We're updating the issue view to help you get more done. 

Update Rack gem to 2.0.6

Description

Version 2.0.5 of Rack has two vulnerabilities:

Name: rack
Version: 2.0.5
Advisory: CVE‌-2018-16471
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
Title: Possible XSS vulnerability in Rack
Solution: upgrade to ~> 1.6.11, >= 2.0.6

Name: rack
Version: 2.0.5
Advisory: CVE‌-2018-16470
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
Title: Possible DoS vulnerability in Rack
Solution: upgrade to >= 2.0.6

Pull request from Dependabot: https://github.com/otwcode/otwarchive/pull/3462

Testing-wise, if the site loads, we’re probably okay.

Environment

Status

Assignee

Unassigned

Reporter

Sarken

Roadmap

Misc

Priority

Medium

Affects versions

0.9.226

Fix versions

Components

BackEnd

Difficulty

Easy

Epic Link

Milestone

Internal 0.9