5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-26 07:56:23 +00:00

rails: 6.1.4

Name: actionpack
Version: 6.1.4.1
CVE: CVE-2021-44528
GHSA: GHSA-qphc-hf5q-v8fc
Criticality: Medium
URL:
https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ
Title: Possible Open Redirect in Host Authorization Middleware
Solution: upgrade to ~> 6.0.4, >= 6.0.4.2, ~> 6.1.4, >= 6.1.4.2, >=
7.0.0.rc2

Name: actionpack
Version: 6.1.4.1
CVE: CVE-2022-23633
GHSA: GHSA-wh98-p28r-vrc9
Criticality: High
URL:
https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ
Title: Possible exposure of information vulnerability in Action Pack
Solution: upgrade to ~> 5.2.6, >= 5.2.6.2, ~> 6.0.4, >= 6.0.4.6, ~>
6.1.4, >= 6.1.4.6, >= 7.0.2.2

Name: actionpack
Version: 6.1.4.1
CVE: CVE-2022-22577
GHSA: GHSA-mm33-5vfq-3mm3
Criticality: Unknown
URL: https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI
Title: Possible XSS Vulnerability in Action Pack
Solution: upgrade to ~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~>
6.1.5, >= 6.1.5.1, >= 7.0.2.4

Name: actionview
Version: 6.1.4.1
CVE: CVE-2022-27777
GHSA: GHSA-ch3h-j2vf-95pv
Criticality: Unknown
URL: https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw
Title: Possible XSS Vulnerability in Action View tag helpers
Solution: upgrade to ~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~>
6.1.5, >= 6.1.5.1, >= 7.0.2.4

Name: activestorage
Version: 6.1.4.1
CVE: CVE-2022-21831
GHSA: GHSA-w749-p3v6-hccq
Criticality: Unknown
URL: https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI
Title: Possible code injection vulnerability in Rails / Active Storage
Solution: upgrade to ~> 5.2.6, >= 5.2.6.3, ~> 6.0.4, >= 6.0.4.7, ~>
6.1.4, >= 6.1.4.7, >= 7.0.2.3
This commit is contained in:
f 2022-06-29 18:38:44 -03:00
parent f18fb0508a
commit bddae016d2
2 changed files with 58 additions and 58 deletions

View file

@ -8,7 +8,7 @@ ruby '~> 2.7'
gem 'dotenv-rails', require: 'dotenv/rails-now' gem 'dotenv-rails', require: 'dotenv/rails-now'
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '~> 6' gem 'rails', '~> 6.1.4.0'
# Use Puma as the app server # Use Puma as the app server
gem 'puma' gem 'puma'

View file

@ -27,60 +27,60 @@ GIT
GEM GEM
remote: https://gems.sutty.nl/ remote: https://gems.sutty.nl/
specs: specs:
actioncable (6.1.4.1) actioncable (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
nio4r (~> 2.0) nio4r (~> 2.0)
websocket-driver (>= 0.6.1) websocket-driver (>= 0.6.1)
actionmailbox (6.1.4.1) actionmailbox (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
activejob (= 6.1.4.1) activejob (= 6.1.4.7)
activerecord (= 6.1.4.1) activerecord (= 6.1.4.7)
activestorage (= 6.1.4.1) activestorage (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
mail (>= 2.7.1) mail (>= 2.7.1)
actionmailer (6.1.4.1) actionmailer (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
actionview (= 6.1.4.1) actionview (= 6.1.4.7)
activejob (= 6.1.4.1) activejob (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
mail (~> 2.5, >= 2.5.4) mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0) rails-dom-testing (~> 2.0)
actionpack (6.1.4.1) actionpack (6.1.4.7)
actionview (= 6.1.4.1) actionview (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
rack (~> 2.0, >= 2.0.9) rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3) rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0) rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.4.1) actiontext (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
activerecord (= 6.1.4.1) activerecord (= 6.1.4.7)
activestorage (= 6.1.4.1) activestorage (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
nokogiri (>= 1.8.5) nokogiri (>= 1.8.5)
actionview (6.1.4.1) actionview (6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
builder (~> 3.1) builder (~> 3.1)
erubi (~> 1.4) erubi (~> 1.4)
rails-dom-testing (~> 2.0) rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.4.1) activejob (6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
globalid (>= 0.3.6) globalid (>= 0.3.6)
activemodel (6.1.4.1) activemodel (6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
activerecord (6.1.4.1) activerecord (6.1.4.7)
activemodel (= 6.1.4.1) activemodel (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
activestorage (6.1.4.1) activestorage (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
activejob (= 6.1.4.1) activejob (= 6.1.4.7)
activerecord (= 6.1.4.1) activerecord (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
marcel (~> 1.0.0) marcel (~> 1.0.0)
mini_mime (>= 1.1.0) mini_mime (>= 1.1.0)
activesupport (6.1.4.1) activesupport (6.1.4.7)
concurrent-ruby (~> 1.0, >= 1.0.2) concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2) i18n (>= 1.6, < 2)
minitest (>= 5.1) minitest (>= 5.1)
@ -211,7 +211,7 @@ GEM
activerecord (>= 4.0.0) activerecord (>= 4.0.0)
get_process_mem (0.2.7) get_process_mem (0.2.7)
ffi (~> 1.0) ffi (~> 1.0)
globalid (0.6.0) globalid (1.0.0)
activesupport (>= 5.0) activesupport (>= 5.0)
groupdate (5.2.2) groupdate (5.2.2)
activesupport (>= 5) activesupport (>= 5)
@ -423,20 +423,20 @@ GEM
jekyll-relative-urls (~> 0.0) jekyll-relative-urls (~> 0.0)
jekyll-seo-tag (~> 2.1) jekyll-seo-tag (~> 2.1)
jekyll-turbolinks (~> 0) jekyll-turbolinks (~> 0)
rails (6.1.4.1) rails (6.1.4.7)
actioncable (= 6.1.4.1) actioncable (= 6.1.4.7)
actionmailbox (= 6.1.4.1) actionmailbox (= 6.1.4.7)
actionmailer (= 6.1.4.1) actionmailer (= 6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
actiontext (= 6.1.4.1) actiontext (= 6.1.4.7)
actionview (= 6.1.4.1) actionview (= 6.1.4.7)
activejob (= 6.1.4.1) activejob (= 6.1.4.7)
activemodel (= 6.1.4.1) activemodel (= 6.1.4.7)
activerecord (= 6.1.4.1) activerecord (= 6.1.4.7)
activestorage (= 6.1.4.1) activestorage (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
bundler (>= 1.15.0) bundler (>= 1.15.0)
railties (= 6.1.4.1) railties (= 6.1.4.7)
sprockets-rails (>= 2.0.0) sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3) rails-dom-testing (2.0.3)
activesupport (>= 4.2.0) activesupport (>= 4.2.0)
@ -448,9 +448,9 @@ GEM
railties (>= 6.0.0, < 7) railties (>= 6.0.0, < 7)
rails_warden (0.6.0) rails_warden (0.6.0)
warden (>= 1.2.0) warden (>= 1.2.0)
railties (6.1.4.1) railties (6.1.4.7)
actionpack (= 6.1.4.1) actionpack (= 6.1.4.7)
activesupport (= 6.1.4.1) activesupport (= 6.1.4.7)
method_source method_source
rake (>= 0.13) rake (>= 0.13)
thor (~> 1.0) thor (~> 1.0)
@ -565,10 +565,10 @@ GEM
spring-watcher-listen (2.0.1) spring-watcher-listen (2.0.1)
listen (>= 2.7, < 4.0) listen (>= 2.7, < 4.0)
spring (>= 1.2, < 3.0) spring (>= 1.2, < 3.0)
sprockets (4.0.2) sprockets (4.1.1)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
rack (> 1, < 3) rack (> 1, < 3)
sprockets-rails (3.4.1) sprockets-rails (3.4.2)
actionpack (>= 5.2) actionpack (>= 5.2)
activesupport (>= 5.2) activesupport (>= 5.2)
sprockets (>= 3.0.0) sprockets (>= 3.0.0)
@ -710,7 +710,7 @@ DEPENDENCIES
rack-cors rack-cors
rack-mini-profiler rack-mini-profiler
radios-comunitarias-jekyll-theme radios-comunitarias-jekyll-theme
rails (~> 6) rails (~> 6.1.4.0)
rails-i18n rails-i18n
rails_warden rails_warden
recursero-jekyll-theme recursero-jekyll-theme