Skip to content

Bump puma from 5.5.0 to 5.5.2

libautomation requested to merge dependabot/bundler/puma-5.5.2 into main

Bumps puma from 5.5.0 to 5.5.2.

Release notes

Sourced from puma's releases.

5.5.2

Re-allows UTF-8 in HTTP header values

5.5.1

https://github.com/puma/puma/security/advisories/GHSA-48w2-rm65-62xx

Changelog

Sourced from puma's changelog.

5.5.2 / 2021-10-12

  • Bugfixes
    • Allow UTF-8 in HTTP header values

5.5.1 / 2021-10-12

  • Security
    • Do not allow LF as a line ending in a header (CVE-2021-41136)
Commits
  • a2bcda4 5.5.2
  • dc76d95 HTTP header field values: Allow all octets to be passed in as obscure data (#...
  • acdc3ae Merge pull request from GHSA-48w2-rm65-62xx
  • 61dd7f4 CI: Improve "set SSL" step name
  • 20dc923 Extract calls to purge_interrupt_queue (#2716)
  • cf991f6 Update instructions for GitHub actions [ci skip] (#2717)
  • 520dc92 Clean up some duplicated code (#2715)
  • 21e9a4a Clean up and format markdown documentation (#2714)
  • f0d73a7 Improve localhost SSL integration docs (#2712)
  • e2815b6 Reimplement delete environment tests (#2710)
  • Additional commits viewable in compare view

Merge request reports