Skip to content

Commit da80673

Browse files
[AUTOPATCHER-CORE] Upgrade rubygem-concurrent-ruby to 1.3.7 for CVE-2026-54904, CVE-2026-54905, CVE-2026-54906 (microsoft#17836)
1 parent 53b702d commit da80673

3 files changed

Lines changed: 7 additions & 4 deletions

File tree

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
22
"Signatures": {
3-
"concurrent-ruby-1.2.2.tar.gz": "33d4b2282e38a96efe7c80a4149429fd1ca036c482ec7e499fc6a8f8db63ada3"
3+
"concurrent-ruby-1.3.7.tar.gz": "a3ddf25559d8be9668d5f3cb64cf6542673f4a851f2e2d40203be44f2b23468f"
44
}
55
}

SPECS/rubygem-concurrent-ruby/rubygem-concurrent-ruby.spec

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
%global gem_name concurrent-ruby
33
Summary: Modern concurrency tools for Ruby
44
Name: rubygem-concurrent-ruby
5-
Version: 1.2.2
5+
Version: 1.3.7
66
Release: 1%{?dist}
77
License: MIT
88
Vendor: Microsoft Corporation
@@ -38,6 +38,9 @@ cp -r lib/ %{buildroot}%{gem_instdir}/
3838
%{gemdir}
3939

4040
%changelog
41+
* Sun Jun 28 2026 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 1.3.7-1
42+
- Auto-upgrade to 1.3.7 - for CVE-2026-54904, CVE-2026-54905, CVE-2026-54906
43+
4144
* Thu Nov 02 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 1.2.2-1
4245
- Auto-upgrade to 1.2.2 - Azure Linux 3.0 - package upgrades
4346

cgmanifest.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26734,8 +26734,8 @@
2673426734
"type": "other",
2673526735
"other": {
2673626736
"name": "rubygem-concurrent-ruby",
26737-
"version": "1.2.2",
26738-
"downloadUrl": "https://github.com/ruby-concurrency/concurrent-ruby/archive/refs/tags/v1.2.2.tar.gz"
26737+
"version": "1.3.7",
26738+
"downloadUrl": "https://github.com/ruby-concurrency/concurrent-ruby/archive/refs/tags/v1.3.7.tar.gz"
2673926739
}
2674026740
}
2674126741
},

0 commit comments

Comments
 (0)