Skip to content

Commit

Permalink
Preparing v1.2.10.
Browse files Browse the repository at this point in the history
  • Loading branch information
philr committed Jul 19, 2022
1 parent b98c32e commit fd05e2a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
10 changes: 10 additions & 0 deletions CHANGES.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,13 @@
Version 1.2.10 - 18-Jul-2022
----------------------------

* Fixed a relative path traversal bug that could cause arbitrary files to be
loaded with require when used with RubyDataSource. Please refer to
https://github.com/tzinfo/tzinfo/security/advisories/GHSA-5cm2-9h8c-rvfx for
details. CVE-2022-31163.
* Ignore the SECURITY file from Arch Linux's tzdata package. #134.


Version 1.2.9 - 16-Dec-2020
---------------------------

Expand Down
2 changes: 1 addition & 1 deletion tzinfo.gemspec
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
Gem::Specification.new do |s|
s.name = 'tzinfo'
s.version = '1.2.9'
s.version = '1.2.10'
s.summary = 'Daylight savings aware timezone library'
s.description = 'TZInfo provides daylight savings aware transformations between times in different time zones.'
s.author = 'Philip Ross'
Expand Down

0 comments on commit fd05e2a

Please sign in to comment.