Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport release-24.11] redmine: 5.1.4 -> 5.1.5 #367508

Merged
merged 1 commit into from
Dec 24, 2024
Merged

[Backport release-24.11] redmine: 5.1.4 -> 5.1.5 #367508

merged 1 commit into from
Dec 24, 2024
+67 −65

Conversation

nix-backports[bot]
Copy link

@nix-backports nix-backports bot commented Dec 23, 2024

Bot-based backport to release-24.11, triggered by a label in #365684.

  • Before merging, ensure that this backport is acceptable for the release.
    • Even as a non-commiter, if you find that it is not acceptable, leave a comment.

@felixsinger @github-actions
redmine: 5.1.4 -> 5.1.5
cfa1b1f 
Update Redmine and used gems. Also, remove x86_64-linux from bundler
platforms because the gem dependencies are messed up.

Updating gems fixes the following CVEs:

  * CVE-2024-53985
  * CVE-2024-53986
  * CVE-2024-53987
  * CVE-2024-53988
  * CVE-2024-53989

The following vulnerabilities remain:

  * CVE-2024-54133
  * GHSA-r95h-9x8f-r3f7

Signed-off-by: Felix Singer <[email protected]>
(cherry picked from commit df25565)
@nix-backports nix-backports bot added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Dec 23, 2024
@nix-backports nix-backports bot mentioned this pull request Dec 23, 2024
Merged
13 tasks
@github-actions github-actions bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 labels Dec 23, 2024
@felixsinger
Copy link
Member

@NixOS/nixpkgs-merge-bot merge

@nixpkgs-merge-bot
Copy link
Contributor

@felixsinger merge not permitted (#305350):
pr is not targeted to any of the allowed branches: staging, staging-next, master

@wegank wegank added 12.approvals: 1 This PR was reviewed and approved by one reputable person 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in the package labels Dec 23, 2024
@r-vdp r-vdp merged commit 42e05dc into release-24.11 Dec 24, 2024
43 of 44 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@megheaiulian megheaiulian Awaiting requested review from megheaiulian

@felixsinger felixsinger Awaiting requested review from felixsinger

@aanderse aanderse Awaiting requested review from aanderse

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 10.rebuild-linux: 1 12.approvals: 1 This PR was reviewed and approved by one reputable person 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in the package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@felixsinger @r-vdp @wegank