Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CVE-2018-1000544 #371

Merged
merged 4 commits into from Aug 31, 2018
Merged

Fix CVE-2018-1000544 #371

merged 4 commits into from Aug 31, 2018

Commits on Aug 23, 2018

  1. Fix CVE-2018-1000544 absolute path traversal 

    Small refactor along the way to centralize destination handling when no explicit path is given and a potential malicious one from the zipfile is used
    @bdewater
    bdewater committed Aug 23, 2018
    Copy the full SHA
    6e0d231 View commit details
    Browse the repository at this point in the history

  2. Fix CVE-2018-1000544 symlink path traversal 

    Not sure if the exception is the right way to go
    @bdewater
    bdewater committed Aug 23, 2018
    Copy the full SHA
    8e78311 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2018

  1. Move jruby to allow failures matrix till crc uint 32 issues are resolved

    @vipulnsward @bdewater
    vipulnsward authored and bdewater committed Aug 26, 2018
    Copy the full SHA
    cf71583 View commit details
    Browse the repository at this point in the history

  2. Trigger CI again

    @bdewater
    bdewater committed Aug 26, 2018
    Copy the full SHA
    0586329 View commit details
    Browse the repository at this point in the history