From 5d077fabae3eeb720af7942093d8d5f643dee81e Mon Sep 17 00:00:00 2001 From: Takuya Noguchi Date: Sun, 18 Nov 2018 21:35:10 +0900 Subject: [PATCH] Update rack to 2.0.6 (for QA environments) for addressing CVE-2018-16471 Signed-off-by: Takuya Noguchi --- changelogs/unreleased/54201-update-rack-to-2-0-6.yml | 5 +++++ qa/Gemfile.lock | 4 ++-- qa/qa/fixtures/auto_devops_rack/Gemfile.lock | 4 ++-- 3 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 changelogs/unreleased/54201-update-rack-to-2-0-6.yml diff --git a/changelogs/unreleased/54201-update-rack-to-2-0-6.yml b/changelogs/unreleased/54201-update-rack-to-2-0-6.yml new file mode 100644 index 00000000000..020b2bc0957 --- /dev/null +++ b/changelogs/unreleased/54201-update-rack-to-2-0-6.yml @@ -0,0 +1,5 @@ +--- +title: Update rack to 2.0.6 (for QA environments) +merge_request: 23171 +author: Takuya Noguchi +type: security diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock index 8d28fcacc05..d61ecf8fbb5 100644 --- a/qa/Gemfile.lock +++ b/qa/Gemfile.lock @@ -56,7 +56,7 @@ GEM byebug (~> 9.1) pry (~> 0.10) public_suffix (3.0.1) - rack (2.0.3) + rack (2.0.6) rack-test (0.8.2) rack (>= 1.0, < 3) rake (12.3.0) @@ -103,4 +103,4 @@ DEPENDENCIES selenium-webdriver (~> 3.8.0) BUNDLED WITH - 1.16.4 + 1.17.1 diff --git a/qa/qa/fixtures/auto_devops_rack/Gemfile.lock b/qa/qa/fixtures/auto_devops_rack/Gemfile.lock index 09cf72c48ac..d44ccbb5e69 100644 --- a/qa/qa/fixtures/auto_devops_rack/Gemfile.lock +++ b/qa/qa/fixtures/auto_devops_rack/Gemfile.lock @@ -1,7 +1,7 @@ GEM remote: https://rubygems.org/ specs: - rack (2.0.4) + rack (2.0.6) rake (12.3.0) PLATFORMS @@ -12,4 +12,4 @@ DEPENDENCIES rake BUNDLED WITH - 1.16.1 + 1.17.1