Skip to content

Commit

Permalink
Update ui-classic to match manageiq rails version
Browse files Browse the repository at this point in the history 
Note, ui-classic can't run without manageiq but we're updating it to be consistent.

From:
ManageIQ/manageiq#20188

[CVE-2020-8162] Circumvention of file size limits in ActiveStorage
[CVE-2020-8164] Possible Strong Parameters Bypass in ActionPack
[CVE-2020-8165] Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
[CVE-2020-8166] Ability to forge per-form CSRF tokens given a global CSRF token
[CVE-2020-8167] CSRF Vulnerability in rails-ujs

https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/
  • Loading branch information
@jrafanie
jrafanie committed May 19, 2020
1 parent cdf3b48 commit 9ee7920
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion manageiq-ui-classic.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Gem::Specification.new do |s|
s.executables = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
s.require_paths = ["lib"]

s.add_dependency "rails", "~>5.2.4"
s.add_dependency "rails", "~>5.2.4", ">=5.2.4.3"

s.add_dependency "coffee-rails"
s.add_dependency "font-fabulous", "~> 1.0.5"
Expand Down

0 comments on commit 9ee7920

Please sign in to comment.