rbenv/rbenv

mislav Disallow path segments and directory traversal in `.ruby-version` files

A malicious `.ruby-version` file in the current directory could inject
`../../../` into the version string and trigger execution of binaries
outside of `RBENV_ROOT/versions/`.

Fixes #977 OVE-20170303-0004

Latest commit 370c26a

Apr 3, 2019

Name	Latest commit message	Commit time
..
Failed to load latest commit information.
libexec
--version.bats	Improve `git --version` git revision lookup	Dec 24, 2015
commands.bats
completions.bats	add --help to subcommand completions	Nov 19, 2015
exec.bats	Use create_hook helper	Jan 4, 2016
global.bats
help.bats	add tests for `help` and `rbenv --version`	Apr 8, 2013
hooks.bats	Use create_hook helper	Jan 4, 2016
init.bats	Revert quoting change in previous commit; adjust test to match code	May 16, 2017
local.bats	Remove support for legacy version file	Dec 29, 2015
prefix.bats	rbenv-prefix: do not silence rbenv-which for system version	Aug 6, 2018
rbenv.bats	Extract common create_hook helper	Jan 4, 2016
rehash.bats
run	Create `configure` script to generate a cross-platform Makefile	Oct 13, 2014
shell.bats	Add tests for shell integration	Dec 7, 2017
shims.bats
test_helper.bash	Keep original ordering of PATH configuration	Aug 2, 2016
version-file-read.bats	Disallow path segments and directory traversal in `.ruby-version` files	Apr 3, 2019
version-file-write.bats	add tests for version commands	Apr 8, 2013
version-file.bats	Fix #1065	Feb 26, 2018
version-name.bats	Test IFS handling in version-name/version-origin hooks	Jan 4, 2016
version-origin.bats	Fix #1065	Feb 26, 2018
version.bats	Move carriage return test to version-file-read	Mar 21, 2014
versions.bats	Add `rbenv versions --skip-aliases` option	Oct 27, 2015
whence.bats	undo `assert_output_lines` in tests	Apr 8, 2013
which.bats	test/which.bats: do not export PATH	Nov 20, 2017