Project

General

Profile

Actions
Copy link

Bug #14640

closed

[API][Workbench] Security vulnerability on activejob

Added by Lucas Di Pentima over 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Lucas Di Pentima
Category:
-
Target version:
2018-12-21 Sprint
Story points:
-
Release:
Arvados v1.4 - Q1/Q2 2019
Release relationship:
Auto

Description

There's a security issue with activejob >= 4.2.0, < 4.2.11: https://nvd.nist.gov/vuln/detail/CVE-2018-16476

Subtasks 1 (0 open1 closed)

Task #14641: Review 14640-api-wb-activejob-upgradeResolvedLucas Di Pentima12/18/2018Actions
Actions
Copy link
 #1

Updated by Lucas Di Pentima over 5 years ago

Update at 2c9a3ec26 - branch 14640-api-wb-activejob-upgrade
Test run: https://ci.curoverse.com/job/developer-run-tests/1017/

API & Workbench rails upgrade to 4.2.11

Actions
Copy link
 #2

Updated by Tom Clegg over 5 years ago

LGTM

Actions
Copy link
 #3

Updated by Lucas Di Pentima over 5 years ago

  • Target version set to 2018-12-21 Sprint
Actions
Copy link
 #4

Updated by Lucas Di Pentima over 5 years ago

  • Status changed from In Progress to Resolved
Actions
Copy link
 #5

Updated by Tom Morris about 5 years ago

  • Release set to 15
Actions
Copy link

Also available in: Atom PDF