Bug 1328281

Summary: need updated rubygem-rake
Product: Red Hat Satellite Reporter: Mike McCune <mmccune>
Component: PackagingAssignee: Mike McCune <mmccune>
Status: CLOSED WONTFIX QA Contact: Katello QA List <katello-qa-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.1.8CC: bkearney, ehelms, mmccune, nitthoma, vdhande
Target Milestone: UnspecifiedFlags: nitthoma: needinfo? (mmccune)
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-05-19 12:45:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Mike McCune 2016-04-18 22:41:19 UTC
Red Hat shipped an update to rubygem-rake in this CVE/Errata:

 https://access.redhat.com/errata/RHSA-2014:1912

we are currently shipping rubygem-rake-0.9.2.2-41.el7sat which is outdated and vulnerable to the above CVE.

We need to get an updated version of this rubygem into Satellite 6.1

Comment 3 Bryan Kearney 2017-05-19 12:45:28 UTC
We will not be addressing this bug in the 6.1 code base. If you have concerns with this, please feel free to reach out to me with any concerns or issues you may have. Thank you.