From 804a889de58e44a3a0fa5d8956864cd4deb3c770 Mon Sep 17 00:00:00 2001
From: Shia <rise.shia@gmail.com>
Date: Sat, 23 Mar 2019 13:40:11 +0900
Subject: [PATCH 1/4] cp
 {en,ko}/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md

---
 ...05-multiple-vulnerabilities-in-rubygems.md | 57 +++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md

diff --git a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
new file mode 100644
index 0000000000..8378d66196
--- /dev/null
+++ b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
@@ -0,0 +1,57 @@
+---
+layout: news_post
+title: "Multiple vulnerabilities in RubyGems"
+author: "hsbt"
+translator:
+date: 2019-03-05 00:00:00 +0000
+tags: security
+lang: en
+---
+
+There are multiple vulnerabilities in RubyGems bundled with Ruby.
+It is [reported at the official blog of RubyGems](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html).
+
+## Details
+
+The following vulnerabilities have been reported.
+
+* CVE-2019-8320: Delete directory using symlink when decompressing tar
+* CVE-2019-8321: Escape sequence injection vulnerability in `verbose`
+* CVE-2019-8322: Escape sequence injection vulnerability in `gem owner`
+* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
+* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
+* CVE-2019-8325: Escape sequence injection vulnerability in errors
+
+It is strongly recommended for Ruby users to take one of the following workarounds as soon as possible.
+
+## Affected Versions
+
+* Ruby 2.4 series: 2.4.5 and earlier
+* Ruby 2.5 series: 2.5.3 and earlier
+* Ruby 2.6 series: 2.6.1 and earlier
+* prior to trunk revision 67168
+
+## Workarounds
+
+RubyGems 2.7.6.2/2.7.9/3.0.3 or later includes the fix for the vulnerabilities, so upgrade RubyGems to the latest version.
+
+```
+gem update --system
+```
+
+If you can't upgrade RubyGems, you can apply the following patches as a workaround.
+
+* [for Ruby 2.4.5](https://bugs.ruby-lang.org/attachments/7669)
+* [for Ruby 2.5.3](https://bugs.ruby-lang.org/attachments/7670)
+* [for Ruby 2.6.1](https://bugs.ruby-lang.org/attachments/7671)
+
+About the trunk, update to the latest revision.
+
+## Credits
+
+This report is based on [the official blog of RubyGems](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html).
+
+## History
+
+* Originally published at 2019-03-05 00:00:00 UTC
+* Link to updated patches at 2019-03-06 05:26:27 UTC

From 11c433ae73351191c8865f2eb83baa002beaf481 Mon Sep 17 00:00:00 2001
From: Shia <rise.shia@gmail.com>
Date: Sat, 23 Mar 2019 14:02:52 +0900
Subject: [PATCH 2/4] Translate
 2019-03-05-multiple-vulnerabilities-in-rubygems.md

---
 ...05-multiple-vulnerabilities-in-rubygems.md | 62 +++++++++----------
 1 file changed, 31 insertions(+), 31 deletions(-)

diff --git a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
index 8378d66196..2051c391c5 100644
--- a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
+++ b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
@@ -1,57 +1,57 @@
 ---
 layout: news_post
-title: "Multiple vulnerabilities in RubyGems"
+title: "RubyGems의 취약점 다수 발견"
 author: "hsbt"
-translator:
+translator: "shia"
 date: 2019-03-05 00:00:00 +0000
 tags: security
-lang: en
+lang: ko
 ---
 
-There are multiple vulnerabilities in RubyGems bundled with Ruby.
-It is [reported at the official blog of RubyGems](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html).
+루비에 포함되어 있는 라이브러리인 RubyGems의 취약점이 다수 발견되었습니다.
+[RubyGems 공식 블로그](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html)에 보고되었습니다.
 
-## Details
+## 세부 내용
 
-The following vulnerabilities have been reported.
+아래와 같은 취약점이 보고되었습니다.
 
-* CVE-2019-8320: Delete directory using symlink when decompressing tar
-* CVE-2019-8321: Escape sequence injection vulnerability in `verbose`
-* CVE-2019-8322: Escape sequence injection vulnerability in `gem owner`
-* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
-* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
-* CVE-2019-8325: Escape sequence injection vulnerability in errors
+* CVE-2019-8320: tar 압축 풀기 중 심볼릭 링크를 이용한 폴더 삭제
+* CVE-2019-8321: `verbose`에서의 이스케이프 시퀀스 주입 취약점
+* CVE-2019-8322: `gem owner`에서의 이스케이프 시퀀스 주입 취약점
+* CVE-2019-8323: API 응답 처리 중의 이스케이프 시퀀스 주입 취약점
+* CVE-2019-8324: 임의의 코드 실행을 유도할 수 있는 악의있는 젬 설치
+* CVE-2019-8325: 에러 중 이스케이프 시퀀스 주입 취약점
 
-It is strongly recommended for Ruby users to take one of the following workarounds as soon as possible.
+루비 사용자는 가능한 빨리 업그레이드하거나 아래 해결 방법으로 조치하기 바랍니다.
 
-## Affected Versions
+## 해당 버전
 
-* Ruby 2.4 series: 2.4.5 and earlier
-* Ruby 2.5 series: 2.5.3 and earlier
-* Ruby 2.6 series: 2.6.1 and earlier
-* prior to trunk revision 67168
+* 루비 2.4 버전대: 2.4.5 이하
+* 루비 2.5 버전대: 2.5.3 이하
+* 루비 2.6 버전대: 2.6.1 이하
+* 리비전 67168 이전의 트렁크
 
-## Workarounds
+## 해결 방법
 
-RubyGems 2.7.6.2/2.7.9/3.0.3 or later includes the fix for the vulnerabilities, so upgrade RubyGems to the latest version.
+RubyGems 2.7.6.2/2.7.9/3.0.3 이나 그 이후의 버전은 취약점에 대한 패치를 포함하고 있으므로, RubyGems를 최신 버전으로 업그레이드해 주세요.
 
 ```
 gem update --system
 ```
 
-If you can't upgrade RubyGems, you can apply the following patches as a workaround.
+RubyGems를 업그레이드를 할 수 없다면, 차선책으로 다음 패치를 적용할 수 있습니다.
 
-* [for Ruby 2.4.5](https://bugs.ruby-lang.org/attachments/7669)
-* [for Ruby 2.5.3](https://bugs.ruby-lang.org/attachments/7670)
-* [for Ruby 2.6.1](https://bugs.ruby-lang.org/attachments/7671)
+* [루비 2.4.5](https://bugs.ruby-lang.org/attachments/7669)
+* [루비 2.5.3](https://bugs.ruby-lang.org/attachments/7670)
+* [루비 2.6.1](https://bugs.ruby-lang.org/attachments/7671)
 
-About the trunk, update to the latest revision.
+개발버전에 대하여는, 최신 리비전으로 업데이트합니다.
 
-## Credits
+## 도움을 준 글
 
-This report is based on [the official blog of RubyGems](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html).
+이 보고서는 [RubyGems 공식 블로그](http://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html)를 바탕으로 하여 작성하였습니다.
 
-## History
+## 수정 이력
 
-* Originally published at 2019-03-05 00:00:00 UTC
-* Link to updated patches at 2019-03-06 05:26:27 UTC
+* 2019-03-05 00:00:00 UTC 최초 공개
+* 2019-03-06 05:26:27 UTC 패치에 대한 링크 추가

From e9006cbde725cd866a65b5861e84417fbdf05f80 Mon Sep 17 00:00:00 2001
From: Chayoung You <yousbe@gmail.com>
Date: Sat, 23 Mar 2019 17:23:49 +0900
Subject: [PATCH 3/4] Apply suggestions from code review

Co-Authored-By: riseshia <rise.shia@gmail.com>
---
 .../2019-03-05-multiple-vulnerabilities-in-rubygems.md      | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
index 2051c391c5..54a302422d 100644
--- a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
+++ b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
@@ -19,7 +19,7 @@ lang: ko
 * CVE-2019-8321: `verbose`에서의 이스케이프 시퀀스 주입 취약점
 * CVE-2019-8322: `gem owner`에서의 이스케이프 시퀀스 주입 취약점
 * CVE-2019-8323: API 응답 처리 중의 이스케이프 시퀀스 주입 취약점
-* CVE-2019-8324: 임의의 코드 실행을 유도할 수 있는 악의있는 젬 설치
+* CVE-2019-8324: 임의의 코드 실행을 유도할 수 있는 악의적인 젬 설치
 * CVE-2019-8325: 에러 중 이스케이프 시퀀스 주입 취약점
 
 루비 사용자는 가능한 빨리 업그레이드하거나 아래 해결 방법으로 조치하기 바랍니다.
@@ -33,7 +33,7 @@ lang: ko
 
 ## 해결 방법
 
-RubyGems 2.7.6.2/2.7.9/3.0.3 이나 그 이후의 버전은 취약점에 대한 패치를 포함하고 있으므로, RubyGems를 최신 버전으로 업그레이드해 주세요.
+RubyGems 2.7.6.2/2.7.9/3.0.3이나 그 이후의 버전은 취약점에 대한 패치를 포함하고 있으므로, RubyGems를 최신 버전으로 업그레이드해 주세요.
 
 ```
 gem update --system
@@ -45,7 +45,7 @@ RubyGems를 업그레이드를 할 수 없다면, 차선책으로 다음 패치
 * [루비 2.5.3](https://bugs.ruby-lang.org/attachments/7670)
 * [루비 2.6.1](https://bugs.ruby-lang.org/attachments/7671)
 
-개발버전에 대하여는, 최신 리비전으로 업데이트합니다.
+개발 버전에 대하여는, 최신 리비전으로 업데이트합니다.
 
 ## 도움을 준 글
 

From 889cb3f266175ea2252778b9243960af2d01ab48 Mon Sep 17 00:00:00 2001
From: Shia <rise.shia@gmail.com>
Date: Sat, 23 Mar 2019 17:24:19 +0900
Subject: [PATCH 4/4] Omit some text.

---
 .../_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
index 54a302422d..e61522a496 100644
--- a/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
+++ b/ko/news/_posts/2019-03-05-multiple-vulnerabilities-in-rubygems.md
@@ -22,7 +22,7 @@ lang: ko
 * CVE-2019-8324: 임의의 코드 실행을 유도할 수 있는 악의적인 젬 설치
 * CVE-2019-8325: 에러 중 이스케이프 시퀀스 주입 취약점
 
-루비 사용자는 가능한 빨리 업그레이드하거나 아래 해결 방법으로 조치하기 바랍니다.
+루비 사용자는 가능한 빨리 아래 해결 방법으로 조치하기 바랍니다.
 
 ## 해당 버전