net-imap: Update 0.3.9->0.4.24#168
Merged
Sharpie merged 1 commit intoOpenVoxProject:mainfrom May 9, 2026
Merged
Conversation
Sharpie
commented
May 9, 2026
Sharpie
force-pushed
the
update-net-imap-0424
branch
2 times, most recently
from
48e966a to
bedc97b
Compare
nmburgan
approved these changes
May 9, 2026
This commit upgrades the bundled net-imap gem in Ruby 3.2.11 from the original version of 0.3.9 to 04.24. This release contains a fix for the following high-severity issue with STARTTLS: - GHSA-vcgp-9326-pqcp There will be no further upstream releases to Ruby 3.2, thus we have to upgrade this gem ourselves. The 0.4.0 release has a few breaking changes, however there are several issues with the 0.3.10 version of `net-imap`: - It will be the last release to `net-imap` 0.3.x - The 0.3.x releases will not install in containerized build environments where the default locale is set to `POSIX` (Debian). This was resloved in the 0.4.3 release by: ruby/net-imap#210 - The 0.4.24 release contains fixes for additional medium-to-low severity issues: * GHSA-hm49-wcqc-g2xg * GHSA-q2mw-fvj9-vvcw * GHSA-87pf-fpwv-p7m7 * GHSA-75xq-5h9v-w6px CVE-2026-42246 CVE-2026-42257 CVE-2026-42256 CVE-2026-42258 CVE-2026-42245 Signed-off-by: Charlie Sharpsteen <charlie@overlookinfratech.com>
Sharpie
force-pushed
the
update-net-imap-0424
branch
from
bedc97b to
486a42f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This commit upgrades the bundled net-imap gem in Ruby 3.2.11 from the original version of 0.3.9 to 04.24. This release contains a fix for the following high-severity issue with STARTTLS:
There will be no further upstream releases to Ruby 3.2, thus we have to upgrade this gem ourselves. The 0.4.0 release has a few breaking changes, however there are several issues with the 0.3.10 version of
net-imap:It will be the last release to
net-imap0.3.xThe 0.3.x releases will not install in containerized build environments where the default locale is set to
POSIX(Debian). This was resloved in the 0.4.3 release by: Set utf-8 encoding when looking for VERSION in the file. ruby/net-imap#210The 0.4.24 release contains fixes for additional medium-to-low severity issues:
CVE-2026-42246
CVE-2026-42257
CVE-2026-42256
CVE-2026-42258
CVE-2026-42245
Checklist
I have:
Signed-off-byannotation to each of my commits