Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by bodhi

2 months ago

Please login to add feedback.

BZ#1831529 CVE-2020-5267 rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks [fedora-all]
0
0
BZ#1852381 CVE-2020-8185 rubygem-rails: untrusted users able to run pending migrations in production [fedora-all]
0
0
BZ#1877568 CVE-2020-15169 rubygem-actionview: rubygem-activeview: Cross-site scripting in translation helpers [fedora-all]
0
0

Automated Test Results