Resolve "Bump rubygems to latest version to address CVE-2017-0903" (!2462) · Merge requests · GitLab.org / omnibus-gitlab

Balasankar 'Balu' C requested to merge 3429-bump-rubygems into master Apr 18, 2018

Closes #3429

Upstream changelog

=== 2.6.14 / 2017-10-09

Security fixes:

* Whitelist classes and symbols that are in loaded YAML.
  See CVE-2017-0903 for full details.
  Fix by Aaron Patterson.

Edited Apr 18, 2018 by Balasankar 'Balu' C

Resolve "Bump rubygems to latest version to address CVE-2017-0903"

Merge request reports