- Specification#load no longer untaints frozen strings (via )

Prepped for release
rue · Jan 1, 2011 · e8ab782 · e8ab782
1 parent 4747ccc
commit e8ab782
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 3 deletions.
diff --git a/History.txt b/History.txt
@@ -1,4 +1,14 @@
-=== 1.4.0 / 2010-12-31
+=== 1.4.1 / 2010-12-31
+
+Since apparently nobody reads my emails, blog posts or the README:
+
+DO NOT UPDATE RUBYGEMS ON RUBY 1.9! See UPGRADING.rdoc for details.
+
+Bug fix:
+
+* Specification#load was untainting a frozen string (via `gem build *.spec`)
+
+=== 1.4.0 / 2010-12-30
 
 NOTE: In order to better maintain rubygems and to get it in sync with
 the world (eg, 1.9's 1.3.7 is different from our 1.3.7), rubygems is

diff --git a/lib/rubygems.rb b/lib/rubygems.rb
@@ -100,7 +100,7 @@
 # -The RubyGems Team
 
 module Gem
-  RubyGemsVersion = VERSION = '1.4.0'
+  RubyGemsVersion = VERSION = '1.4.1'
 
   ##
   # Raised when RubyGems is unable to load or activate a gem.  Contains the

diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb
@@ -503,7 +503,7 @@ def self.from_yaml(input)
   def self.load file
     return unless file && File.file?(file)
 
-    file = file.untaint
+    file = file.dup.untaint
 
     code = if defined? Encoding
              File.read file, :encoding => "UTF-8"