diff options
author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-06 09:01:48 +0000 |
---|---|---|
committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-03-06 09:01:48 +0000 |
commit | e0005fdc2734871c4acd7dcf269e1566388794c4 (patch) | |
tree | 8ad55fb2e000a2a66be1671e632f170db12c1e2b /test/rubygems/test_gem_requirement.rb | |
parent | f5452efcf863e4c15577e53c52e6e8726e70f5c4 (diff) |
Backport RubyGems 3.0.3: [Backport #15637]
* Fixed following vulnerabilities:
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
* see also https://blog.rubygems.org/2019/03/05/3.0.3-released.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/rubygems/test_gem_requirement.rb')
-rw-r--r-- | test/rubygems/test_gem_requirement.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_requirement.rb b/test/rubygems/test_gem_requirement.rb index 1564ffb0ed..7a59243b6a 100644 --- a/test/rubygems/test_gem_requirement.rb +++ b/test/rubygems/test_gem_requirement.rb @@ -20,6 +20,12 @@ class TestGemRequirement < Gem::TestCase refute_requirement_equal "= 1.2", "= 1.3" refute_requirement_equal "= 1.3", "= 1.2" + refute_requirement_equal "~> 1.3", "~> 1.3.0" + refute_requirement_equal "~> 1.3.0", "~> 1.3" + + assert_requirement_equal ["> 2", "~> 1.3"], ["> 2.0", "~> 1.3"] + assert_requirement_equal ["> 2.0", "~> 1.3"], ["> 2", "~> 1.3"] + refute_equal Object.new, req("= 1.2") refute_equal req("= 1.2"), Object.new end |