[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rails update

On Fri, Jun 19, 2020 at 10:46 PM Utkarsh Gupta <utkarsh@debian.org> wrote:
> Just letting you know with my rails' maintainer hat on..
> I faced a regression where I think, activestorage (one of rails' binary),
> broke and in turn, it broke a bunch of other gems as well.
> Please ensure that the fix of these CVE(s) won't break other libraries
> because otherwise, it would mess up an instance.
> Of course, the tests would pass, but if you can check and ensure that
> it's not breaking other stuff, you're good to go! :)

Also, I think it originated  due to babel (I am not sure though!), but that was
the closest I got to when debugging.
If so, then I don't think anything would break.

Anyway, this was the patch that fixed the regression:


Reply to: