Bower v1.8.8 Release Notes
Release Date: 2019-01-23 // over 5 years ago-
🛠 Fix security issue connected to extracting .tar.gz archives
📦 This bug allows to write arbitrary file on filesystem when Bower extracts malicious package
⬆️ Needlessly to say, please upgrade
Previous changes from v1.8.7
-
🛠 Fixes side effect of fix from v1.8.6 that caused improper permissions for extracted folders