Skip to content

Commit

Permalink
Merge pull request #2703 from cyberark/update-rails-6.1.7.1
Browse files Browse the repository at this point in the history
Update rails to 6.1.7.1 for CVE-2023-22794
  • Loading branch information
micahlee authored Jan 19, 2023
2 parents 99e6170 + 305bc37 commit 0ca7cf4
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 69 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
request results are sorted by resource ID.
[cyberark/conjur#2702](https://github.com/cyberark/conjur/pull/2702)

### Security
- Upgraded Rails to 6.1.7.1 to resolve CVE-2023-22794 (not vulnerable)
[cyberark/conjur#2703](https://github.com/cyberark/conjur/pull/2703)

## [1.19.1] - 2022-12-08

### Security
Expand Down
144 changes: 79 additions & 65 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -8,60 +8,60 @@ PATH
GEM
remote: https://rubygems.org/
specs:
actioncable (6.1.6.1)
actionpack (= 6.1.6.1)
activesupport (= 6.1.6.1)
actioncable (6.1.7.1)
actionpack (= 6.1.7.1)
activesupport (= 6.1.7.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.1.6.1)
actionpack (= 6.1.6.1)
activejob (= 6.1.6.1)
activerecord (= 6.1.6.1)
activestorage (= 6.1.6.1)
activesupport (= 6.1.6.1)
actionmailbox (6.1.7.1)
actionpack (= 6.1.7.1)
activejob (= 6.1.7.1)
activerecord (= 6.1.7.1)
activestorage (= 6.1.7.1)
activesupport (= 6.1.7.1)
mail (>= 2.7.1)
actionmailer (6.1.6.1)
actionpack (= 6.1.6.1)
actionview (= 6.1.6.1)
activejob (= 6.1.6.1)
activesupport (= 6.1.6.1)
actionmailer (6.1.7.1)
actionpack (= 6.1.7.1)
actionview (= 6.1.7.1)
activejob (= 6.1.7.1)
activesupport (= 6.1.7.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.1.6.1)
actionview (= 6.1.6.1)
activesupport (= 6.1.6.1)
actionpack (6.1.7.1)
actionview (= 6.1.7.1)
activesupport (= 6.1.7.1)
rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.6.1)
actionpack (= 6.1.6.1)
activerecord (= 6.1.6.1)
activestorage (= 6.1.6.1)
activesupport (= 6.1.6.1)
actiontext (6.1.7.1)
actionpack (= 6.1.7.1)
activerecord (= 6.1.7.1)
activestorage (= 6.1.7.1)
activesupport (= 6.1.7.1)
nokogiri (>= 1.8.5)
actionview (6.1.6.1)
activesupport (= 6.1.6.1)
actionview (6.1.7.1)
activesupport (= 6.1.7.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.6.1)
activesupport (= 6.1.6.1)
activejob (6.1.7.1)
activesupport (= 6.1.7.1)
globalid (>= 0.3.6)
activemodel (6.1.6.1)
activesupport (= 6.1.6.1)
activerecord (6.1.6.1)
activemodel (= 6.1.6.1)
activesupport (= 6.1.6.1)
activestorage (6.1.6.1)
actionpack (= 6.1.6.1)
activejob (= 6.1.6.1)
activerecord (= 6.1.6.1)
activesupport (= 6.1.6.1)
activemodel (6.1.7.1)
activesupport (= 6.1.7.1)
activerecord (6.1.7.1)
activemodel (= 6.1.7.1)
activesupport (= 6.1.7.1)
activestorage (6.1.7.1)
actionpack (= 6.1.7.1)
activejob (= 6.1.7.1)
activerecord (= 6.1.7.1)
activesupport (= 6.1.7.1)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (6.1.6.1)
activesupport (6.1.7.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
Expand Down Expand Up @@ -169,6 +169,7 @@ GEM
cucumber-cucumber-expressions (~> 14.0, >= 14.0.0)
cucumber-messages (~> 17.1, >= 17.1.1)
database_cleaner (1.8.5)
date (3.3.3)
debase (0.2.5.beta2)
debase-ruby_core_source (>= 0.10.12)
debase-ruby_core_source (0.10.13)
Expand Down Expand Up @@ -202,7 +203,7 @@ GEM
dry-core (~> 0.5, >= 0.5)
dry-inflector (~> 0.1, >= 0.1.2)
dry-logic (~> 1.0, >= 1.0.2)
erubi (1.10.0)
erubi (1.12.0)
event_emitter (0.2.6)
eventmachine (1.2.7)
excon (0.91.0)
Expand All @@ -214,7 +215,7 @@ GEM
ffi (>= 1.0.0)
rake
gli (2.21.0)
globalid (1.0.0)
globalid (1.0.1)
activesupport (>= 5.0)
haikunator (1.1.1)
hashdiff (1.0.1)
Expand Down Expand Up @@ -262,24 +263,36 @@ GEM
loofah (2.19.1)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mail (2.8.0.1)
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
marcel (1.0.2)
method_source (1.0.0)
mime-types (3.4.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2022.0105)
mini_mime (1.1.2)
minitest (5.16.2)
minitest (5.17.0)
multi_json (1.15.0)
multi_test (0.1.2)
net-imap (0.3.4)
date
net-protocol
net-ldap (0.17.0)
net-pop (0.1.2)
net-protocol
net-protocol (0.2.1)
timeout
net-smtp (0.3.3)
net-protocol
net-ssh (6.1.0)
netrc (0.11.0)
nio4r (2.5.8)
nokogiri (1.13.10-x86_64-darwin)
nokogiri (1.14.0-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.13.10-x86_64-linux)
nokogiri (1.14.0-x86_64-linux)
racc (~> 1.4)
openid_connect (1.3.0)
activemodel
Expand Down Expand Up @@ -307,8 +320,8 @@ GEM
public_suffix (4.0.6)
puma (5.6.4)
nio4r (~> 2.0)
racc (1.6.1)
rack (2.2.4)
racc (1.6.2)
rack (2.2.6.2)
rack-oauth2 (1.19.0)
activesupport
attr_required
Expand All @@ -318,20 +331,20 @@ GEM
rack-rewrite (1.5.1)
rack-test (2.0.2)
rack (>= 1.3)
rails (6.1.6.1)
actioncable (= 6.1.6.1)
actionmailbox (= 6.1.6.1)
actionmailer (= 6.1.6.1)
actionpack (= 6.1.6.1)
actiontext (= 6.1.6.1)
actionview (= 6.1.6.1)
activejob (= 6.1.6.1)
activemodel (= 6.1.6.1)
activerecord (= 6.1.6.1)
activestorage (= 6.1.6.1)
activesupport (= 6.1.6.1)
rails (6.1.7.1)
actioncable (= 6.1.7.1)
actionmailbox (= 6.1.7.1)
actionmailer (= 6.1.7.1)
actionpack (= 6.1.7.1)
actiontext (= 6.1.7.1)
actionview (= 6.1.7.1)
activejob (= 6.1.7.1)
activemodel (= 6.1.7.1)
activerecord (= 6.1.7.1)
activestorage (= 6.1.7.1)
activesupport (= 6.1.7.1)
bundler (>= 1.15.0)
railties (= 6.1.6.1)
railties (= 6.1.7.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
Expand All @@ -348,9 +361,9 @@ GEM
rails_layout (1.0.42)
rails_serve_static_assets (0.0.5)
rails_stdout_logging (0.0.5)
railties (6.1.6.1)
actionpack (= 6.1.6.1)
activesupport (= 6.1.6.1)
railties (6.1.7.1)
actionpack (= 6.1.7.1)
activesupport (= 6.1.7.1)
method_source
rake (>= 12.2)
thor (~> 1.0)
Expand Down Expand Up @@ -429,9 +442,9 @@ GEM
spring (>= 0.9.1)
spring-commands-rspec (1.0.4)
spring (>= 0.9.1)
sprockets (4.1.1)
sprockets (4.2.0)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
rack (>= 2.2.4, < 4)
sprockets-rails (3.4.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
Expand All @@ -444,7 +457,8 @@ GEM
ffi (~> 1.1)
table_print (1.5.7)
thor (1.2.1)
tzinfo (2.0.4)
timeout (0.3.1)
tzinfo (2.0.5)
concurrent-ruby (~> 1.0)
unf (0.1.4)
unf_ext
Expand All @@ -470,7 +484,7 @@ GEM
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xdg (2.2.3)
zeitwerk (2.6.0)
zeitwerk (2.6.6)

PLATFORMS
x86_64-darwin-20
Expand Down
8 changes: 4 additions & 4 deletions NOTICES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ Section 3: BSD-3-Clause

Section 4: MIT

>>> https://rubygems.org/gems/activesupport/versions/6.1.6.1
>>> https://rubygems.org/gems/activesupport/versions/6.1.7.1
>>> https://rubygems.org/gems/anyway_config/versions/2.2.3
>>> https://rubygems.org/gems/base58/versions/0.2.3
>>> https://rubygems.org/gems/bcrypt/versions/3.1.16
Expand All @@ -45,7 +45,7 @@ Section 4: MIT
>>> https://rubygems.org/gems/nokogiri/versions/1.13.10
>>> https://rubygems.org/gems/openid_connect/versions/1.3.0
>>> https://rubygems.org/gems/rack-rewrite/versions/1.5.1
>>> https://rubygems.org/gems/rails/versions/6.1.6.1
>>> https://rubygems.org/gems/rails/versions/6.1.7.1
>>> https://rubygems.org/gems/rake/versions/13.0.6
>>> https://rubygems.org/gems/sequel/versions/5.51.0
>>> https://rubygems.org/gems/sequel-pg_advisory_locking/versions/1.0.1
Expand Down Expand Up @@ -247,7 +247,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

MIT License is applicable to the following component(s).

>>> https://rubygems.org/gems/activesupport/versions/6.1.6.1
>>> https://rubygems.org/gems/activesupport/versions/6.1.7.1

Copyright (c) 2005-2018 David Heinemeier Hansson

Expand Down Expand Up @@ -748,7 +748,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

>>> https://rubygems.org/gems/rails/versions/6.1.6.1
>>> https://rubygems.org/gems/rails/versions/6.1.7.1

Copyright (c) 2005-2018 David Heinemeier Hansson

Expand Down

0 comments on commit 0ca7cf4

Please sign in to comment.