v1.2.8
·
34 commits
to main
since this release
v1.2.8
john-odonnell
John O'Donnell
This tag was signed with the committer’s verified signature.
john-odonnell
John O'Donnell
Changed
- Upgrade supported Ruby version to 3.1.x. Resolves CVE-2021-33621, CVE-2020-36327 and CVE-2021-43809
cyberark/conjur-service-broker#306
Security
- Update activesupport in Gemfile.lock to 6.1.7.2 for CVE-2023-22796 (not vulnerable)
cyberark/conjur-service-broker#312 - Update activesupport in tests/integration/test-app/Gemfile.lock to 7.0.4.1
for CVE-2023-22796 (not vulnerable)
cyberark/conjur-service-broker#307 - Update conjur-api-go to v0.10.2 to udpate indirect dependency gopkg.in/yaml.v2
cyberark/conjur-service-broker#305 - Update loofah to 2.19.1 for CVE-2022-23514, CVE-2022-23515 and CVE-2022-23516 (all Not Vulnerable)
and rails-html-sanitizr to 1.4.4 for CVE-2022-23517, CVE-2022-23518, CVE-2022-23519, and CVE-2022-23520 (Not vulnerable)
cyberark/conjur-service-broker#304 - Upgrade nokogiri to 1.13.10 to resolve CVE-2022-23476
cyberark/conjur-service-broker#302 - Upgrade sinatra to 2.2.3 in tests/integration/test-app
cyberark/conjur-service-broker#301