Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigate against CVE-2016-3714 (ImageTragick) #1934

Merged
merged 1 commit into from Apr 30, 2019
Merged

Mitigate against CVE-2016-3714 (ImageTragick) #1934

merged 1 commit into from Apr 30, 2019

Commits on May 5, 2016

  1. Mitigate against CVE-2016-3714 (ImageTragick) 

    - Use the MimeMagic gem to detect content types via file headers
- Fallback to Mime::Types if the file does not exist
- Update the README to detail all required steps to mitigate against CVE-2016-3714
- Changed content type whitelist / blacklist specs to use image/png mime-type for ruby.gif
    Zach Gardner committed May 5, 2016
    Copy the full SHA
    20475db View commit details
    Browse the repository at this point in the history