Sophie: jruby-1.7.22-5.1.mga6 src

jruby-1.7.22-5.1.mga6.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

From: Markus Koschany <apo@debian.org>
Date: Sun, 29 Apr 2018 21:11:01 +0200
Subject: CVE-2018-1000074

Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895778
Origin: https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d
---
 lib/ruby/shared/rubygems/commands/owner_command.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/ruby/shared/rubygems/commands/owner_command.rb b/lib/ruby/shared/rubygems/commands/owner_command.rb
index 322bf65..c5416f8 100644
--- a/lib/ruby/shared/rubygems/commands/owner_command.rb
+++ b/lib/ruby/shared/rubygems/commands/owner_command.rb
@@ -61,7 +61,7 @@ permission to.
     end
 
     with_response response do |resp|
-      owners = YAML.load resp.body
+      owners = Gem::SafeYAML.load resp.body
 
       say "Owners for gem: #{name}"
       owners.each do |owner|