From a7a814c918e61e442ddecc18743e7178aade84bb Mon Sep 17 00:00:00 2001 From: aycabta Date: Wed, 28 Aug 2019 20:24:55 +0900 Subject: [PATCH 1/3] Fix RDoc version and add a caution message --- ...multiple-jquery-vulnerabilities-in-rdoc.md | 20 +------------------ ...multiple-jquery-vulnerabilities-in-rdoc.md | 20 +------------------ 2 files changed, 2 insertions(+), 38 deletions(-) diff --git a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md index 3afe9f3f6b..142b256c1c 100644 --- a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md +++ b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md @@ -40,25 +40,7 @@ RDoc 6.1.2 or later includes the fix for the vulnerabilities, so upgrade RDoc to gem install rdoc -f ``` -At this time, the following message will be displayed. Every time you get `Overwrite the executable? [YN]`, enter `y` and confirm with Enter to continue the update. - -``` -Updating installed gems -Updating rdoc -Fetching: rdoc-6.1.1.gem (100%) -rdoc's executable "rdoc" conflicts with /home/aycabta/.rbenv/versions/2.5.3/bin/rdoc -Overwrite the executable? [yN] y -rdoc's executable "ri" conflicts with /home/aycabta/.rbenv/versions/2.5.3/bin/ri -Overwrite the executable? [yN] y -Successfully installed rdoc-6.1.1 -Parsing documentation for rdoc-6.1.1 -Installing ri documentation for rdoc-6.1.1 -Installing darkfish documentation for rdoc-6.1.1 -Done installing documentation for rdoc after 6 seconds -Parsing documentation for rdoc-6.1.1 -Done installing documentation for rdoc after 3 seconds -Gems updated: rdoc -``` +CAUTION: The initial version of this post said rdoc-6.1.1.gem which was still vulnerable. Please make sure that you install rdoc-6.1.2 or later. Regarding the development version (master branch), update to HEAD. diff --git a/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md b/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md index e72adedbe2..5695f77616 100644 --- a/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md +++ b/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md @@ -40,25 +40,7 @@ Ruby の標準添付ライブラリである RDoc に、jQuery に関するク gem install rdoc -f ``` -その際に以下のようなメッセージが出るので、 `Overwrite the executable? [yN]` と出る度に随時 `y` を入力し Enter で確定することで更新を続行してください。 - -``` -Updating installed gems -Updating rdoc -Fetching: rdoc-6.1.1.gem (100%) -rdoc's executable "rdoc" conflicts with /home/aycabta/.rbenv/versions/2.5.3/bin/rdoc -Overwrite the executable? [yN] y -rdoc's executable "ri" conflicts with /home/aycabta/.rbenv/versions/2.5.3/bin/ri -Overwrite the executable? [yN] y -Successfully installed rdoc-6.1.1 -Parsing documentation for rdoc-6.1.1 -Installing ri documentation for rdoc-6.1.1 -Installing darkfish documentation for rdoc-6.1.1 -Done installing documentation for rdoc after 6 seconds -Parsing documentation for rdoc-6.1.1 -Done installing documentation for rdoc after 3 seconds -Gems updated: rdoc -``` +注意: 当初この記事で rdoc-6.1.1.gem と書いていましたが、これは脆弱なバージョンでした。rdoc-6.1.2 以降を使用してください。 開発版については、HEAD に更新してください。 From b447fb37fad8b389f2818a08e172ac206cbb6d4a Mon Sep 17 00:00:00 2001 From: aycabta Date: Wed, 28 Aug 2019 20:47:08 +0900 Subject: [PATCH 2/3] Use "Update" instead of "CAUTION" --- .../2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md index 142b256c1c..566be433bf 100644 --- a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md +++ b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md @@ -40,7 +40,7 @@ RDoc 6.1.2 or later includes the fix for the vulnerabilities, so upgrade RDoc to gem install rdoc -f ``` -CAUTION: The initial version of this post said rdoc-6.1.1.gem which was still vulnerable. Please make sure that you install rdoc-6.1.2 or later. +*Update:* The initial version of this post said rdoc-6.1.1.gem which was still vulnerable. Please make sure that you install rdoc-6.1.2 or later. Regarding the development version (master branch), update to HEAD. From 71eb789bf0fca19c7569022aa6c3cec9b6643697 Mon Sep 17 00:00:00 2001 From: aycabta Date: Wed, 28 Aug 2019 20:49:24 +0900 Subject: [PATCH 3/3] Add a history --- .../_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md | 1 + .../_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md | 1 + 2 files changed, 2 insertions(+) diff --git a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md index 566be433bf..46e2c129fb 100644 --- a/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md +++ b/en/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md @@ -55,3 +55,4 @@ Thanks to [Chris Seaton](https://hackerone.com/chrisseaton) for reporting the is ## History * Originally published at 2019-08-28 09:00:00 UTC +* RDoc version fixed at 2019-08-28 11:50:00 UTC diff --git a/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md b/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md index 5695f77616..9646c1b7e0 100644 --- a/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md +++ b/ja/news/_posts/2019-08-28-multiple-jquery-vulnerabilities-in-rdoc.md @@ -55,3 +55,4 @@ gem install rdoc -f ## 更新履歴 * 2019-08-28 09:00:00 (JST) 初版 +* 2019-08-28 20:50:00 (JST) RDoc のバージョン修正