summaryrefslogtreecommitdiff
path: root/omnibus/Gemfile.lock
Commit message (Collapse)AuthorAgeFilesLines
* Update omnibus-software to 74e9d0Bryan McLellan2020-05-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | - openssl 1.0.2v > Changes between 1.0.2u and 1.0.2v [5 May 2020] > > *) Implemented coordinate blinding for the generic implementations of both > binary and prime elliptic curves to avoid leaking bits of the scalar and, > potentially, bug attacks. A group of security researchers and > cryptographers from academia and industry, listed below, reported a > successful cache timing attack in OpenSSL 1.0.2u against specific prime and > binary curves whose order or field length is close to a word boundary. They > also provided the fix. This attack does not fit the OpenSSL threat model > and so no CVE is assigned, but a fix is implemented nonetheless. > [Diego F. Aranha, Akira Takahashi, Mehdi Tibouchi, Yuval Yarom] - removes lalr1.java on windows https://github.com/chef/customer-bugs/issues/91 Signed-off-by: Bryan McLellan <btm@loftninjas.org>
* Update omnibus-software for new msys2 pathjsinha/chef-15-msys2_updtJaymala Sinha2020-05-061-8/+8
| | | | Signed-off-by: Jaymala Sinha <jsinha@chef.io>
* Update our omnibus software def to fix bundler on windowsTim Smith2020-04-221-12/+12
| | | | | | Pull in the latest and greatest Signed-off-by: Tim Smith <tsmith@chef.io>
* Update omnibus-software to avoid appbundler adding extra gemsTim Smith2020-04-211-1/+1
| | | | | | This changes how appbundler comes in Signed-off-by: Tim Smith <tsmith@chef.io>
* Update Ohai to 15.9Tim Smith2020-04-211-2/+2
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update omnibus-software to resolve shipping 2 copies of pryTim Smith2020-04-211-6/+6
| | | | | | This updates how we appbundler Ohai which prevents us from shipping two copies of pry. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update license_scout to 1.1.8Tim Smith2020-04-151-2/+2
| | | | | | This fixes failures validating chef-api Signed-off-by: Tim Smith <tsmith@chef.io>
* Require at least train-core 3.2.28 to resolve sudo issuesTim Smith2020-04-151-5/+5
| | | | | | Make sure that even a gem install of chef will work correctly here. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update InSpec to 4.18.104Tim Smith2020-04-081-15/+15
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update omnibus-software to fix Ruby 2.6.6 on AIXTim Smith2020-04-021-1/+1
| | | | | | | This adjusts the versions where we apply an AIX patch that is necessary for Ruby 2.6.6 on AIX Signed-off-by: Tim Smith <tsmith@chef.io>
* Update Ruby to 2.6.6, Rake to 12.3.3 and libarchive to 3.4.2bumps_15Tim Smith2020-04-011-10/+8
| | | | | | | | Ruby resolves 2 CVEs: https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-6-6-released/ Rake is bundled in Ruby libarchive updated to 3.4.2 for multiple security issues including CVE-2019-19221 and CVE-2020-9308 Signed-off-by: Tim Smith <tsmith@chef.io>
* Update InSpec 4.18.100, Ohai to 15.8, and Fauxhai to 8Tim Smith2020-03-161-34/+34
| | | | | | Update many other deps as well Signed-off-by: Tim Smith <tsmith@chef.io>
* Update all deps to latestupdates_15_v2Tim Smith2020-02-101-3/+3
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update inspec-core to 4.18.85Tim Smith2020-02-061-1/+4
| | | | | | Pull in the latest inspec release. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update all the Chef 15 deps to the latestTim Smith2020-02-051-6/+6
| | | | | | Mostly to pull in the latest FFI Signed-off-by: Tim Smith <tsmith@chef.io>
* Adding entitlement for unsigned memory executionjm/add_unsigned_memory_entilement_15Jon Morrow2020-02-011-5/+5
| | | | | | | ffi loads c code into memory in an unsigned way and this allows workstation to work with the hardened runtime. Signed-off-by: Jon Morrow <jmorrow@chef.io>
* Update train-core and win32-serviceupdatesTim Smith2020-01-301-1/+1
| | | | | | train-core includes multiple bugfixes and win32-service includes fixes for the new FFI to prevent log spam Signed-off-by: Tim Smith <tsmith@chef.io>
* Fixes all notarization issuesJon Morrow2020-01-271-21/+23
| | | | | | | | | This changes makes the neccessary changes to enable the pkg to pass apples notarization requirements. 1. Update omnibus and omnibus-software to versions that support deep signing 2. Drop 'Developer ID Installer:' from signing key. This lets sigining pick up the correct key for what is being signed. Signed-off-by: Jon Morrow <jmorrow@chef.io>
* Update ohai to 15.7.4Tim Smith2020-01-221-2/+2
| | | | | | This fixes issues with dmi data not showing up due to changes in chef-utils. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update Ohai to 15.7.4Tim Smith2020-01-211-2/+2
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Point at the 15-stable ohai branchTim Smith2020-01-171-2/+2
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update openssl to 1.0.2uTim Smith2020-01-161-10/+10
| | | | | | This resolves a CVE. in openssl 1.0.2t Signed-off-by: Tim Smith <tsmith@chef.io>
* bump to license_scount 1.1.3Lamont Granquist2020-01-131-3/+3
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Update to license_scout 1.1.2Tim Smith2020-01-131-4/+4
| | | | | | This should fix failures validating the sync gem. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update all deps to currentTim Smith2020-01-131-25/+26
| | | | | | Runtime and omnibus to current Signed-off-by: Tim Smith <tsmith@chef.io>
* Update libarchive to 1.0Tim Smith2019-12-281-1/+1
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update all omnibus deps to the latestTim Smith2019-12-271-23/+23
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* bump omnibus-software + rhel6 fixLamont Granquist2019-12-061-1/+1
| | | | | | most notably pulls in the -fstack-protector-strong fix for rhel6 Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Update omnnibus-software to add further ruby cleanupTim Smith2019-12-051-1/+1
| | | | | | This will drop our install size on disk by 4% Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump Omnibus to the latestTim Smith2019-12-041-4/+4
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update Ohai and pull in Ruby perf improvementsTim Smith2019-12-041-1/+1
| | | | | | | This is a much smaller Ohai and ruby that runs --version 25% faster on windows by improving require performance Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump omnibus-software to remove libtool+pkg-configLamont Granquist2019-12-041-34/+41
| | | | | | plus other changes. Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Revert "Bump omnibus-software to remove libtool+pkg-config"Lamont Granquist2019-12-041-41/+34
| | | | This reverts commit 6bce91fbf63bd2aa5fe48afdf13ca416d44c348f.
* Bump omnibus-software to remove libtool+pkg-configLamont Granquist2019-12-041-34/+41
| | | | | | plus other changes. Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Update InSpec to 4.18Tim Smith2019-11-141-8/+8
| | | | | | I increased the pin in the gemfile since bundler didn't seem to want to pull in a 4.18 build. Note this does lower our rspec dep due to the pin in InSpec. Signed-off-by: Tim Smith <tsmith@chef.io>
* Update all deps to the latest including omnibus-software with faster RubyTim Smith2019-11-131-12/+11
| | | | | | This includes the faster ruby patch in omnibus-software Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump all deps to currentTim Smith2019-11-121-14/+16
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update lixml2, libxslt, and nokogiri to the latestbump_lib_depsTim Smith2019-11-041-2/+2
| | | | | | Resolve multiple CVEs in these libs Signed-off-by: Tim Smith <tsmith@chef.io>
* Update omnibusJaymala Sinha2019-11-041-2/+2
| | | | Signed-off-by: Jaymala Sinha <jsinha@chef.io>
* Bump omnibus to 6.1.10Bryan McLellan2019-11-021-2/+2
| | | | | | Pull in fix https://github.com/chef/omnibus/pull/910 Signed-off-by: Bryan McLellan <btm@chef.io>
* Allow for the mixlib-authentication 3.x gemTim Smith2019-10-311-6/+6
| | | | | | | This gem is 70k smaller than the 2.x gem since it doesn't ship extra files Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump all deps to the latest versionsTim Smith2019-10-311-11/+11
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Update train to 3.1.4 and update omnibus-software to fix AIX rubyTim Smith2019-10-151-5/+5
| | | | | | Update everything to current Signed-off-by: Tim Smith <tsmith@chef.io>
* Require train ~3.1 for bootstrapping and openssl 1.0.2tbumps_2019Tim Smith2019-10-081-2/+2
| | | | | | Somehow we missed the actual openssl 1.0.2t bump. We need this train bump to fix a bug in bootstrap that had to happen on the train side. Signed-off-by: Tim Smith <tsmith@chef.io>
* Bump Ruby to 2.6.5 to address CVEs #8951Christopher A. Snapp2019-10-021-2/+2
| | | | Signed-off-by: Christopher A. Snapp <csnapp@chef.io>
* bump omnibus gemslcg/bump-omnibus2Lamont Granquist2019-09-301-2/+2
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* Update inspec to 4.17.11Tim Smith2019-09-301-4/+4
| | | | Signed-off-by: Tim Smith <tsmith@chef.io>
* Require train-winrm >= 0.2.5train_winrmTim Smith2019-09-241-1/+1
| | | | | | 0.2.4 and before are entirely broken for bootstrapping. Signed-off-by: Tim Smith <tsmith@chef.io>
* bump omnibus-softwareLamont Granquist2019-09-191-3/+2
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
* bump gemsLamont Granquist2019-09-191-8/+10
| | | | Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
View Lorry Controller Status