Projects
Mega:24.03:SP1:Everything
ruby
_service:tar_scm:backport-0001-CVE-2024-35221.p...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-0001-CVE-2024-35221.patch of Package ruby
From c2812fb616a9a0f31bbc3906a8ec9bad9faec498 Mon Sep 17 00:00:00 2001 From: Samuel Giddins <segiddins@segiddins.me> Date: Wed, 7 Feb 2024 12:26:31 -0800 Subject: [PATCH] [rubygems/rubygems] Control whether YAML aliases are enabled in Gem::SafeYAML.safe_load via a constant https://github.com/rubygems/rubygems/commit/6bedb1cb79 --- lib/rubygems/safe_yaml.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/rubygems/safe_yaml.rb b/lib/rubygems/safe_yaml.rb index dba3cfb16d..4e1da3c14b 100644 --- a/lib/rubygems/safe_yaml.rb +++ b/lib/rubygems/safe_yaml.rb @@ -25,8 +25,11 @@ module SafeYAML runtime ].freeze + ALIASES = true # :nodoc: + private_constant :ALIASES + def self.safe_load(input) - ::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true) + ::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: ALIASES) end def self.load(input) -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2