[前][次][番号順一覧][スレッド一覧]

ruby-changes:63100

From: SzymonKowalczyk <ko1@a...>
Date: Fri, 25 Sep 2020 13:12:07 +0900 (JST)
Subject: [ruby-changes:63100] f794c928a0 (master): [ruby/psych] Update SNAKEYAML CVE-2017-18640

https://git.ruby-lang.org/ruby.git/commit/?id=f794c928a0

From f794c928a007ba2edddac0de14eb0f4af9491c6c Mon Sep 17 00:00:00 2001
From: SzymonKowalczyk <szymon.kowalczyk@p...>
Date: Thu, 16 Jul 2020 14:26:48 +0200
Subject: [ruby/psych] Update SNAKEYAML CVE-2017-18640

 to version 1.26
https://github.com/ruby/psych/commit/b2802135e7

diff --git a/ext/psych/lib/psych/versions.rb b/ext/psych/lib/psych/versions.rb
index dfa1917..bbff929 100644
--- a/ext/psych/lib/psych/versions.rb
+++ b/ext/psych/lib/psych/versions.rb
@@ -2,9 +2,9 @@ https://github.com/ruby/ruby/blob/trunk/ext/psych/lib/psych/versions.rb#L2
 # frozen_string_literal: true
 module Psych
   # The version of Psych you are using
-  VERSION = '3.1.0'
+  VERSION = '3.1.1'
 
   if RUBY_ENGINE == 'jruby'
-    DEFAULT_SNAKEYAML_VERSION = '1.23'.freeze
+    DEFAULT_SNAKEYAML_VERSION = '1.26'.freeze
   end
 end
-- 
cgit v0.10.2


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]