Satisfy Hakiri

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |.
ManageIQ · Jan 27, 2022 · de972c6 · de972c6
1 parent 695b0c8
commit de972c6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Gemfile b/Gemfile
@@ -1,5 +1,5 @@
 source 'https://rubygems.org'
 
 gem "awesome_spawn", ">=1.5"
-gem "rake"
+gem "rake",          ">=12.3.3"
 gem "rspec",         "~>3.6"