0
'번들 설치'명령을 실행하면 이전 버전의 libyaml이 사용 된 것으로 보입니다 (아래 참조). rails_admin은 엔진이기 때문에 지침에 따라 작동하지 않습니다 (추측). 어떤 아이디어가이 문제를 해결할 수 있을까요?rails_admin을 설치하면 SafeYAML 경고가 발생합니다.
SafeYAML Warning
----------------
You appear to have an outdated version of libyaml (0.1.5) installed on your system.
Prior to 0.1.6, libyaml is vulnerable to a heap overflow exploit from malicious YAML payloads.
For more info, see:
https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/
The easiest thing to do right now is probably to update Psych to the latest version and enable
the 'bundled-libyaml' option, which will install a vendored libyaml with the vulnerability patched:
gem install psych -- --enable-bundled-libyaml