pkgsrc

kpriv/pkgsrc

Fork 0

Commit graph

Author	SHA1	Message	Date
taca	0b8cf82b08	Update ruby-safe_yaml to 1.0.4. 1.0.2 ----- - added warning when using Psych + an older version of libyaml	2015-03-13 16:19:35 +00:00
taca	3fb170fb3e	Update ruby-safe_yaml to 1.0.1 0.9.7 * made handling of document frontmatter more robust * added more descriptive message to the warning for omitting the :safe option 0.9.6 * fixed handling of files with trailing content (after closing ---) For more detail, please refer <https://github.com/dtao/safe_yaml/commits/master>.	2014-03-14 18:27:35 +00:00
taca	a50db733b3	Add ruby-safe_yaml package version 0.9.5. The SafeYAML gem provides an alternative implementation of `YAML.load` suitable for accepting user input in Ruby applications. Unlike Ruby's built-in implementation of `YAML.load`, SafeYAML's version will not expose apps to arbitrary code execution exploits (such as [the ones discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/) [in Rails in early 2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)). If you encounter any issues with SafeYAML, check out the 'Common Issues' section below. If you don't see anything that addresses the problem you're experiencing, by all means, [create an issue](https://github.com/dtao/safe_yaml/issues/new)!	2013-09-15 16:31:27 +00:00

Author

SHA1

Message

Date

taca

0b8cf82b08

Update ruby-safe_yaml to 1.0.4.

1.0.2
-----

- added warning when using Psych + an older version of libyaml

2015-03-13 16:19:35 +00:00

taca

3fb170fb3e

Update ruby-safe_yaml to 1.0.1

0.9.7

* made handling of document frontmatter more robust
* added more descriptive message to the warning for omitting the :safe option

0.9.6

* fixed handling of files with trailing content (after closing ---)

For more detail, please refer <https://github.com/dtao/safe_yaml/commits/master>.

2014-03-14 18:27:35 +00:00

taca

a50db733b3

Add ruby-safe_yaml package version 0.9.5.

The SafeYAML gem provides an alternative implementation of `YAML.load`
suitable for accepting user input in Ruby applications.  Unlike Ruby's
built-in implementation of `YAML.load`, SafeYAML's version will not expose
apps to arbitrary code execution exploits (such as [the ones
discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/)
[in Rails in early
2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)).

If you encounter any issues with SafeYAML, check out the 'Common Issues'
section below.  If you don't see anything that addresses the problem you're
experiencing, by all means,  [create an
issue](https://github.com/dtao/safe_yaml/issues/new)!

2013-09-15 16:31:27 +00:00

3 commits