Uploaded image for project: 'Puppet Agent'
  1. Puppet Agent
  2. PA-1959

Bump to latest Ruby on all streams, for all branches

    XMLWordPrintable

    Details

    • Template:
    • Team:
      Platform OS
    • Sprint:
      Platform OS Kanban
    • Release Notes:
      Security Fix
    • Release Notes Summary:
      Hide
      [For agent 1.10.11]: This release includes fixes for the following security vulnerabilities in Ruby:
      * CVE-2017-17742
      * CVE-2018-6914
      * CVE-2018-8777
      * CVE-2018-8778
      * CVE-2018-8779
      * CVE-2018-8780
      Show
      [For agent 1.10.11]: This release includes fixes for the following security vulnerabilities in Ruby: * CVE-2017-17742 * CVE-2018-6914 * CVE-2018-8777 * CVE-2018-8778 * CVE-2018-8779 * CVE-2018-8780
    • QA Risk Assessment:
      Needs Assessment

      Description

      The following Ruby versions have fixes for several security vulnerabilities. We should bump to these versions asap.

      • Ruby 2.5.1
      • Ruby 2.4.4
      • Ruby 2.3.7
      • Ruby 2.2.10

      NOTE: Any other versions of Ruby that we ship will need the patches backported, since they aren't receiving patches upstream.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              scott.garman Scott Garman
              Reporter:
              molly.waggett Molly Waggett
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support