From 3f8d0de82e15f80f1dfbd4d93f721b2853538774 Mon Sep 17 00:00:00 2001 From: Daigo 3 Dango Date: Fri, 9 Apr 2021 00:31:36 +0000 Subject: Upgrade Ruby to 2.7.3 (#16004) * Upgrade Ruby to 2.7.3 https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ includes security fixes to - CVE-2021-28965: XML round-trip vulnerability in REXML - CVE-2021-28966: Path traversal in Tempfile on Windows * Update rexml to 3.2.5 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Dockerfile') diff --git a/Dockerfile b/Dockerfile index 962e5a8c9..ee0fc6e69 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN ARCH= && \ mv node-v$NODE_VER-linux-$ARCH /opt/node # Install Ruby -ENV RUBY_VER="2.7.2" +ENV RUBY_VER="2.7.3" RUN apt-get update && \ apt-get install -y --no-install-recommends build-essential \ bison libyaml-dev libgdbm-dev libreadline-dev libjemalloc-dev \ -- cgit