You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am sorry for raising this up but wanted a bit more clarity on the patch for CVE-2020-11082.
We have a Debian package of kaminari and in oldstable (Stretch) release, the version of kaminari is v0.17.0.
Since the patch for CVE-2020-11082 cannot be backported to this version, the patch that you mentioned at #1020 (comment) should be used to mitigate the risk, how?
By creating a config/initializers/kaminari.rb in our Rails app, right? But how to patch this library itself for v0.17.0?
Hi @yuki24,
I am sorry for raising this up but wanted a bit more clarity on the patch for CVE-2020-11082.
We have a Debian package of
kaminari
and in oldstable (Stretch) release, the version ofkaminari
isv0.17.0
.Since the patch for CVE-2020-11082 cannot be backported to this version, the patch that you mentioned at #1020 (comment) should be used to mitigate the risk, how?
By creating a
config/initializers/kaminari.rb
in our Rails app, right? But how to patch this library itself forv0.17.0
?Am I missing something?
CC: @JamesChevalier (hoping you'd know as well!)
The text was updated successfully, but these errors were encountered: