drbrain
commented
8 years ago Did you find the latest tag doesn't match the .gem file?
Open reedhein opened 8 years ago
drbrain
commented
8 years ago Did you find the latest tag doesn't match the .gem file?
reedhein
commented
8 years ago I haven't checked it out. I heard it on ruby5 and remembered the issue with the matching the gem name (blank-dash-blank). The last file update falls within the timeframe of the article. Because of the reasons outlined, I put it up as an issue. I cannot say whether or not it's a problem. I will follow up tonight or tomorrow.
http://blog.rubygems.org/2016/04/06/gem-replacement-vulnerability-and-mitigation.html