Project

General

Profile

Actions
Copy link

Support #38387

closed

Will there be an update for rubygem-graphql in 3.12 Foreman release

Added by Daniel Fiecko 14 days ago. Updated about 7 hours ago.

Status:
Rejected
Priority:
High
Assignee:
-
Category:
Foreman modules
Target version:
-
Triaged:
No
Fixed in Releases:
Foreman - 3.12.2
Found in Releases:

Description

Hello,

As of recently there was a vulnerability for graphql package that affects rubygem-graphql packages versions below < 1.13.24 - CVE-2025-27407

In the official repository for Foreman installatikon there is only rubygem-graphql-1.13.23-1.

Will there be an update for mentioned package?

Actions
Copy link
 #1

Updated by Ewoud Kohl van Wijngaarden about 7 hours ago

  • Status changed from New to Rejected

No, there will not since 3.12 is EOL. We are working on 3.13 (https://github.com/theforeman/foreman-packaging/pull/11964) and 3.14 (https://github.com/theforeman/foreman-packaging/pull/11963), which have been updated but AFAIK not published yet due to issues in the release pipelines.

Actions
Copy link

Also available in: Atom PDF