From 1b034d66f529d662b0ae61cba1fb8622dac3169c Mon Sep 17 00:00:00 2001 From: Chad Wilson Date: Sun, 4 Sep 2022 00:18:15 +0800 Subject: [PATCH] [ruby/psych] Bump snakeyaml from 1.28 to 1.31 Resolves CVE-2022-25857, among other fixes. https://github.com/ruby/psych/commit/918cd25d37 --- ext/psych/lib/psych/versions.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/psych/lib/psych/versions.rb b/ext/psych/lib/psych/versions.rb index 0fdead154c..f39d30ce5a 100644 --- a/ext/psych/lib/psych/versions.rb +++ b/ext/psych/lib/psych/versions.rb @@ -5,6 +5,6 @@ module Psych VERSION = '5.0.0.dev' if RUBY_ENGINE == 'jruby' - DEFAULT_SNAKEYAML_VERSION = '1.28'.freeze + DEFAULT_SNAKEYAML_VERSION = '1.31'.freeze end end