diff options
author | Tim Smith <tsmith@chef.io> | 2017-10-18 11:05:38 -0700 |
---|---|---|
committer | Tim Smith <tsmith@chef.io> | 2017-10-18 11:05:38 -0700 |
commit | 7d80ab4c66e537402ed2f187723b67c2d1d42d93 (patch) | |
tree | 6dc06a35f7cd18115d647c13e3ec0ececdc5bbc6 | |
parent | 5747a43b5ce8117e3b11664423ef598966feab1a (diff) | |
download | chef-latest_rubygems.tar.gz |
Use Rubygems 2.6.14 to fix CVE-2017-0903latest_rubygems
Whitelist classes and symbols that are in loaded YAML. See CVE-2017-0903 for full details.
Signed-off-by: Tim Smith <tsmith@chef.io>
-rw-r--r-- | omnibus_overrides.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/omnibus_overrides.rb b/omnibus_overrides.rb index 73d5c24f17..b02d2384db 100644 --- a/omnibus_overrides.rb +++ b/omnibus_overrides.rb @@ -1,5 +1,5 @@ # DO NOT EDIT. Generated by "rake dependencies". Edit version_policy.rb instead. -override :rubygems, version: "2.6.13" +override :rubygems, version: "2.6.14" override :bundler, version: "1.12.5" override "libffi", version: "3.2.1" override "libiconv", version: "1.15" |