Update xmlhash to 1.3.8 for fix CVE-2022-21949

2022-05-16 11:36:50 +08:00 · 2022-05-16 11:36:50 +08:00 · 650f276668
commit 650f276668
parent 3914839b00
2 changed files with 5 additions and 2 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -468,7 +468,7 @@ GEM
    websocket-driver (0.7.1)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.4)
-    xmlhash (1.3.7)
+    xmlhash (1.3.8)
      pkg-config
    xmlrpc (0.3.0)
    xpath (3.2.0)
--- a/obs-server.spec
+++ b/obs-server.spec
@ -5,7 +5,7 @@

 Name:           obs-server
 Version:        2.10.11
-Release:        2
+Release:        3
 Summary:        The Open Build Service -- Server Component
 License:        GPL-2.0-only or GPL-3.0-only
 URL:            http://www.openbuildservice.org
@ -494,6 +494,9 @@ usermod -a -G docker obsservicerun
 %{_sbindir}/rcobsstoragesetup

 %changelog
+* Mon May 16 2022 wangkai <wangkai385@h-partners.com> - 2.10.11-3
+- Update xmlhash to 1.3.8 for fix CVE-2022-21949
+
 * Thu Mar 17 2022 houyingchao <houyingchao@huawei.com> - 2.10.11-2
 - Fix install failed