Fwd: [noosfero/noosfero] One of your dependencies may have a security vulnerability
Rodrigo Souto
rodrigo at colivre.coop.br
Tue Jan 9 12:19:58 BRST 2018
Valeu, Braulio!
https://gitlab.com/noosfero/noosfero/merge_requests/1373
On 05-01-2018 22:52, Bráulio Bhavamitra wrote:
>
>
> ---------- Forwarded message ---------
> From: GitHub <notifications em github.com <mailto:notifications em github.com>>
> Date: Sex, 5 de jan de 2018 22:13
> Subject: [noosfero/noosfero] One of your dependencies may have a
> security vulnerability
> To: noosfero/noosfero <noosfero em noreply.github.com
> <mailto:noosfero em noreply.github.com>>
> Cc: Security alert <security_alert em noreply.github.com
> <mailto:security_alert em noreply.github.com>>
>
>
>
>
> We found a potential security vulnerabilty in one of your dependencies
> GitHub
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlaoUQ7ZnNSfaod-2BRPoWgKQ-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2Uwk3aQTTBss7UceD8xYERn3qLSsFouNi8jz3nH9UjcewS-2FO1hXmPncfMUvHFFHEbNimvSdoyxuT5RIhg9-2B35b05F-2BKIABwrMKRR4khWEF0xu09KNghUwkaU8EpvUSjvynF4d4EUU2JCVkscldxGV56up-2Bf9AaMud2KNEcszHEGi-2FVD2VgJZ5FftgAV2lfJF3A>
> Sign in
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2Uo6ZwYo-2Fmn-2BOkRb22Dso5d5YKd4yRGN4TTnkwnqPssWEOJbw8uB2Fx2yosBp8iXMRzCEqOfqdWwbfHLZEnHpni25n5Rda2CaERKOT1UrNQUJo1qMk6RLoy4JAZIcAX4dSkHI3phquWEJZaZkjzu4YHU-2FgMyAKTcbAAr-2FykEyHjaGi8GhPXagaXfvvMejLINEZ>
>
>
> *brauliobo,*
>
> We found a potential security vulnerability in one of the dependencies
> used by a repository that you contribute to.
>
> @noosfero noosfero/noosfero
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBjPhjD5gZBxIugJyQNgSGKVCVi8y-2FEVRf3Z4JhUs95Wl_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UKBXqH-2B8rcM-2BNzn5bR-2B2H6vdOGI4f5MZx9y4-2BaYnc6yl1Vi-2Fk0kSR4rfe-2BrpRprJ13Pm0pzOOcS94kfCS0TmyDMEeVTDyZY3LuEs6j-2FrQnztTt4P0d-2FUng780b4NBg0UeQIjiFrndBQSqS5FSBg2VZN-2FWdto1BWAjn-2FQ2HvqSC-2BxIVcn94NuHrb-2FQppscF2u-2F>
>
> Known *moderate severity* security vulnerability detected in |net-ldap
> < 0.16.0| defined in |Gemfile|
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBjPhjD5gZBxIugJyQNgSGKX9o8RcdXaH1aIvuBrjqFMLYTwObdRd2W70aCHurW3Jj0U352cEDU-2BZjNtfbVvnL0E-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UKWjQztMWrG78nhdVeCnRvUbconIIidu2vhGzwvu9dxdWFelkcq4NI-2FAa6jANocrnS3RH8WvRqPmZVI-2FbNTm05vMSrfvABwhirDrQ9R5zUEQfoooKJ4kOKqUW0POIqUNZFvJvJkaZyvo3M5vgyJrxcqxjkYAKdamhMhjSc7CRmf3VxyANl2ils6AdHKlBiG1N>.
>
> |Gemfile|
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBjPhjD5gZBxIugJyQNgSGKX9o8RcdXaH1aIvuBrjqFMLYTwObdRd2W70aCHurW3Jj0U352cEDU-2BZjNtfbVvnL0E-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2U3YKWDbrW9DqEvPCdZioAxnhOAtVtzqNa3CpmgILK8g1zyOu38CEGhnG6GTgHvKiMQ-2BOPYVm6rc7ytO7kULVGf7Wmh-2Fn3limcAGyfcmQ13MkAn2ooDNNaUFhKoFv0KhQ09Dn7YR5mVOTNGcEFTa7EwvG2NqE0nwSLFOt8zuqrgy2IoPSXakgDlpYmQM-2FEG-2BZn>
> update suggested: |net-ldap ~> 0.16.0|.
> Always verify the validity and compatibility of suggestions with your
> codebase.
>
>
> Review vulnerable dependency
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBjPhjD5gZBxIugJyQNgSGKWFh5zTe9lMjpTEipdR9EQkpq3RCytivFBgiZoHaLmACw-3D-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2U5pUE0x3qVN9TU9npyjWjmR8w2NK4ifZHqLbBNQW-2BVksA6GVZ129em6V63co56cFDtevYy42ErTfk5Pj4sbUSyb5-2BeYlz4HY0AfmspckTeg658WOzctfuEvjwxcDyaTg9OkDQ9FZQI-2Fre3vmAiRDf5hTpPoTKLX-2FNCCG-2FXaetKftVRbgFl-2FQUKGlfWlyhdrmX>
>
>
> ------------------------------------------------------------------------
>
> Unsubscribe
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBh4tM-2BvbnAt1ZCBIm0TQChRsti2oUDbPtOO7snnCj3QEM-2BYLiMT8nzcdqbob0p1kzGU2OTMBehrmtrj7EvHLsCmuSqPLly6l2ujy1ek-2FOkl3XI1FU7V6AtIK03fs8FqeOw-3D-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UmU7wiCHKX24QA6nmXgqiCgMX8qESxf-2FmZau8hBdxzuHTnlJjHfTyrUDiQmSR6c8gU5YVlvdKbafC7z6kdewiG9oxNzmu0Bn-2B4UckFZsBYoDDCvzxmXdffeI4bF7lsNLsUALme4X81lNSE98DEE2lHR405-2FOvhYXEVDplxZM6lVJ-2FygjKzY9fGEqTM5nMzG-2FJ>
> · Email preferences
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlttXBNYv-2BeGM-2FMVHbSBvTrPDvaZJ5yvsxfEVwy5gWOO_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2U0KAJAePBXMLowVaFH-2FlzoLFbGw9myIwgeCsBQx7XVgHbC2F13Zq5TqNBXK4C77Mh2AMuGaBzTp0qJCu3W5a6R1N3cCAj4zdDl5qG6VkM-2FRCccpIegcIwVCKQBkmHGxylxmZtYES45p0sZEgukX2tUknfRjnElAt1jigvkvoMRNC9oMbqEO-2BWaC76PDJtBmY3>
> · Terms
> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkI7aIK5sDG6eHhf6PFf2GZEMdAPO1mXdWyaS9GI2aLnBA-3D-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UL5mKmsqZDicexY5sIY1TAEFEpRHYoOA-2FCl0CZf8w-2F8LXtKns7-2BpysMFFgBrx0YlNSZrlWq9vRQ1eajoQnQG5Ujv5HR1CRZ8GrGa1ZDKAooAaYJHUXsaheUYyoioM5W8FsNC47OqHMTPQe5q0xnW2G9ypj5V6PJmmgzpJo3SMmoB9pBNxuMqFaeiCCehcSW4d>
> · Privacy
> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkKdSMxJcKXeaeoPn0qQqs-2Fw-2BqmMjx3QOoJQotJaBhy-2FxQ-3D-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UGdQDbuGSycu73wg6LmHUaC41nxCX5HjHkAH61NGaDjTMdMOpQ87ZfYdKovU9RRbFrQIgXtPubF3DrjCQJRuT-2FRNeWv1xPrwPxq2rAOpG3cvfvjpP9vDgCCq-2Bt90-2F2nYb-2FRXnq-2BZ9ilUDAnBN-2FqJ3aJkySpzsbpp7oCe-2BMqol-2F0KdvNvDqvbtQOtawbEXEi-2By>
> · Sign into GitHub
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_tz15RdaBlAs2zWwF6qNeVcmVOaKouly5IUnLisAtvKv4ZI30RlJ31wWrGHDgKI2UvwQeQK0wVxSUqZlj8T7aS63f3Ncs3n60LCAdB1KeCoL5Q4qDFGRfzL2n7NiK6tk5335Phrk-2FQtCKaQ4aoolMt8l507PBTwPRHXrdET4C2uxJbIVfDijuE7A6H20VYrpOJlkkOoX2AGfu1-2BDovXiecSXkYQk7s9pVTwhXvOZwGRcMP4y-2B7LAAUWBWSfl94pXa>
>
>
> GitHub, Inc.
> 88 Colin P Kelly Jr St.
> <https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D+San+Francisco,+CA+94107&entry=gmail&source=g>
> San Francisco, CA 94107
> <https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D+San+Francisco,+CA+94107&entry=gmail&source=g>
>
>
>
>
>
> _______________________________________________
> Noosfero-br mailing list
> Noosfero-br em listas.softwarelivre.org
> https://listas.softwarelivre.org/cgi-bin/mailman/listinfo/noosfero-br
--
Rodrigo Souto - rodrigo em colivre.coop.br
Colivre - Cooperativa de Tecnologias Livres
www.Colivre.coop.br
Tel: 71-3011-2199 / 3331-2299
-------------- Pr�xima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-br/attachments/20180109/1f392bf0/attachment-0001.html>
-------------- Pr�xima Parte ----------
Um anexo n�o-texto foi limpo...
Nome: signature.asc
Tipo: application/pgp-signature
Tamanho: 488 bytes
Descri��o: OpenPGP digital signature
URL: <http://listas.softwarelivre.org/pipermail/noosfero-br/attachments/20180109/1f392bf0/attachment-0001.pgp>
More information about the Noosfero-br
mailing list