Uploaded image for project: 'Puppet Agent'
  1. Puppet Agent
  2. PA-2944

Bump Ruby to 2.5.7

    XMLWordPrintable

    Details

    • Template:
    • Team:
      Night's Watch
    • Story Points:
      2
    • Sprint:
      NW - 2019-10-16
    • QA Risk Assessment:
      Needs Assessment

      Description

      Bump Ruby to address the following CVEs:
      This release includes security fixes. Please check the topics below for details.

      CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
      CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
      CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
      CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication

        Attachments

          Activity

            People

            Assignee:
            gabriel.nagy Gabriel Nagy
            Reporter:
            mihai.buzgau Mihai Buzgau
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support