Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2] Upgrade rubocop to version 0.49.0 or later #14

Closed
emma5678 opened this issue Feb 12, 2019 · 3 comments
Closed

[2] Upgrade rubocop to version 0.49.0 or later #14

emma5678 opened this issue Feb 12, 2019 · 3 comments
Labels
medium severity vulnerability

Comments

@emma5678
Copy link

Rubocop vulnerability present in penthouse.gemspec. We need to upgrade to 0.49.0 or later.

This needs to be complete by April 2019.

Vulnerability details:

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
@JoshuaTatterton JoshuaTatterton changed the title Upgrade rubocop to version 0.49.0 or later [2] Upgrade rubocop to version 0.49.0 or later Apr 12, 2019
@emma5678
Copy link
Author

@krisquigley @ryantownsend can this be addressed please.

@emma5678
Copy link
Author

emma5678 commented Sep 9, 2019

@ryantownsend @krisquigley can this ticket be prioritised please

@simonireilly
Copy link

closed by #16 we are now using standardrb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
medium severity vulnerability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@simonireilly @emma5678