vagrant/0014-Bump-rubyzip-version-to-fix-CVE-2019-16892.patch

26 lines
829 B
Diff

From e8c23f99c5097199b7d955268e1c97314d25480b Mon Sep 17 00:00:00 2001
From: Stefan Sundin <git@stefansundin.com>
Date: Wed, 6 Nov 2019 20:37:56 -0800
Subject: [PATCH 14/16] Bump rubyzip version to fix CVE-2019-16892.
---
vagrant.gemspec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vagrant.gemspec b/vagrant.gemspec
index 04561f9c9..58b4cb7ad 100644
--- a/vagrant.gemspec
+++ b/vagrant.gemspec
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
s.add_dependency "net-scp", "~> 1.2.0"
s.add_dependency "rb-kqueue", "~> 0.2.0"
s.add_dependency "rest-client", ">= 1.6.0", "< 3.0"
- s.add_dependency "rubyzip", "~> 1.2.2"
+ s.add_dependency "rubyzip", "~> 1.3"
s.add_dependency "winrm", "~> 2.1"
s.add_dependency "winrm-fs", "~> 1.0"
s.add_dependency "winrm-elevated", "~> 1.1"
--
2.24.0