[LRUG] strong_password v0.0.7 rubygem hijacked

lola odelola damzcodes at gmail.com
Tue Jul 9 07:17:08 PDT 2019


Thanks for this Paul!

On Mon, 8 Jul 2019, 13:01 Paul Makepeace, <paulm at paulm.com> wrote:

> TL;DR: make sure you're not using strong_password 0.0.7
>
> This is a great story and debug. Yay for developers checking changes
> in upgraded gems!
>
> https://withatwist.dev/strong-password-rubygem-hijacked.html
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20190709/8b46ee10/attachment.html>


More information about the Chat mailing list