Bug #22422: Update Go (and other) dependencies to address security issues - Arvados

Actions

Bug #22422

closed

Update Go (and other) dependencies to address security issues

Added by Lucas Di Pentima about 1 month ago. Updated about 1 month ago.

Status:

Resolved

Priority:

Normal

Assigned To:

Lucas Di Pentima

Category:

API

Target version:

Development 2025-01-08

Story points:

-

Release:

Release relationship:

Auto

Actions

#1

Updated by Lucas Di Pentima about 1 month ago

Subject changed from Update Go dependencies to address security issues to Update Go (and other) dependencies to address security issues

Actions

#2

Updated by Lucas Di Pentima about 1 month ago

Updates at 353a19e - branch 22422-dependencies-update
Test run: developer-run-tests: #4579

Updates go module golang.org/x/crypto to address CVE-2024-45337
Updates go module golang.org/x/net to address CVE-2024-45338
Updates go module github.com/golang-jwt/jwt/v4 to address CVE-2024-51744
Updates actionpack gem to address CVE-2024-47887, CVE-2024-41128, CVE-2024-54133
Updates actiomailer gem to address CVE-2024-47889
Updates actiontext gem to address CVE-2024-47888
Updates rails-html-sanitizer to address CVE-2024-53989, CVE-2024-53987, CVE-2024-53988,
CVE-2024-53986, CVE-2024-53985

Actions

#3

Updated by Lucas Di Pentima about 1 month ago

Status changed from In Progress to Resolved

Applied in changeset arvados|841d4dd7fe8d0559b675670d8edf0f24f8cf3c3f.

Actions

Also available in: Atom PDF