Closed mdeering closed 5 years ago
mdeering
commented
5 years ago Tested this locally on CX which is the only app using this branch. CX needs this to get past CVE-2018-16476 which we are not exposed to but overdue for an update and pano rails requirement needed to relaxed to allow apps to take on patches and minors at their own discretion.
mdeering
commented
5 years ago @mmlindeboom @loucapo I did this PR from 3-1 as I needed it there for CX to be able to update its rails version for the same security updates.
Let me know if you need help cherry-picking this to master or note that we seem to be behind here https://github.com/techvalidate/pano/compare/3-1?expand=1
sprockets: CVE-2018-3760 ffi: CVE-2018-1000201 loofah: CVE-2018-16468 rack: CVE-2018-16470, CVE-2018-16471 activejob: CVE-2018-16476