summaryrefslogtreecommitdiff
path: root/test/rubygems/test_gem_package_tar_writer.rb
diff options
context:
space:
mode:
authornaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2019-03-06 09:01:48 +0000
committernaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2019-03-06 09:01:48 +0000
commite0005fdc2734871c4acd7dcf269e1566388794c4 (patch)
tree8ad55fb2e000a2a66be1671e632f170db12c1e2b /test/rubygems/test_gem_package_tar_writer.rb
parentf5452efcf863e4c15577e53c52e6e8726e70f5c4 (diff)
Backport RubyGems 3.0.3: [Backport #15637]
* Fixed following vulnerabilities: * CVE-2019-8320: Delete directory using symlink when decompressing tar * CVE-2019-8321: Escape sequence injection vulnerability in verbose * CVE-2019-8322: Escape sequence injection vulnerability in gem owner * CVE-2019-8323: Escape sequence injection vulnerability in API response handling * CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution * CVE-2019-8325: Escape sequence injection vulnerability in errors * see also https://blog.rubygems.org/2019/03/05/3.0.3-released.html git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/rubygems/test_gem_package_tar_writer.rb')
-rw-r--r--test/rubygems/test_gem_package_tar_writer.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_package_tar_writer.rb b/test/rubygems/test_gem_package_tar_writer.rb
index 408db07de7..517320c011 100644
--- a/test/rubygems/test_gem_package_tar_writer.rb
+++ b/test/rubygems/test_gem_package_tar_writer.rb
@@ -11,9 +11,12 @@ class TestGemPackageTarWriter < Gem::Package::TarTestCase
@data = 'abcde12345'
@io = TempIO.new
@tar_writer = Gem::Package::TarWriter.new @io
+ @epoch = ENV["SOURCE_DATE_EPOCH"]
+ ENV["SOURCE_DATE_EPOCH"] = nil
end
def teardown
+ ENV["SOURCE_DATE_EPOCH"] = @epoch
@tar_writer.close unless @tar_writer.closed?
@io.close!
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 17:50:56 +0000