Project

General

Profile

Actions

Refactor #13698

closed

update to rest-client 1.8.x

Added by Anonymous over 7 years ago. Updated about 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Packaging
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

rest-client is pinned to '~> 1.6.0' at the moment, blocking an update to a newer rbovirt. Also 1.6.9 has two security issues which are probably not critical for Foreman core, but won't get resolved in 1.6.x:

Name: rest-client
Version: 1.6.9
Advisory: CVE-2015-1820
Criticality: Unknown
URL: https://github.com/rest-client/rest-client/issues/369
Title: rubygem-rest-client: session fixation vulnerability via Set-Cookie headers in 30x redirection responses
Solution: upgrade to >= 1.8.0

Name: rest-client
Version: 1.6.9
Advisory: CVE-2015-3448
Criticality: Unknown
URL: http://www.osvdb.org/show/osvdb/117461
Title: Rest-Client Gem for Ruby logs password information in plaintext
Solution: upgrade to >= 1.7.3


Related issues 3 (0 open3 closed)

Blocks Foreman - Feature #8289: use cloudinit user data in ovirt/rhev compute ressourceClosedKarim Boumedhel11/05/2014Actions
Blocked by Katello - Refactor #13699: update to rest-client 1.8.xRejected02/14/2016Actions
Blocks Packaging - Feature #14809: Build RPMs for Fedora 24ClosedDominic Cleal04/26/2016Actions
Actions #1

Updated by Anonymous over 7 years ago

  • Blocks Feature #8289: use cloudinit user data in ovirt/rhev compute ressource added
Actions #2

Updated by Anonymous over 7 years ago

Actions #3

Updated by The Foreman Bot over 7 years ago

  • Status changed from New to Ready For Testing
Actions #4

Updated by Dominic Cleal over 7 years ago

Actions #5

Updated by Dominic Cleal over 7 years ago

  • translation missing: en.field_release set to 136
Actions #6

Updated by Anonymous over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF