Actions
Patch #36757
closed
Update Rails to 5.2.6.3
Description
A new security release is available, and we should upgrade to Rails 5.2.6.3.
https://rubyonrails.org/2022/3/8/Rails-7-0-2-3-6-1-4-7-6-0-4-7-and-5-2-6-3-have-been-released
This release addresses CVE-2022-21831. A detailed explanation is available here: https://discuss.rubyonrails.org/t/cve-2022-21831-possible-code-injection-vulnerability-in-rails-active-storage/80199
Updated by Marius BÄ‚LTEANU over 2 years ago
Thanks!
We will do the update, but that component is not used in Redmine.
Updated by Go MAEDA over 2 years ago
- Status changed from New to Closed
- Assignee set to Go MAEDA
Updated Rails. Thank you for reporting this.
Actions