diff options
| author | Tim Smith <tsmith@chef.io> | 2019-09-09 21:44:50 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-09 21:44:50 -0700 |
| commit | 247e52b99a7183ec5c015d43a13b4fadb73985de (patch) | |
| tree | 81b50dd323f3753467b6d42e4146720393ffd314 | |
| parent | f42271a8981f9ae9b0dbc93f9be612cf2feb4883 (diff) | |
| parent | 6907a821d5cdf230e9f8b8d1b2dd375cbddb876c (diff) | |
| download | chef-247e52b99a7183ec5c015d43a13b4fadb73985de.tar.gz | |
Merge pull request #8851 from chef/cve_patch
Update Ruby to 2.6.4 and nokogori to 10.10.4 to resolve CVEs
| -rw-r--r-- | Gemfile.lock | 2 | ||||
| -rw-r--r-- | omnibus/Gemfile.lock | 16 | ||||
| -rw-r--r-- | omnibus_overrides.rb | 4 |
3 files changed, 11 insertions, 11 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index 85f7798e7a..d785d159a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -304,7 +304,7 @@ GEM ruby-progressbar (1.10.1) ruby-shadow (2.5.0) rubyntlm (0.6.2) - rubyzip (1.2.3) + rubyzip (1.2.4) safe_yaml (1.0.5) semverse (3.0.0) simplecov (0.17.0) diff --git a/omnibus/Gemfile.lock b/omnibus/Gemfile.lock index 09d7e4f6f6..700031007b 100644 --- a/omnibus/Gemfile.lock +++ b/omnibus/Gemfile.lock @@ -18,7 +18,7 @@ GIT GIT remote: https://github.com/chef/omnibus-software - revision: b851a32e09a384cad768a6d44df267ffe920cfc2 + revision: 82ff3963cf4624afd77dfd283a187e25d21325b9 branch: master specs: omnibus-software (4.0.0) @@ -33,8 +33,8 @@ GEM artifactory (3.0.5) awesome_print (1.8.0) aws-eventstream (1.0.3) - aws-partitions (1.208.0) - aws-sdk-core (3.66.0) + aws-partitions (1.211.0) + aws-sdk-core (3.67.0) aws-eventstream (~> 1.0, >= 1.0.2) aws-partitions (~> 1.0) aws-sigv4 (~> 1.1) @@ -198,7 +198,7 @@ GEM logging (2.2.2) little-plugger (~> 1.1) multi_json (~> 1.10) - minitar (0.8) + minitar (0.9) mixlib-archive (1.0.1) mixlib-log mixlib-archive (1.0.1-universal-mingw32) @@ -234,7 +234,7 @@ GEM nori (2.6.0) octokit (4.14.0) sawyer (~> 0.8.0, >= 0.5.3) - ohai (15.2.5) + ohai (15.3.1) chef-config (>= 12.8, < 16) ffi (~> 1.9) ffi-yajl (~> 2.2) @@ -263,7 +263,7 @@ GEM retryable (3.0.4) ruby-progressbar (1.10.1) rubyntlm (0.6.2) - rubyzip (1.2.3) + rubyzip (1.2.4) sawyer (0.8.2) addressable (>= 2.3.5) faraday (> 0.8, < 2.0) @@ -279,12 +279,12 @@ GEM structured_warnings (0.4.0) syslog-logger (1.6.8) systemu (2.6.5) - test-kitchen (2.3.1) + test-kitchen (2.3.2) bcrypt_pbkdf (~> 1.0) ed25519 (~> 1.2) license-acceptance (~> 1.0, >= 1.0.11) mixlib-install (~> 3.6) - mixlib-shellout (>= 1.2, < 3.0) + mixlib-shellout (>= 1.2, < 4.0) net-scp (>= 1.1, < 3.0) net-ssh (>= 2.9, < 6.0) net-ssh-gateway (>= 1.2, < 3.0) diff --git a/omnibus_overrides.rb b/omnibus_overrides.rb index 1f33f9be1f..cd8d0f1cd8 100644 --- a/omnibus_overrides.rb +++ b/omnibus_overrides.rb @@ -16,10 +16,10 @@ override "libxslt", version: "1.1.30" override "libyaml", version: "0.1.7" override "makedepend", version: "1.0.5" override "ncurses", version: "5.9" -override "nokogiri", version: "1.10.2" +override "nokogiri", version: "1.10.4" override "openssl", version: "1.0.2s" override "pkg-config-lite", version: "0.28-1" -override "ruby", version: "2.6.3" +override "ruby", version: "2.6.4" override "ruby-windows-devkit-bash", version: "3.1.23-4-msys-1.0.18" override "util-macros", version: "1.19.0" override "xproto", version: "7.0.28" |