Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381

How to install

sudo dnf upgrade --advisory=FEDORA-2020-83a4999b7c

This update's test gating status has been changed to 'waiting'.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by bodhi

11 months ago

Please login to add feedback.

BZ#1831529 CVE-2020-5267 rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks [fedora-all]
0
0
BZ#1852381 CVE-2020-8185 rubygem-rails: untrusted users able to run pending migrations in production [fedora-all]
0
0
BZ#1877568 CVE-2020-15169 rubygem-actionview: rubygem-activeview: Cross-site scripting in translation helpers [fedora-all]
0
0

Automated Test Results