From 0f57ce9f2bf9c2e04054b228897a0bb08956b8af Mon Sep 17 00:00:00 2001 From: wk333 <13474090681@163.com> Date: Mon, 16 May 2022 10:42:30 +0800 Subject: [PATCH] Update xmlhash to 1.3.8 for fix CVE-2022-21949 --- Gemfile.lock.aarch64 | 4 ++-- Gemfile.lock.x86 | 4 ++-- obs-server.spec | 5 ++++- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock.aarch64 b/Gemfile.lock.aarch64 index 2ae0a67..3853f60 100644 --- a/Gemfile.lock.aarch64 +++ b/Gemfile.lock.aarch64 @@ -1,5 +1,5 @@ GEM - remote: https://rubygems.org/ + remote: https://anonymous:devcloud@mirrors.huaweicloud.com/repository/rubygems/ specs: actioncable (5.2.7) actionpack (= 5.2.7) @@ -476,7 +476,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - xmlhash (1.3.7) + xmlhash (1.3.8) pkg-config xmlrpc (0.3.2) webrick diff --git a/Gemfile.lock.x86 b/Gemfile.lock.x86 index 4357e5a..2903b9b 100644 --- a/Gemfile.lock.x86 +++ b/Gemfile.lock.x86 @@ -1,5 +1,5 @@ GEM - remote: https://rubygems.org/ + remote: https://anonymous:devcloud@mirrors.huaweicloud.com/repository/rubygems/ specs: actioncable (5.2.7) actionpack (= 5.2.7) @@ -476,7 +476,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - xmlhash (1.3.7) + xmlhash (1.3.8) pkg-config xmlrpc (0.3.2) webrick diff --git a/obs-server.spec b/obs-server.spec index cccc5a5..abdf3bc 100644 --- a/obs-server.spec +++ b/obs-server.spec @@ -6,7 +6,7 @@ Name: obs-server Version: 2.10.11 -Release: 3 +Release: 4 Summary: The Open Build Service -- Server Component License: GPL-2.0-only OR GPL-3.0-only URL: http://www.openbuildservice.org @@ -516,6 +516,9 @@ usermod -a -G docker obsservicerun %{_sbindir}/rcobsstoragesetup %changelog +* Mon May 16 2022 wangkai - 2.10.11-4 +- Update xmlhash to 1.3.8 for fix CVE-2022-21949 + * Mon Mar 28 2022 wulei - 2.10.11-3 - Fix installation failed -- Gitee