Project

General

Profile

Actions
Copy link

Bug #9685

closed

psych-2.0.5 のバックポート

Added by hsbt (Hiroshi SHIBATA) almost 11 years ago. Updated over 10 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.2.0dev (2014-03-27 trunk 45452) [x86_64-darwin13]
Backport:
2.0.0: DONE, 2.1: DONE
[ruby-dev:48073]

Description

CVE-2014-2525 の修正を含んだ psych-2.0.5 のバックポートをお願いします。

ref. https://github.com/tenderlove/psych/pull/187
related commits. r45454, r45455

Actions
Copy link
 #1 [ruby-dev:48084]

Updated by hsbt (Hiroshi SHIBATA) almost 11 years ago

  • Status changed from Open to Closed
Actions
Copy link
 #2 [ruby-dev:48175]

Updated by nagachika (Tomoyuki Chikanaga) almost 11 years ago

  • Backport changed from 2.0.0: REQUIRED, 2.1: REQUIRED to 2.0.0: REQUIRED, 2.1: DONE

r45453, r45455 and r45577 were backported into ruby_2_1 at r45812.
See #9798

Actions
Copy link
 #3 [ruby-dev:48179]

Updated by usa (Usaku NAKAMURA) over 10 years ago

  • Backport changed from 2.0.0: REQUIRED, 2.1: DONE to 2.0.0: DONE, 2.1: DONE

backported a part of r45453 into ruby_2_0_0.

I decided to update only libyaml and not psych itself.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0