Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump mail to get rid of gemnasium security warning #5643

Merged
merged 1 commit into from
Jun 14, 2017
Merged

Conversation

ulferts
Copy link
Contributor

@ulferts ulferts commented Jun 13, 2017

OP is not affected by the vulnerability as:

But gemnasium complains and this produces a red badge which looks bad.

image

The rc has been around for some time now, so it should be stable enough.

I expect to bump the version once the official 2.6.6 has been released.

OP is not affected by the vulnerability as:
* We limit the length of mail fields
* 2.6.x is not vulnerable at all (mikel/mail#1097 (comment))

But gemnasium complains and this produces a red badge which looks bad.

The rc has been around for some time now, so it should be stable enough.

I expect to bump the version once the official 2.6.6 has been released.
@oliverguenther oliverguenther merged commit f5ce00b into dev Jun 14, 2017
@oliverguenther oliverguenther deleted the fix/bump_mail branch June 14, 2017 05:33
@jeremy
Copy link

jeremy commented Jun 14, 2017

2.6.6 is released, btw 🌈

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants