Skip to content

@sheerun sheerun released this Jan 23, 2019 · 68 commits to master since this release

Fix security issue connected to extracting .tar.gz archives

This bug allows to write arbitrary file on filesystem when Bower extracts malicious package

Needlessly to say, please upgrade

Assets 2