Allows rubyzip >= 1.3.0 and fixes tests. Fixes #98 #99

vtamara · 2019-09-26T13:58:13Z

No description provided.

vtamara · 2019-09-30T13:27:54Z

Fixes #98

jaredbeck · 2019-09-30T18:30:04Z

Should this PR set Zip.validate_entry_sizes = true (per instructions) or should that be the responsibility of our applications?

vtamara · 2019-09-30T19:56:56Z

In my projects I'm using rubyzip 2.0.0 where Zip.validate_entry_sizes is true by default.

I guess for 1.3.x it would be a good idea. In what file of odf-report would you put Zip.validate_entry_sizes = true ?

jaredbeck · 2019-09-30T20:00:20Z

In my projects I'm using rubyzip 2.0.0 where Zip.validate_entry_sizes is true by default.

Thanks Vladimir, I am using rubyzip 2.0.0 now (I am using your fork).

jaredbeck · 2019-10-10T15:04:26Z

@sandrods Please review, this PR fixes a known security vulnerability (CVE-2019-16892)

sandrods · 2019-10-10T19:23:32Z

sorry it took me so long.
PR Merged.
GEM Pushed.

Thanks!

jaredbeck · 2019-10-10T19:50:52Z

Thanks Sandro! Thanks Vladimir!

vtamara · 2019-10-11T00:20:31Z

Thanks .
Welcome.

Allows rubyzip >= 1.3.0 and fixes tests

d656a1d

vtamara changed the title ~~Allows rubyzip >= 1.3.0 and fixes tests~~ Allows rubyzip >= 1.3.0 and fixes tests. Fixes #98 Sep 30, 2019

sandrods merged commit e1bfd46 into sandrods:master Oct 10, 2019

vtamara deleted the rubyzip-1.3 branch October 11, 2019 00:19

Provide feedback