mirror of
https://0xacab.org/sutty/sutty
synced 2024-11-22 15:36:22 +00:00
rails: 6.1.4
Name: actionpack Version: 6.1.4.1 CVE: CVE-2021-44528 GHSA: GHSA-qphc-hf5q-v8fc Criticality: Medium URL: https://groups.google.com/g/ruby-security-ann/c/vG9gz3nk1pM/m/7-NU4MNrDAAJ Title: Possible Open Redirect in Host Authorization Middleware Solution: upgrade to ~> 6.0.4, >= 6.0.4.2, ~> 6.1.4, >= 6.1.4.2, >= 7.0.0.rc2 Name: actionpack Version: 6.1.4.1 CVE: CVE-2022-23633 GHSA: GHSA-wh98-p28r-vrc9 Criticality: High URL: https://groups.google.com/g/ruby-security-ann/c/FkTM-_7zSNA/m/K2RiMJBlBAAJ Title: Possible exposure of information vulnerability in Action Pack Solution: upgrade to ~> 5.2.6, >= 5.2.6.2, ~> 6.0.4, >= 6.0.4.6, ~> 6.1.4, >= 6.1.4.6, >= 7.0.2.2 Name: actionpack Version: 6.1.4.1 CVE: CVE-2022-22577 GHSA: GHSA-mm33-5vfq-3mm3 Criticality: Unknown URL: https://groups.google.com/g/ruby-security-ann/c/NuFRKaN5swI Title: Possible XSS Vulnerability in Action Pack Solution: upgrade to ~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4 Name: actionview Version: 6.1.4.1 CVE: CVE-2022-27777 GHSA: GHSA-ch3h-j2vf-95pv Criticality: Unknown URL: https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw Title: Possible XSS Vulnerability in Action View tag helpers Solution: upgrade to ~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4 Name: activestorage Version: 6.1.4.1 CVE: CVE-2022-21831 GHSA: GHSA-w749-p3v6-hccq Criticality: Unknown URL: https://groups.google.com/g/rubyonrails-security/c/n-p-W1yxatI Title: Possible code injection vulnerability in Rails / Active Storage Solution: upgrade to ~> 5.2.6, >= 5.2.6.3, ~> 6.0.4, >= 6.0.4.7, ~> 6.1.4, >= 6.1.4.7, >= 7.0.2.3
This commit is contained in:
parent
f18fb0508a
commit
bddae016d2
2 changed files with 58 additions and 58 deletions
2
Gemfile
2
Gemfile
|
@ -8,7 +8,7 @@ ruby '~> 2.7'
|
|||
gem 'dotenv-rails', require: 'dotenv/rails-now'
|
||||
|
||||
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
|
||||
gem 'rails', '~> 6'
|
||||
gem 'rails', '~> 6.1.4.0'
|
||||
# Use Puma as the app server
|
||||
gem 'puma'
|
||||
|
||||
|
|
114
Gemfile.lock
114
Gemfile.lock
|
@ -27,60 +27,60 @@ GIT
|
|||
GEM
|
||||
remote: https://gems.sutty.nl/
|
||||
specs:
|
||||
actioncable (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actioncable (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
nio4r (~> 2.0)
|
||||
websocket-driver (>= 0.6.1)
|
||||
actionmailbox (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
activejob (= 6.1.4.1)
|
||||
activerecord (= 6.1.4.1)
|
||||
activestorage (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actionmailbox (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
activejob (= 6.1.4.7)
|
||||
activerecord (= 6.1.4.7)
|
||||
activestorage (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
mail (>= 2.7.1)
|
||||
actionmailer (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
actionview (= 6.1.4.1)
|
||||
activejob (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actionmailer (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
actionview (= 6.1.4.7)
|
||||
activejob (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
mail (~> 2.5, >= 2.5.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
actionpack (6.1.4.1)
|
||||
actionview (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actionpack (6.1.4.7)
|
||||
actionview (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
rack (~> 2.0, >= 2.0.9)
|
||||
rack-test (>= 0.6.3)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
||||
actiontext (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
activerecord (= 6.1.4.1)
|
||||
activestorage (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actiontext (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
activerecord (= 6.1.4.7)
|
||||
activestorage (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
nokogiri (>= 1.8.5)
|
||||
actionview (6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
actionview (6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
builder (~> 3.1)
|
||||
erubi (~> 1.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
||||
activejob (6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
activejob (6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
globalid (>= 0.3.6)
|
||||
activemodel (6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
activerecord (6.1.4.1)
|
||||
activemodel (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
activestorage (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
activejob (= 6.1.4.1)
|
||||
activerecord (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
activemodel (6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
activerecord (6.1.4.7)
|
||||
activemodel (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
activestorage (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
activejob (= 6.1.4.7)
|
||||
activerecord (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
marcel (~> 1.0.0)
|
||||
mini_mime (>= 1.1.0)
|
||||
activesupport (6.1.4.1)
|
||||
activesupport (6.1.4.7)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
i18n (>= 1.6, < 2)
|
||||
minitest (>= 5.1)
|
||||
|
@ -211,7 +211,7 @@ GEM
|
|||
activerecord (>= 4.0.0)
|
||||
get_process_mem (0.2.7)
|
||||
ffi (~> 1.0)
|
||||
globalid (0.6.0)
|
||||
globalid (1.0.0)
|
||||
activesupport (>= 5.0)
|
||||
groupdate (5.2.2)
|
||||
activesupport (>= 5)
|
||||
|
@ -423,20 +423,20 @@ GEM
|
|||
jekyll-relative-urls (~> 0.0)
|
||||
jekyll-seo-tag (~> 2.1)
|
||||
jekyll-turbolinks (~> 0)
|
||||
rails (6.1.4.1)
|
||||
actioncable (= 6.1.4.1)
|
||||
actionmailbox (= 6.1.4.1)
|
||||
actionmailer (= 6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
actiontext (= 6.1.4.1)
|
||||
actionview (= 6.1.4.1)
|
||||
activejob (= 6.1.4.1)
|
||||
activemodel (= 6.1.4.1)
|
||||
activerecord (= 6.1.4.1)
|
||||
activestorage (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
rails (6.1.4.7)
|
||||
actioncable (= 6.1.4.7)
|
||||
actionmailbox (= 6.1.4.7)
|
||||
actionmailer (= 6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
actiontext (= 6.1.4.7)
|
||||
actionview (= 6.1.4.7)
|
||||
activejob (= 6.1.4.7)
|
||||
activemodel (= 6.1.4.7)
|
||||
activerecord (= 6.1.4.7)
|
||||
activestorage (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
bundler (>= 1.15.0)
|
||||
railties (= 6.1.4.1)
|
||||
railties (= 6.1.4.7)
|
||||
sprockets-rails (>= 2.0.0)
|
||||
rails-dom-testing (2.0.3)
|
||||
activesupport (>= 4.2.0)
|
||||
|
@ -448,9 +448,9 @@ GEM
|
|||
railties (>= 6.0.0, < 7)
|
||||
rails_warden (0.6.0)
|
||||
warden (>= 1.2.0)
|
||||
railties (6.1.4.1)
|
||||
actionpack (= 6.1.4.1)
|
||||
activesupport (= 6.1.4.1)
|
||||
railties (6.1.4.7)
|
||||
actionpack (= 6.1.4.7)
|
||||
activesupport (= 6.1.4.7)
|
||||
method_source
|
||||
rake (>= 0.13)
|
||||
thor (~> 1.0)
|
||||
|
@ -565,10 +565,10 @@ GEM
|
|||
spring-watcher-listen (2.0.1)
|
||||
listen (>= 2.7, < 4.0)
|
||||
spring (>= 1.2, < 3.0)
|
||||
sprockets (4.0.2)
|
||||
sprockets (4.1.1)
|
||||
concurrent-ruby (~> 1.0)
|
||||
rack (> 1, < 3)
|
||||
sprockets-rails (3.4.1)
|
||||
sprockets-rails (3.4.2)
|
||||
actionpack (>= 5.2)
|
||||
activesupport (>= 5.2)
|
||||
sprockets (>= 3.0.0)
|
||||
|
@ -710,7 +710,7 @@ DEPENDENCIES
|
|||
rack-cors
|
||||
rack-mini-profiler
|
||||
radios-comunitarias-jekyll-theme
|
||||
rails (~> 6)
|
||||
rails (~> 6.1.4.0)
|
||||
rails-i18n
|
||||
rails_warden
|
||||
recursero-jekyll-theme
|
||||
|
|
Loading…
Reference in a new issue