Browse Source

gems: update webrick to version 1.6.1

- explicitly use webrick gem version with patch against CVE-2020-25613
- https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
- webrick versions bundled with ruby are vulnerable at this point
tags/v3.1.1
cn 1 year ago
parent
commit
fd1d58abd6
  1. 6
      CHANGELOG.md
  2. 1
      dyndnsd.gemspec

6
CHANGELOG.md

@ -1,5 +1,11 @@
# Changelog
## 3.1.1
IMPROVEMENTS:
- Use webrick gem which contains fixes against [CVE-2020-25613](https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/)
## 3.1.0 (August 19, 2020)
IMPROVEMENTS:

1
dyndnsd.gemspec

@ -33,6 +33,7 @@ Gem::Specification.new do |s|
s.add_runtime_dependency 'opentracing', '~> 0.5.0'
s.add_runtime_dependency 'rack', '~> 2.0'
s.add_runtime_dependency 'rack-tracer', '~> 0.9.0'
s.add_runtime_dependency 'webrick', '>= 1.6.1'
s.add_development_dependency 'bundler'
s.add_development_dependency 'bundler-audit', '~> 0.7.0'

Loading…
Cancel
Save