-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: update Rails and REXML to patch security vulnerabilities
- Update Rails from 7.1.3 to 7.1.4.2 to fix: - CVE-2024-47889 in Action Mailer (ReDoS in block_format) - CVE-2024-41128 in Action Dispatch (ReDoS in query parameter filtering) - CVE-2024-47887 in Action Controller (ReDoS in HTTP Token authentication) - CVE-2024-47888 in Action Text (ReDoS in plain_text_for_blockquote_node) - Update REXML from 3.3.8 to 3.3.9 to fix: - CVE-2024-49761 (High severity ReDoS vulnerability) Dependencies updated via bundle update
- Loading branch information
1 parent
26bfe80
commit 238b160
Showing
2 changed files
with
74 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters