Commit bedc97b
committed
net-imap: Update 0.3.9->0.4.24
This commit upgrades the bundled net-imap gem in Ruby 3.2.11 from the
original version of 0.3.9 to 04.24. This release contains a fix
for the following high-severity issue with STARTTLS:
- GHSA-vcgp-9326-pqcp
There will be no further upstream releases to Ruby 3.2, thus we
have to upgrade this gem ourselves. The 0.4.0 release has a few breaking
changes, however there are several issues with the 0.3.10 version of
`net-imap`:
- It will be the last release to `net-imap` 0.3.x
- The 0.3.x releases will not install in containerized build
environments where the default locale is set to `POSIX` (Debian).
This was resloved in the 0.4.3 release by:
ruby/net-imap#210
- The 0.4.24 release contains fixes for additional medium-to-low
severity issues:
* GHSA-hm49-wcqc-g2xg
* GHSA-q2mw-fvj9-vvcw
* GHSA-87pf-fpwv-p7m7
* GHSA-75xq-5h9v-w6px
CVE-2026-42246
CVE-2026-42257
CVE-2026-42256
CVE-2026-42258
CVE-2026-42245
Signed-off-by: Charlie Sharpsteen <charlie@overlookinfratech.com>1 parent b2e1838 commit bedc97b
1 file changed
Lines changed: 20 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
45 | 45 | | |
46 | 46 | | |
47 | 47 | | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
48 | 68 | | |
49 | 69 | | |
50 | 70 | | |
| |||
0 commit comments