search

SUSE / hackweek

SUSE Hack Week tools and data
https://hackweek.opensuse.org/
MIT License
64 stars 53 forks source link

Update rails 7.0.8 → 7.0.8.1 (minor) #1463

Closed depfu[bot] closed 6 months ago

depfu[bot] commented 6 months ago

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ rails (7.0.8 → 7.0.8.1) · Repo

Release Notes

7.0.8.1

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Fix possible XSS vulnerability with the translate method in controllers

    CVE-2024-26143

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • Disables the session in ActiveStorage::Blobs::ProxyController
    and ActiveStorage::Representations::ProxyController
    in order to allow caching by default in some CDNs as CloudFlare

    Fixes #44136

    Bruno Prieto

Action Mailbox

  • No changes.

Action Text

  • No changes.

Railties

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ actioncable (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ actionmailbox (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

↗️ actionmailer (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ actionpack (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • Fix possible XSS vulnerability with the translate method in controllers

    CVE-2024-26143

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ actiontext (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ actionview (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ activejob (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ activemodel (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ activerecord (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ activestorage (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • Disables the session in ActiveStorage::Blobs::ProxyController and ActiveStorage::Representations::ProxyController in order to allow caching by default in some CDNs as CloudFlare

    Fixes #44136

    Bruno Prieto

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ activesupport (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ rack (indirect, 2.2.8 → 2.2.8.1) · Repo · Changelog

Release Notes

2.2.8.1

What's Changed

  • Fixed ReDoS in Accept header parsing [CVE-2024-26146]
  • Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
  • Reject Range headers which are too large [CVE-2024-26141]

Full Changelog: v2.2.8...v2.2.8.1

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

↗️ railties (indirect, 7.0.8 → 7.0.8.1) · Repo · Changelog

Release Notes

7.0.8.1 (from changelog)

  • No changes.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 4 commits:

Depfu Status

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands
@​depfu rebase
Rebases against your default branch and redoes this update
@​depfu recreate
Recreates this PR, overwriting any edits that you've made to it
@​depfu merge
Merges this PR once your tests are passing and conflicts are resolved
@​depfu cancel merge
Cancels automatic merging of this PR
@​depfu close
Closes this PR and deletes the branch
@​depfu reopen
Restores the branch and reopens this PR (if it's closed)
@​depfu pause
Ignores all future updates for this dependency and closes this PR
@​depfu pause [minor|major]
Ignores all future minor/major updates for this dependency and closes this PR
@​depfu resume
Future versions of this dependency will create PRs again (leaves this PR as is)