Uploaded image for project: 'Puppet Development Kit'
  1. Puppet Development Kit
  2. PDK-499

Update ruby to address vulnerabilities fixed in v2.4.2

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • PDK 1.2.1
    • None
    • Security Fix
    • Patched PDK's bundled Ruby 2.1.9 with security fixes from Ruby 2.4.2.
    • Needs Assessment

    Description

      ruby 2.1.9 will need to have patches applied (see https://tickets.puppetlabs.com/browse/RE-9323).
      Later versions of ruby should be updated to latest in their series.
      For versions later than 2.1, updating will also address the rubygems vuln (PDK-456). For 2.1 you'll also need to include that patch.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. PDK-576 pdk's 2.1 ruby and gemset doesn't match the puppet-agent's

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Task - A task that needs to be done. PA-1547 Update ruby to address vulnerabilities fixed in v2.4.2

          • Major - Major loss of function.
          • Closed

          Activity

            People

              david.schmitt David Schmitt
              morgan Morgan Rhodes
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support