diff options
| author | Peter Hoeg <peter@hoeg.com> | 2017-09-08 12:07:55 +0800 |
|---|---|---|
| committer | Peter Hoeg <peter@hoeg.com> | 2017-09-08 12:07:55 +0800 |
| commit | 9f51b3c105a5302691552b166f3cbc0581bd85b4 (patch) | |
| tree | dd4b5c4d8f97cc984838d475625f6f441da29ec2 /pkgs/development/interpreters/ruby/rubygems-src.nix | |
| parent | 01a6878bb1dedfdbffe0e5ee0a77fe362388f5c6 (diff) | |
| download | nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar.gz nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar.bz2 nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar.lz nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar.xz nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.tar.zst nixlib-9f51b3c105a5302691552b166f3cbc0581bd85b4.zip | |
rubygems: 2.6.10 -> 2.6.13
Fixes a number of CVEs: - a DNS request hijacking vulnerability. (CVE-2017-0902) - an ANSI escape sequence vulnerability. (CVE-2017-0899) - a DoS vulnerability in the query command. (CVE-2017-0900) - a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901)
Diffstat (limited to 'pkgs/development/interpreters/ruby/rubygems-src.nix')
| -rw-r--r-- | pkgs/development/interpreters/ruby/rubygems-src.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/interpreters/ruby/rubygems-src.nix b/pkgs/development/interpreters/ruby/rubygems-src.nix index 7658c303a1e9..99870e6ba2ca 100644 --- a/pkgs/development/interpreters/ruby/rubygems-src.nix +++ b/pkgs/development/interpreters/ruby/rubygems-src.nix @@ -1,6 +1,6 @@ { fetchurl -, version ? "2.6.10" -, sha256 ? "364c0eee8e0c9e8ab4879c5035832e5a27f0c97292d2264af5ae0020585280f0" +, version ? "2.6.13" +, sha256 ? "1j98ww8cz9y4wwshg7p4i4acrmls3ywkyj1nlkh4k3bywwm50hfh" }: fetchurl { url = "http://production.cf.rubygems.org/rubygems/rubygems-${version}.tgz"; |