* Fixed following vulnerabilities:
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
* see also https://blog.rubygems.org/2019/03/05/3.0.3-released.html
Backport RubyGems 3.0.3: [Backport #15637]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e