Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Rails from 7.0.4.3 to 7.0.5.1 #2395

Merged
merged 1 commit into from
Jun 27, 2023
Merged

Upgrade Rails from 7.0.4.3 to 7.0.5.1 #2395

merged 1 commit into from
Jun 27, 2023

Commits on Jun 27, 2023

  1. Upgrade Rails from 7.0.4.3 to 7.0.5.1 

    This fixes a vulnerability:

    Name: actionpack
    Version: 7.0.4.3
    CVE: CVE-2023-28362
    Criticality: Unknown
    URL: https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132
    Title: Possible XSS via User Supplied Values to redirect_to
    Solution: upgrade to '~> 6.1.7.4', '>= 7.0.5.1'
    @nickcharlton
    nickcharlton committed Jun 27, 2023
    Configuration menu
    Copy the full SHA
    703924f View commit details
    Browse the repository at this point in the history