From b5e8e33ddc880c98c30a1abe644c6af2e57b5496 Mon Sep 17 00:00:00 2001
From: charliesome <charliesome@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sat, 27 Apr 2013 14:54:37 +0000
Subject: [PATCH] * lib/yaml.rb: add security warning to YAML documentation

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40500 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog   | 4 ++++
 lib/yaml.rb | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 9e2fda80ed..7ecaa3e96e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sat Apr 27 23:53:00 2013  Charlie Somerville  <charlie@charliesomerville.com>
+
+	* lib/yaml.rb: add security warning to YAML documentation
+
 Sat Apr 27 23:25:00 2013  Zachary Scott  <zachary@zacharyscott.net>
 
 	* lib/yaml.rb: Documentation for YAML module [Bug #8213]
diff --git a/lib/yaml.rb b/lib/yaml.rb
index 76657cdd0b..f2177accbd 100644
--- a/lib/yaml.rb
+++ b/lib/yaml.rb
@@ -73,6 +73,10 @@ end
 #     YAML.dump("foo")     # => "--- foo\n...\n"
 #     { :a => 'b'}.to_yaml  # => "---\n:a: b\n"
 #
+# Do not use YAML to load untrusted data. Doing so is unsafe and could allow
+# malicious input to execute arbitrary code inside your application. Please see
+# doc/security.rdoc for more information.
+#
 # For more advanced details on the implementation see Psych, and also check out
 # yaml.org for spec details and other helpful information.
 module YAML; end