Rails:Psych,从0.1.4更新libyaml

Question

我需要安装了需要qt库的capybara-webkit,所以我使用以下命令使用自制软件安装它们

brew update
brew install qt
brew linkapps

然后我捆绑了所有与capybara-webkit很好.但是,我的警卫正在抛出以下警告.

 You appear to have an outdated version of libyaml (0.1.4) installed on your system.

  Prior to 0.1.6, libyaml is vulnerable to a heap overflow exploit from malicious YAML payloads.


  The easiest thing to do right now is probably to update Psych to the latest version and enable
  the 'bundled-libyaml' option, which will install a vendored libyaml with the vulnerability patched:

  gem install psych -- --enable-bundled-libyaml

看似简单.然而,即使在使用'bundled-libyaml'选项进行成功的心理安装之后,我仍然看到关于过时的libyaml的警告.此外,当我检查与psyche相关的libyaml版本(ruby -rpsych -e'p Psych.libyaml_version')时,它仍然是1.4.

有任何想法吗？

Answer 1

尝试:

brew upgrade libyaml

适合我.