chef-puma

chef-puma copied to clipboard

Bumps [rack](https://github.com/rack/rack) from 2.2.3 to 2.2.3.1. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...

dependabot[bot]

Bumps [yajl-ruby](https://github.com/brianmario/yajl-ruby) from 1.4.1 to 1.4.3. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...

dependabot[bot]

I noticed this today while using chef-puma. With the following configuration, I'm observing chef-puma creating logrotate config files in `/etc/logrotate.d` regardless of the inclusion of `logrotate false`. ``` %w{example-one-com example-two-com}.each...

jgarber623

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.3 to 1.16.2. Release notes Sourced from nokogiri's releases. v1.16.2 / 2024-02-04 Security [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See GHSA-xc9x-jj77-9p9j for more information. Dependencies...

dependabot[bot]

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.3 to 1.16.3. Release notes Sourced from nokogiri's releases. v1.16.3 / 2024-03-15 Dependencies [CRuby] Vendored libxml2 is updated to v2.12.6 from v2.12.5. (@​flavorjones) Changed [CRuby] XML::Reader sets...

dependabot[bot]

Bumps [rack](https://github.com/rack/rack) from 3.0.7 to 3.0.9.1. Release notes Sourced from rack's releases. v3.0.9.1 What's Changed Fixed ReDoS in Accept header parsing [CVE-2024-26146] Fixed ReDoS in Content Type header parsing [CVE-2024-25126]...

dependabot[bot]