Vulnerability in gollum wiki, please update to v4.0.1

17 views

Skip to first unread message

Dawa Ometto

unread,

Sep 21, 2015, 9:07:36 AM9/21/15

to rubysec-announce

Hi,

A vulnerability has been found in the gollum wiki, which allows
attackers to gain read access to arbitrary files on the system. Please
update to the gollum 4.0.1 (`gem update gollum`) ASAP. More details will
be posted after a CVE has been assigned.

For more information see https://github.com/gollum/gollum/issues/1070

Thanks in advance,

Dawa Ometto

Reply all

Reply to author

Forward

0 new messages