Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
jruby affected by libyaml CVE-2014-2525? #1612
I was curious if a jruby installation (via rvm) is also affected. I've read here that jruby is using an own implementation of libyaml and thus should not have the same bugs.
jruby does not use libyaml though with
jruby -r yaml -e 'puts Psych::LIBYAML_VERSION'
you will see 0.1.4 which is just hard coded value in the jruby java