Update bundler to 2.2.33 (!204) · Merge requests · GitLab.org / GitLab Omnibus Builder

Gerard Hickey requested to merge 332502-bundler-update into master Jan 12, 2022

In order to remediate CVE-2020-36327 and CVE-2021-43809 the Ruby Bundler gem must be updated to a minimum version of 2.2.33. This MR updates the Bundler gem in all the builder docker images.

Testing is ongoing to insure that the updated Bundler gem does not break the build of omnibus-gitlab. The results of the testing may require a matching omnibus-gitlab MR that gets merged in conjunction with this MR.

Reference gitlab-org/gitlab#332502

Edited Jan 19, 2022 by Gerard Hickey

Update bundler to 2.2.33

Merge request reports