Skip to content

v1.8.8

Compare
Choose a tag to compare
@sheerun sheerun released this 23 Jan 21:32
· 80 commits to master since this release

Fix security issue connected to extracting .tar.gz archives

This bug allows to write arbitrary file on filesystem when Bower extracts malicious package

Needlessly to say, please upgrade