Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381

How to install

sudo dnf upgrade --advisory=FEDORA-2020-4dd34860a3

This update's test gating status has been changed to 'waiting'.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update has been submitted for testing by pvalena.

11 months ago

This update has been pushed to testing.

10 months ago

This update can be pushed to stable now if the maintainer wishes

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

BZ#1831529 CVE-2020-5267 rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks [fedora-all]
0
0
BZ#1852381 CVE-2020-8185 rubygem-rails: untrusted users able to run pending migrations in production [fedora-all]
0
0
BZ#1877568 CVE-2020-15169 rubygem-actionview: rubygem-activeview: Cross-site scripting in translation helpers [fedora-all]
0
0

Automated Test Results