(PA-6901) Bump REXML to 3.3.6 to address CVE-2024-43398 - Githubissues

puppetlabs / puppet-runtime

runtime dependencies for Vanagon projects

Apache License 2.0

5 stars 88 forks source link

(PA-6901) Bump REXML to 3.3.6 to address CVE-2024-43398 #904

Closed imaqsood closed 2 months ago

imaqsood commented 3 months ago

Testing Done

Agent Runtime Build vanagon-generic-builder (generic) Generic Builder Step 03 -- Vanagon Project Packaging #3186 Console [Jenkins]
Agent Runtime Artifacts Index of /puppet-runtime/b166fcdaf03c54e3a1e78fd5d3d0d1a66af124e4/artifacts/
Puppet Agent Build vanagon-generic-builder (generic) Generic Builder Step 03 -- Vanagon Project Packaging #3187 Console [Jenkins]
Puppet Agent Artifacts Index of /puppet-agent/bfc28e8cdae90df15d176185d5ab9ec37777a6cc/artifacts/el/7/puppet7/x86_64/

Index of /puppet-agent/bfc28e8cdae90df15d176185d5ab9ec37777a6cc/artifacts/deb/bionic/puppet7/

joshcooper commented 3 months ago

Does this PR update the rexml gem for both puppet7 and puppet8?

joshcooper commented 3 months ago

Oh I see there's a separate PR for agent-runtime-main https://github.com/puppetlabs/puppet-runtime/pull/901 that relies on this PR?