Details
-
Task
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
Puppet Developer Experience
-
Security Fix
-
Patched PDK's bundled Ruby 2.1.9 with security fixes from Ruby 2.4.2.
-
Needs Assessment
Description
ruby 2.1.9 will need to have patches applied (see https://tickets.puppetlabs.com/browse/RE-9323).
Later versions of ruby should be updated to latest in their series.
For versions later than 2.1, updating will also address the rubygems vuln (PDK-456). For 2.1 you'll also need to include that patch.