6.4.1/5.2.10 Releases for CVE-2022-23837? #5167
Replies: 3 comments 2 replies
-
|
6.4.0 contains the fix. The 5-x branch contains the fix for 5.x; a patch release will ship shortly. |
Beta Was this translation helpful? Give feedback.
-
|
I consider this a low priority issue (since it requires access to the Web UI and everyone has a login wall). |
Beta Was this translation helpful? Give feedback.
-
|
Has somebody started a change request on the cve list regarding sidekiq 5.2.10? Otherwise, I would try to contact tutumspace if they can edit it. |
Beta Was this translation helpful? Give feedback.
-
|
I wrote a change request to mitre. I will update here if the request gets through. |
Beta Was this translation helpful? Give feedback.
-
|
This was updated. The cve now also includes 5.2.10 as fixed version. |
Beta Was this translation helpful? Give feedback.
-
I see that patches were made for CVE-2022-23837 a couple days ago but there haven't been any gem bumps - would you mind cutting new gem releases for that security fix?
Thank You!
Beta Was this translation helpful? Give feedback.
All reactions