Skip to content

Address CVE-2020-8161 in rack gem #9058

New issue
New issue
Closed
Closed
Address CVE-2020-8161 in rack gem#9058
Assignees
johnpaulashenfelter
Labels
EpicsecuritySecurity-related topics and issues.tools-beUsed for the backend tools team
@johnpaulashenfelter

Description

@johnpaulashenfelter
johnpaulashenfelter
opened on May 13, 2020

There is a CVE in the rack gem: https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA

We cannot upgrade rack because of other dependencies on specific versions. We can't patch the library without forking and using our own package delivery through GitHub which is not a quick fix.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

EpicsecuritySecurity-related topics and issues.tools-beUsed for the backend tools team

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions