Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Updated rubygems to 2.4.8. Closes #3435
RubyGems 2.4.8 installed

=== 2.4.8 / 2015-06-08

Bug fixes:

* Tightened API endpoint checks for CVE-2015-3900

=== 2.4.7 / 2015-05-14

Bug fixes:

* Backport: Limit API endpoint to original security domain for CVE-2015-3900.
  Fix by claudijd

=== 2.4.6 / 2014-02-05

Bug fixes:

* Fixed resolving gems with both upper and lower requirement boundaries.
  Issue #1141 by Jakub Jirutka.
* Moved extension directory after require_paths to fix missing constant bugs
  in some gems with C extensions.  Issue #784 by André Arko, pull request
  #1137 by Barry Allard.
* Use Gem::Dependency#requirement when adding a dependency to an existing
  dependency instance.  Pull request #1101 by Josh Cheek.
* Fixed warning of shadowed local variable in Gem::Specification.  Pull request
  #1109 by Rohit Arondekar
* Gem::Requirement should always sort requirements before coercion to Hash.
  Pull request #1139 by Eito Katagiri.
* The `gem open` command should change the current working directory before
  opening the editor.  Pull request #1142 by Alex Wood.
* Ensure quotes are stripped from the Windows launcher script used to install
  gems.  Pull request #1115 by Youngjun Song.
* Fixed errors when writing to NFS to to 0444 files.  Issue #1161 by Emmanuel
  Hadoux.
* Removed dead code in Gem::StreamUI.  Pull request #1117 by mediaslave24.
* Fixed typos.  Pull request #1096 by hakeda.
* Relaxed CMake dependency for RHEL 6 and CentOS 6.  Pull request #1124 by Vít
  Ondruch.
* Relaxed Psych dependency.  Pull request #1128 by Vít Ondruch.

------------------------------------------------------------------------------
  • Loading branch information
brixen committed Jun 11, 2015
1 parent 315e3bf commit 0bc749b
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
2 changes: 1 addition & 1 deletion library/rubygems.rb
Expand Up @@ -9,7 +9,7 @@
require 'thread'

module Gem
VERSION = '2.4.6'
VERSION = '2.4.8'
end

# Must be first since it unloads the prelude from 1.9.2
Expand Down
8 changes: 7 additions & 1 deletion library/rubygems/remote_fetcher.rb
Expand Up @@ -94,7 +94,13 @@ def api_endpoint(uri)
rescue Resolv::ResolvError
uri
else
URI.parse "#{uri.scheme}://#{res.target}#{uri.path}"
target = res.target.to_s.strip

if /\.#{Regexp.quote(host)}\z/ =~ target
return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
end

uri
end
end

Expand Down

0 comments on commit 0bc749b

Please sign in to comment.