ruby-on-rails – Rails:Psych,从0.1.4更新libyaml

前端之家收集整理的这篇文章主要介绍了ruby-on-rails – Rails:Psych,从0.1.4更新libyaml前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我需要安装了需要qt库的capybara-webkit,所以我使用以下命令使用homebrew安装它们
brew update
brew install qt
brew linkapps

然后我捆绑了所有与capybara-webkit很好.但是,我的警卫正在抛出以下警告.

You appear to have an outdated version of libyaml (0.1.4) installed on your system.

  Prior to 0.1.6,libyaml is vulnerable to a heap overflow exploit from malicIoUs YAML payloads.


  The easiest thing to do right now is probably to update Psych to the latest version and enable
  the 'bundled-libyaml' option,which will install a vendored libyaml with the vulnerability patched:

  gem install psych -- --enable-bundled-libyaml

看似简单.然而,即使在使用’bundled-libyaml’选项进行成功的心理安装之后,我仍然看到关于过时的libyaml的警告.此外,当我检查与psyche相关的libyaml版本(ruby -rpsych -e’p Psych.libyaml_version’)时,它仍然是1.4.

有任何想法吗?

解决方法

尝试:
brew upgrade libyaml

适合我.

猜你在找的Ruby相关文章