Skip to content

Commit

Permalink
use an updated OpenSSL by updating omnibus & omnibus-software
Browse files Browse the repository at this point in the history 
This will pull in the new OpenSSL default version of 1.0.2p which
addresses two CVEs.

* Client DoS due to large DH parameter (CVE-2018-0732)
* Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)

Both of these CVEs are categorized as Low by the OpenSSL project.
Neither are particularly present in Supermarket's business processes.
Updating to this version will quiet vulnerability scanners.

Signed-off-by: Robb Kidd <[email protected]>
  • Loading branch information
@robbkidd
robbkidd committed Aug 21, 2018
1 parent cd82411 commit 16cef4c
Showing 1 changed file with 76 additions and 114 deletions.
190 changes: 76 additions & 114 deletions omnibus/Gemfile.lock
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,24 @@
GIT
remote: https://github.com/chef/omnibus-software.git
revision: 0cb3a8dfb6cebd56684c1d4609a676959389e4c5
revision: 3511a7f7d237bf6875dce88e8627055d6cd61cbe
specs:
omnibus-software (4.0.0)
chef-sugar (>= 3.4.0)
omnibus (>= 5.6.1)

GIT
remote: https://github.com/chef/omnibus.git
revision: 41c5d2eaa819587b631d893e613612a96031c8af
revision: 386cd17f6a6365bd4585761a2738b4561fbaea97
specs:
omnibus (5.6.10)
omnibus (6.0.1)
aws-sdk (~> 2)
chef-sugar (~> 3.3)
chef-sugar (>= 3.3)
cleanroom (~> 1.0)
ffi-yajl (~> 2.2)
license_scout (~> 1.0)
mixlib-shellout (~> 2.0)
mixlib-versioning
ohai (>= 8.6.0.alpha.1, < 15)
ohai (>= 13, < 15)
pedump
ruby-progressbar (~> 1.7)
thor (~> 0.18)
Expand All @@ -29,63 +29,49 @@ GEM
addressable (2.5.2)
public_suffix (>= 2.0.2, < 4.0)
awesome_print (1.8.0)
aws-sdk (2.11.27)
aws-sdk-resources (= 2.11.27)
aws-sdk-core (2.11.27)
aws-sdk (2.11.112)
aws-sdk-resources (= 2.11.112)
aws-sdk-core (2.11.112)
aws-sigv4 (~> 1.0)
jmespath (~> 1.0)
aws-sdk-resources (2.11.27)
aws-sdk-core (= 2.11.27)
aws-sigv4 (1.0.2)
berkshelf (6.3.1)
buff-config (~> 2.0)
buff-extensions (~> 2.0)
chef (>= 12.7.2)
aws-sdk-resources (2.11.112)
aws-sdk-core (= 2.11.112)
aws-sigv4 (1.0.3)
berkshelf (7.0.6)
chef (>= 13.6.52)
chef-config
cleanroom (~> 1.0)
concurrent-ruby (~> 1.0)
faraday (~> 0.9)
httpclient (~> 2.7)
minitar (~> 0.5, >= 0.5.4)
minitar (>= 0.6)
mixlib-archive (~> 0.4)
mixlib-config (>= 2.2.5)
mixlib-shellout (~> 2.0)
octokit (~> 4.0)
retryable (~> 2.0)
ridley (~> 5.0)
solve (~> 4.0)
thor (~> 0.19, < 0.19.2)
buff-config (2.0.0)
buff-extensions (~> 2.0)
varia_model (~> 0.6)
buff-extensions (2.0.0)
buff-ignore (1.2.0)
buff-ruby_engine (1.0.0)
buff-shell_out (1.1.0)
buff-ruby_engine (~> 1.0)
thor (>= 0.20)
builder (3.2.3)
celluloid (0.16.0)
timers (~> 4.0.0)
celluloid-io (0.16.2)
celluloid (>= 0.16.0)
nio4r (>= 1.1.0)
chef (12.21.31)
chef (14.3.37)
addressable
bundler (>= 1.10)
chef-config (= 12.21.31)
chef-zero (>= 4.8, < 13)
chef-config (= 14.3.37)
chef-zero (>= 13.0)
diff-lcs (~> 1.2, >= 1.2.4)
erubis (~> 2.7)
ffi (~> 1.9, >= 1.9.25)
ffi-yajl (~> 2.2)
highline (~> 1.6, >= 1.6.9)
iniparse (~> 1.4)
iso8601 (~> 0.9.1)
mixlib-archive (~> 0.4)
mixlib-authentication (~> 1.4)
mixlib-authentication (~> 2.1)
mixlib-cli (~> 1.7)
mixlib-log (~> 1.3)
mixlib-log (~> 2.0, >= 2.0.3)
mixlib-shellout (~> 2.0)
net-sftp (~> 2.1, >= 2.1.2)
net-ssh (>= 2.9, < 5.0)
net-ssh (~> 4.2)
net-ssh-multi (~> 1.2, >= 1.2.1)
ohai (>= 8.6.0.alpha.1, < 13)
ohai (~> 14.0)
plist (~> 3.2)
proxifier (~> 1.0)
rspec-core (~> 3.5)
Expand All @@ -96,46 +82,46 @@ GEM
specinfra (~> 2.10)
syslog-logger (~> 1.6)
uuidtools (~> 2.1.5)
chef-config (12.21.31)
chef-config (14.3.37)
addressable
fuzzyurl
mixlib-config (~> 2.0)
mixlib-config (>= 2.2.12, < 3.0)
mixlib-shellout (~> 2.0)
chef-sugar (3.6.0)
chef-zero (5.3.2)
tomlrb (~> 1.2)
chef-sugar (4.1.0)
chef-zero (14.0.6)
ffi-yajl (~> 2.2)
hashie (>= 2.0, < 4.0)
mixlib-log (~> 1.3)
mixlib-log (~> 2.0)
rack (~> 2.0)
uuidtools (~> 2.1)
citrus (3.0.2)
cleanroom (1.0.0)
concurrent-ruby (1.0.5)
diff-lcs (1.3)
erubis (2.7.0)
faraday (0.14.0)
faraday (0.15.2)
multipart-post (>= 1.2, < 3)
ffi (1.9.23)
ffi (1.9.25)
ffi-yajl (2.3.1)
libyajl2 (~> 1.2)
fuzzyurl (0.9.0)
gssapi (1.2.0)
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
hashie (3.5.7)
hashie (3.6.0)
highline (1.7.10)
hitimes (1.2.6)
httpclient (2.8.3)
iniparse (1.4.4)
iostruct (0.0.4)
ipaddress (0.8.3)
jmespath (1.3.1)
json (2.1.0)
kitchen-vagrant (1.3.0)
iso8601 (0.9.1)
jmespath (1.4.0)
kitchen-vagrant (1.3.3)
test-kitchen (~> 1.4)
libyajl2 (1.2.0)
license_scout (1.0.1)
license_scout (1.0.15)
ffi-yajl (~> 2.2)
mixlib-shellout (~> 2.2)
toml-rb (~> 1.0)
Expand All @@ -144,20 +130,20 @@ GEM
little-plugger (~> 1.1)
multi_json (~> 1.10)
minitar (0.6.1)
mixlib-archive (0.4.1)
mixlib-archive (0.4.13)
mixlib-log
mixlib-authentication (1.4.2)
mixlib-authentication (2.1.1)
mixlib-cli (1.7.0)
mixlib-config (2.2.6)
mixlib-config (2.2.13)
tomlrb
mixlib-install (3.9.0)
mixlib-install (3.11.5)
mixlib-shellout
mixlib-versioning
thor
mixlib-log (1.7.1)
mixlib-shellout (2.3.2)
mixlib-log (2.0.4)
mixlib-shellout (2.4.0)
mixlib-versioning (1.2.2)
molinillo (0.6.4)
molinillo (0.6.6)
multi_json (1.13.1)
multipart-post (2.0.0)
net-scp (1.2.1)
Expand All @@ -170,19 +156,18 @@ GEM
net-ssh-multi (1.2.1)
net-ssh (>= 2.6.5)
net-ssh-gateway (>= 1.2.0)
net-telnet (0.1.1)
nio4r (2.2.0)
net-telnet (0.2.0)
nori (2.6.0)
octokit (4.8.0)
octokit (4.10.0)
sawyer (~> 0.8.0, >= 0.5.3)
ohai (8.26.1)
chef-config (>= 12.5.0.alpha.1, < 14)
ohai (14.4.0)
chef-config (>= 12.8, < 15)
ffi (~> 1.9)
ffi-yajl (~> 2.2)
ipaddress
mixlib-cli
mixlib-cli (>= 1.7.0)
mixlib-config (~> 2.0)
mixlib-log (>= 1.7.1, < 2.0)
mixlib-log (~> 2.0, >= 2.0.1)
mixlib-shellout (~> 2.0)
plist (~> 3.1)
systemu (~> 2.6.4)
Expand All @@ -194,49 +179,31 @@ GEM
progressbar
zhexdump (>= 0.0.2)
plist (3.4.0)
progressbar (1.9.0)
progressbar (1.10.0)
proxifier (1.0.3)
public_suffix (3.0.2)
rack (2.0.3)
public_suffix (3.0.3)
rack (2.0.5)
retryable (2.0.4)
ridley (5.1.1)
addressable
buff-config (~> 2.0)
buff-extensions (~> 2.0)
buff-ignore (~> 1.2)
buff-shell_out (~> 1.0)
celluloid (~> 0.16.0)
celluloid-io (~> 0.16.1)
chef-config (>= 12.5.0)
erubis
faraday (~> 0.9)
hashie (>= 2.0.2, < 4.0.0)
httpclient (~> 2.7)
json (>= 1.7.7)
mixlib-authentication (>= 1.3.0)
retryable (~> 2.0)
semverse (~> 2.0)
varia_model (~> 0.6)
rspec (3.7.0)
rspec-core (~> 3.7.0)
rspec-expectations (~> 3.7.0)
rspec-mocks (~> 3.7.0)
rspec-core (3.7.1)
rspec-support (~> 3.7.0)
rspec-expectations (3.7.0)
rspec (3.8.0)
rspec-core (~> 3.8.0)
rspec-expectations (~> 3.8.0)
rspec-mocks (~> 3.8.0)
rspec-core (3.8.0)
rspec-support (~> 3.8.0)
rspec-expectations (3.8.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.7.0)
rspec-support (~> 3.8.0)
rspec-its (1.2.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
rspec-mocks (3.7.0)
rspec-mocks (3.8.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.7.0)
rspec-support (3.7.0)
rspec-support (~> 3.8.0)
rspec-support (3.8.0)
rspec_junit_formatter (0.2.3)
builder (< 4)
rspec-core (>= 2, < 4, != 2.12.0)
ruby-progressbar (1.9.0)
ruby-progressbar (1.10.0)
rubyntlm (0.6.2)
rubyzip (1.2.1)
sawyer (0.8.1)
Expand All @@ -252,33 +219,28 @@ GEM
solve (4.0.0)
molinillo (~> 0.6)
semverse (>= 1.1, < 3.0)
specinfra (2.73.1)
specinfra (2.76.0)
net-scp
net-ssh (>= 2.7, < 5.0)
net-ssh (>= 2.7)
net-telnet
sfl
syslog-logger (1.6.8)
systemu (2.6.5)
test-kitchen (1.20.0)
test-kitchen (1.23.2)
mixlib-install (~> 3.6)
mixlib-shellout (>= 1.2, < 3.0)
net-scp (~> 1.1)
net-ssh (>= 2.9, < 5.0)
net-ssh-gateway (~> 1.2)
thor (~> 0.19, < 0.19.2)
thor (~> 0.19)
winrm (~> 2.0)
winrm-elevated (~> 1.0)
winrm-fs (~> 1.1.0)
thor (0.19.1)
timers (4.0.4)
hitimes
toml-rb (1.1.1)
winrm-fs (~> 1.1)
thor (0.20.0)
toml-rb (1.1.2)
citrus (~> 3.0, > 3.0)
tomlrb (1.2.6)
tomlrb (1.2.7)
uuidtools (2.1.5)
varia_model (0.6.0)
buff-extensions (~> 2.0)
hashie (>= 2.0.2, < 4.0.0)
winrm (2.2.3)
builder (>= 2.1.2)
erubis (~> 2.7)
Expand All @@ -291,7 +253,7 @@ GEM
winrm-elevated (1.1.0)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.1.1)
winrm-fs (1.2.1)
erubis (~> 2.7)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 1.1)
Expand Down

0 comments on commit 16cef4c

Please sign in to comment.