Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade nokogiri gem to 1.8.2 #714

Closed
netik opened this issue Feb 21, 2018 · 1 comment
Closed

Upgrade nokogiri gem to 1.8.2 #714

netik opened this issue Feb 21, 2018 · 1 comment
Assignees
@netik
Labels
security

Comments

@netik
Copy link
Contributor

netik commented Feb 21, 2018

Name: nokogiri
Version: 1.8.1
Advisory: CVE-2017-15412
Criticality: Unknown
URL: sparklemotion/nokogiri#1714
Title: Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Solution: upgrade to >= 1.8.2
@netik netik added the security label Feb 21, 2018
@netik netik self-assigned this Feb 21, 2018
@netik
Copy link
Contributor Author

netik commented Feb 21, 2018

Rk took care of this.

@netik netik closed this as completed Feb 21, 2018
kislyuk pushed a commit that referenced this issue Feb 26, 2021
@jshoe
Fix bug in loading SFN execution errors (#714)
a6813e6 
# Description
- Sentry alert: https://sentry.prod.si.czi.technology/czi-idseq/idseq-backend/issues/113642/events/775522/
- Kind of an interesting bug. In S3 we are saving the blobs as `executionFailedEventDetails`, but when the descriptions are still available, the SDK structs have underscore keys like `execution_failed_event_details`.

# Notes
You can compare like this. Before:
```
irb(main):017:0> a = Sample.find(i).workflow_runs[1].send(:sfn_execution).history[:events].last.keys
=> [:timestamp, :type, :id, :previousEventId, :executionFailedEventDetails]
irb(main):018:0> a = Sample.find(i).workflow_runs[0].send(:sfn_execution).history[:events].last.members
=> [:timestamp, :type, :id, :previous_event_id, :activity_failed_event_details, :activity_schedule_failed_event_details, :activity_scheduled_event_details, :activity_started_even...
```

After:
```
irb(main):001:0> WorkflowRun.first.send(:sfn_execution).history[:events].last.keys
=> [:timestamp, :type, :id, :previous_event_id, :execution_succeeded_event_details]
irb(main):002:0> WorkflowRun.last.send(:sfn_execution).history[:events].last.members
=> [:timestamp, :type, :id, :previous_event_id, :activity_failed_event_details, :activity_schedule_failed_event_details, :activity_scheduled_event_details, :activity_started_event_details, :activity_succeeded_event_details, :activity_timed_out_event_details, :task_failed_event_details, :task_scheduled_event_details, :task_start_failed_event_details, :task_started_event_details, :task_submit_failed_event_details, :task_submitted_event_details, :task_succeeded_event_details, :task_timed_out_event_details, :execution_failed_event_details, :execution_started_event_details, :execution_succeeded_event_details, :execution_aborted_event_details, :execution_timed_out_event_details, :lambda_function_failed_event_details, :lambda_function_schedule_failed_event_details, :lambda_function_scheduled_event_details, :lambda_function_start_failed_event_details, :lambda_function_succeeded_event_details, :lambda_function_timed_out_event_details, :state_entered_event_details, :state_exited_event_details]
```

# Tests

- Tested locally. Unit tests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@netik netik

Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@netik