Uploaded image for project: 'Puppet Agent'
  1. Puppet Agent
  2. PA-1959

Bump to latest Ruby on all streams, for all branches

    XMLWordPrintable

Details

    • Security Fix
    • Hide
      [For agent 1.10.11]: This release includes fixes for the following security vulnerabilities in Ruby:
      * CVE-2017-17742
      * CVE-2018-6914
      * CVE-2018-8777
      * CVE-2018-8778
      * CVE-2018-8779
      * CVE-2018-8780
      Show
      [For agent 1.10.11]: This release includes fixes for the following security vulnerabilities in Ruby: * CVE-2017-17742 * CVE-2018-6914 * CVE-2018-8777 * CVE-2018-8778 * CVE-2018-8779 * CVE-2018-8780
    • Needs Assessment

    Description

      The following Ruby versions have fixes for several security vulnerabilities. We should bump to these versions asap.

      • Ruby 2.5.1
      • Ruby 2.4.4
      • Ruby 2.3.7
      • Ruby 2.2.10

      NOTE: Any other versions of Ruby that we ship will need the patches backported, since they aren't receiving patches upstream.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. PA-1889 Apply fixes for February rubygems vulnerability

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Task - A task that needs to be done. PDK-901 Bump to latest Ruby on all streams, for all branches

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              scott.garman Scott Garman
              molly.waggett Molly Waggett
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support