Class: SafeYAML::LibyamlChecker
- Inherits:
-
Object
- Object
- SafeYAML::LibyamlChecker
- Defined in:
- lib/safe_yaml/libyaml_checker.rb
Constant Summary collapse
- LIBYAML_VERSION =
Psych::LIBYAML_VERSION rescue nil
- SAFE_LIBYAML_VERSION =
Do proper version comparison (e.g. so 0.1.10 is >= 0.1.6)
Gem::Version.new("0.1.6")
- KNOWN_PATCHED_LIBYAML_VERSIONS =
Set.new([ # http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-2525.html "0.1.4-2ubuntu0.12.04.3", "0.1.4-2ubuntu0.12.10.3", "0.1.4-2ubuntu0.13.10.3", "0.1.4-3ubuntu3", # https://security-tracker.debian.org/tracker/CVE-2014-2525 "0.1.3-1+deb6u4", "0.1.4-2+deb7u4", "0.1.4-3.2" ]).freeze
Class Method Summary collapse
Class Method Details
.libyaml_patched? ⇒ Boolean
29 30 31 32 33 34 |
# File 'lib/safe_yaml/libyaml_checker.rb', line 29 def self.libyaml_patched? return false if (`which dpkg` rescue '').empty? libyaml_version = `dpkg -s libyaml-0-2`.match(/^Version: (.*)$/) return false if libyaml_version.nil? KNOWN_PATCHED_LIBYAML_VERSIONS.include?(libyaml_version[1]) end |
.libyaml_version_ok? ⇒ Boolean
23 24 25 26 27 |
# File 'lib/safe_yaml/libyaml_checker.rb', line 23 def self.libyaml_version_ok? return true if YAML_ENGINE != "psych" || defined?(JRUBY_VERSION) return true if Gem::Version.new(LIBYAML_VERSION || "0") >= SAFE_LIBYAML_VERSION return libyaml_patched? end |