diff options
author | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-20 09:09:49 +0000 |
---|---|---|
committer | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-20 09:09:49 +0000 |
commit | 798316eac260e3cd683da2be23fef53ee64cee00 (patch) | |
tree | 081afeacb9461d2e28caedb15d38dcc40d15d627 /NEWS | |
parent | ce848356aeafcb0cae6a74e6ff38f4cbc1f2142e (diff) | |
download | bundler-798316eac260e3cd683da2be23fef53ee64cee00.tar.gz |
io.c: Methods of File should not invoke external commands
For security reasons, File.read, File.binread, File.write, File.binwrite,
File.foreach, and File.readlines should not invoke external commands even
if the path starts with the pipe character |.
[ruby-core:84495] [Feature #14245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62857 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -138,6 +138,12 @@ with all sufficient information, see the ChangeLog file or Redmine === Compatibility issues (excluding feature bug fixes) +* File + + * File.read, File.binread, File.write, File.binwrite, File.foreach, + and File.readlines do not invoke external commands even if the path + starts with the pipe character |. [Feature #14245] + === Stdlib compatibility issues (excluding feature bug fixes) === C API updates |