nixpkgs/rubygems-src.nix at 82b6c6939bb674da1ad3cbe09009bd34078104db - nixpkgs - Hillion Gitea

JakeHillion/nixpkgs

Peter Hoeg 9f51b3c105 rubygems: 2.6.10 -> 2.6.13

Fixes a number of CVEs:

- a DNS request hijacking vulnerability. (CVE-2017-0902)
- an ANSI escape sequence vulnerability. (CVE-2017-0899)
- a DoS vulnerability in the query command. (CVE-2017-0900)
- a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901)

2017-09-08 12:07:55 +08:00

9 lines

211 B

Nix

Raw Blame History

 { fetchurl
 , version ? "2.6.13"
 , sha256 ? "1j98ww8cz9y4wwshg7p4i4acrmls3ywkyj1nlkh4k3bywwm50hfh"
 }:
 fetchurl {
   url = "http://production.cf.rubygems.org/rubygems/rubygems-${version}.tgz";
   sha256 = sha256;
 }