Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Backport CVE-2024-34341 fixes to v1.3 #1153

Merged
merged 2 commits into from
May 15, 2024

Conversation

afcapel
Copy link
Contributor

@afcapel afcapel commented May 14, 2024

Backports #1149 and #1147 to v1.3.

Those are the fixes for GHSA-qjqp-xr96-cj99

v1.3 was using an outdated version of Ruby and node that are no longer supported and quite difficult to run in modern machines. This PR also updates the Ruby version to 2.7, node to v16, and refreshes some other outdated dependencies.

Ref.

@afcapel afcapel changed the base branch from main to 1-3-stable May 14, 2024 15:10
@afcapel afcapel force-pushed the GHSA-qjqp-xr96-cj99-1-3-backport branch 5 times, most recently from 018f937 to 542a4f1 Compare May 14, 2024 16:32
@afcapel afcapel force-pushed the GHSA-qjqp-xr96-cj99-1-3-backport branch from 542a4f1 to 80a4d4f Compare May 14, 2024 16:39
@afcapel afcapel marked this pull request as ready for review May 14, 2024 16:43
@afcapel afcapel requested a review from jeremy May 14, 2024 16:44
@afcapel afcapel merged commit 10e8753 into 1-3-stable May 15, 2024
2 checks passed
@afcapel afcapel deleted the GHSA-qjqp-xr96-cj99-1-3-backport branch May 15, 2024 09:00
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants