[openSUSE/open-build-service] 65292f: Fix Action Pack vulnerability
![](https://seccdn.libravatar.org/avatar/9181eb84f9c35729a3bad740fb7f9d93.jpg?s=120&d=mm&r=g)
Branch: refs/heads/2.10 Home: https://github.com/openSUSE/open-build-service Commit: 65292f48a504918aac61d35934e35c8b3d5c5bb1 https://github.com/openSUSE/open-build-service/commit/65292f48a504918aac61d3... Author: Eduardo Navarro <enavarro@suse.com> Date: 2022-02-14 (Mon, 14 Feb 2022) Changed paths: M src/api/Gemfile.lock Log Message: ----------- Fix Action Pack vulnerability CVE-2022-23633: Possible exposure of information vulnerability in Action Pack. Update Rails to 5.2.6.2 with `bundle update rails --strict --patch`. Commit: 52f2536f46aa7ee86414b2934078dddf9d3c3863 https://github.com/openSUSE/open-build-service/commit/52f2536f46aa7ee86414b2... Author: Eduardo Navarro <enavarro@suse.com> Date: 2022-02-14 (Mon, 14 Feb 2022) Changed paths: M src/api/app/models/kiwi/preference.rb M src/api/spec/models/kiwi/preference_spec.rb Log Message: ----------- Allow kiwi versions not strictly x.y.z scheme Kiwi just allows numbers and dots. This fixes errors when working on our official templates for Leap, using just "15.3" as version for example. Cherry picking 8c924c24ac90348800ac8a78b81d99ba03ee8225 into 2.10 branch was not possible. I created this commit with those changes manually instead. Co-authored-by: Adrian Schröter <adrian@suse.de> Commit: c12b8d4bce344d30f7782bc2f8fd86db69b84c09 https://github.com/openSUSE/open-build-service/commit/c12b8d4bce344d30f7782b... Author: Eduardo Navarro <enavarro@suse.com> Date: 2022-02-14 (Mon, 14 Feb 2022) Changed paths: A ReleaseNotes-2.10.12 Log Message: ----------- Add release notes for 2.10.12 Commit: a31d0b5ec5251271a1e73f7b3ea013e3a6441a5a https://github.com/openSUSE/open-build-service/commit/a31d0b5ec5251271a1e73f... Author: Eduardo J <enavarro@suse.com> Date: 2022-02-16 (Wed, 16 Feb 2022) Changed paths: A ReleaseNotes-2.10.12 M src/api/Gemfile.lock M src/api/app/models/kiwi/preference.rb M src/api/spec/models/kiwi/preference_spec.rb Log Message: ----------- Merge pull request #12201 from eduardoj/manual_upgrade/rails-5.2.6.2 Update rails from 5.2.5 to 5.2.6.2 Compare: https://github.com/openSUSE/open-build-service/compare/0e7152b60b9e...a31d0b...
participants (1)
-
Eduardo J.