczyk <ko1@a...>
Date: Fri, 25 Sep 2020 13:12:07 +0900 (JST)
Subject: [ruby-changes:63100] f794c928a0 (master): [ruby/psych] Update SNAKEYAML CVE-2017-18640
https://git.ruby-lang.org/ruby.git/commit/?id=f794c928a0 From f794c928a007ba2edddac0de14eb0f4af9491c6c Mon Sep 17 00:00:00 2001 From: SzymonKowalczyk <szymon.kowalczyk@p...> Date: Thu, 16 Jul 2020 14:26:48 +0200 Subject: [ruby/psych] Update SNAKEYAML CVE-2017-18640 to version 1.26 https://github.com/ruby/psych/commit/b2802135e7 diff --git a/ext/psych/lib/psych/versions.rb b/ext/psych/lib/psych/versions.rb index dfa1917..bbff929 100644 --- a/ext/psych/lib/psych/versions.rb +++ b/ext/psych/lib/psych/versions.rb @@ -2,9 +2,9 @@ https://github.com/ruby/ruby/blob/trunk/ext/psych/lib/psych/versions.rb#L2 # frozen_string_literal: true module Psych # The version of Psych you are using - VERSION = '3.1.0' + VERSION = '3.1.1' if RUBY_ENGINE == 'jruby' - DEFAULT_SNAKEYAML_VERSION = '1.23'.freeze + DEFAULT_SNAKEYAML_VERSION = '1.26'.freeze end end -- cgit v0.10.2 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/