[PA-2279] Update ruby/openssl to pick up fix for CVE-2018-16395 - Puppet Jira Server

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: puppet-agent 5.5.10, puppet-agent 6.0.5, puppet-agent 6.1.0
Component/s: Security
Labels:
- security

Epic Link:
2018 Security Fixes
Team:
Platform OS
Sprint:
Platform OS Kanban
Method Found:
Needs Assessment

QA Risk Assessment:
Needs Assessment

Description

We don't believe that we are vulnerable (see RE-11651), but we should pick up the fix for CVE-2018-16395. This does not trigger a security release, we should schedule this for the next set of scheduled releases.

Attachments

Issue Links

relates to

PUP-9313 String#to_yaml behaves differently with ruby 2.4.5-1 and 2.5.3-1 on Windows

Closed

Activity

People

Assignee:: Casey Williams

Reporter:: Rob Braden

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018/10/18 9:32 AM

Updated:: 2019/01/17 6:18 PM

Resolved:: 2019/01/15 12:44 PM