Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SECURITY] [FIXED] Information disclosure vulnerability, please update! #1070

Closed
dometto opened this issue Sep 20, 2015 · 0 comments

Comments

@dometto
Copy link
Member

commented Sep 20, 2015

A vulnerability has been found which allows attackers to gain read access to arbitrary files on the system. Please update to the gollum 4.0.1 (gem update gollum) ASAP.

The issue has been addressed in ce68a88.

Thanks to the JPCERT team for reporting the issue (JVN#27548431). A CVE has been requested.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.