Replies: 1 comment 1 reply
-
It's my opinion that the CVE is wildly overrated. There's no known threat or real world example of an exploit here. I'm in no rush to push out a 6.X release. |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
In a similar vein to #5167, I wonder if there will be a Sidekiq 6 patch release for rubysec/ruby-advisory-db#705 ?
According to the cited https://gist.github.com/keeganparr1/1dffd3c017339b7ed5371ed3d81e6b2a in the ruby advisory db the 6 branch is also affected, and we're still stuck on 6 due to the ongoing issue with Redis Cloud not supporting HELLO command and hence blocking upgrades to Sidekiq 7
Beta Was this translation helpful? Give feedback.
All reactions