Skip to content

Commit 3bc3575

Browse files
pixeltrixpostmodern
pixeltrix
authored and
postmodern
committed
Relax version constraints to allow Rails 7.2.3 update
The ~> operator on the revision triggers a false positive on the latest patch update in the Rails 7.2.x release series.
1 parent c506afc commit 3bc3575

File tree

3 files changed

+3
-3
lines changed

3 files changed

+3
-3
lines changed

gems/actionpack/CVE-2024-54133.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ unaffected_versions:
3636
patched_versions:
3737
- "~> 7.0.8.7"
3838
- "~> 7.1.5.1"
39-
- "~> 7.2.2.1"
39+
- "~> 7.2.2, >= 7.2.2.1"
4040
- ">= 8.0.0.1"
4141
related:
4242
url:

gems/activerecord/CVE-2025-55193.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ description: |
2525
this vulnerability.
2626
patched_versions:
2727
- "~> 7.1.5.2"
28-
- "~> 7.2.2.2"
28+
- "~> 7.2.2, >= 7.2.2.2"
2929
- ">= 8.0.2.1"
3030
related:
3131
url:

gems/activestorage/CVE-2025-24293.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ unaffected_versions:
5959
- "< 5.20"
6060
patched_versions:
6161
- "~> 7.1.5.2"
62-
- "~> 7.2.2.2"
62+
- "~> 7.2.2, >= 7.2.2.2"
6363
- ">= 8.0.2.1"
6464
related:
6565
url:

0 commit comments

Comments
 (0)