Project

General

Profile

Actions

Patch #36757

closed

Update Rails to 5.2.6.3

Added by Vincent Robert over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Rails support
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

A new security release is available, and we should upgrade to Rails 5.2.6.3.
https://rubyonrails.org/2022/3/8/Rails-7-0-2-3-6-1-4-7-6-0-4-7-and-5-2-6-3-have-been-released

This release addresses CVE-2022-21831. A detailed explanation is available here: https://discuss.rubyonrails.org/t/cve-2022-21831-possible-code-injection-vulnerability-in-rails-active-storage/80199

Actions

Also available in: Atom PDF