BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

rubygems: 2.6.10 -> 2.6.13

Browse source 
Fixes a number of CVEs:

- a DNS request hijacking vulnerability. (CVE-2017-0902)
- an ANSI escape sequence vulnerability. (CVE-2017-0899)
- a DoS vulnerability in the query command. (CVE-2017-0900)
- a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901)
This commit is contained in:
Peter Hoeg 2017-09-08 12:07:55 +08:00
parent 01a6878bb1
commit 9f51b3c105
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkgs/development/interpreters/ruby/rubygems-src.nix
View file

@ -1,6 +1,6 @@
{ fetchurl
, version ? "2.6.10"
, sha256 ? "364c0eee8e0c9e8ab4879c5035832e5a27f0c97292d2264af5ae0020585280f0"
, version ? "2.6.13"
, sha256 ? "1j98ww8cz9y4wwshg7p4i4acrmls3ywkyj1nlkh4k3bywwm50hfh"
}:
fetchurl {
url = "http://production.cf.rubygems.org/rubygems/rubygems-${version}.tgz";