Actions
Defect #13131
closed
Rack Vulnerability
Status:
Closed
Priority:
High
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Invalid
Affected version:
Description
Rack recently reported a vulnerability: http://rack.github.com/
I'm running Redmine 2.2.2 and bundle show rack
gives me 1.4.4. Is it necessary to upgrade the Rack version or is Redmine not affected by this?
Updated by Toshi MARUYAMA over 12 years ago
Redmine does not define rack version in Gemfile.
You need to run "bundle update".
Updated by Anonymous over 12 years ago
- Status changed from New to Resolved
Sorry you're right. I'm used to Gemfile.lock being in the repo but it's not here. Would an item on News be helpful to remind people to check?
Updated by Etienne Massip over 12 years ago
- Status changed from Resolved to Closed
- Resolution set to Invalid
Actions