As per vulnerability scanner ruby-rack package is affected by multiple vulnerabilities.
Used Zammad version: 5.3.1-1673513898.e8e9d825.focal
Used Zammad installation type: (source)
Operating system: Ubuntu 20.04.5 LTS
Browser + version: Chrome + Version 113.0.5672.127 (Official Build) (64-bit)
Ruby Version : ruby 2.7.0p0 (2019-12-25 revision 647ee6f091) [x86_64-linux-gnu]
- Installed package : **ruby-rack_2.0.7-2ubuntu0.1**
- as per suggestion Fixed package is this : **ruby-rack_2.0.7-2ubuntu0.1+esm2**
Please see below url
https://ubuntu.com/security/notices/USN-5896-1
it is showing for Ubuntu Pro.
Please guide.
Zammad 5.3.1 is over 9 month old. Upgrade as per documentation and release notes.
my bad the version is
This is Zammad version 5.4.1-1685652268.d074a0f4.focal
6.0 will resolve the issue ?
Package installations of Zammad come with pre-bundled gems.
Gemfile.lock of the current stable:
And the current software requrements:
https://docs.zammad.org/en/latest/prerequisites/software.html
If you check the ruby versions there you’ll notice that you’re talking about ruby version not used by Zammad here.
system
Closed
7
This topic was automatically closed 360 days after the last reply. New replies are no longer allowed.