search

MAAP-Project / user-metadata-form

Questionnaire to get metadata about user-submitted collections
Apache License 2.0
0 stars 0 forks source link

Upgrade Puma to 4.x #14

Closed philvarner closed 2 years ago

philvarner commented 2 years ago

Security warnings:

Name: puma
Version: 3.12.6
CVE: CVE-2021-29509
GHSA: GHSA-q28m-8xjw-8vr5
Criticality: High
URL: https://github.com/puma/puma/security/advisories/GHSA-q28m-8xjw-8vr5
Title: Keepalive Connections Causing Denial Of Service in puma
Solution: upgrade to ~> 4.3.8, >= 5.3.1

Name: puma
Version: 3.12.6
CVE: CVE-2021-41136
GHSA: GHSA-48w2-rm65-62xx
Criticality: Low
URL: https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx
Title: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma
Solution: upgrade to ~> 4.3.9, >= 5.5.1