Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • infra infra
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 55
    • Issues 55
    • List
    • Boards
    • Service Desk
    • Milestones
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • alpinealpine
  • infrainfra
  • infrainfra
  • Issues
  • #10149
Closed
Open
Issue created Mar 22, 2019 by Kevin Daudt@kdaudt💻Owner

Upgrade Redmine/Rails to mitigate CVE-2019-5418

See:

  • https://github.com/mpgn/CVE-2019-5418
  • https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/

bugs.alpinelinux.org:

alpine-bugs:/usr/share/webapps/redmine# gem list --local '^rails$'

*** LOCAL GEMS ***

rails (4.2.8)

This should be updated to 4.2.11.1 at least.

(from redmine: issue id 10149, created on 2019-03-22)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking