Can 2.0.2 be released?
nhoffmann opened this issue · comments
The currently released version locks redis-store
to a version that has a known security vulnerability (CVE-2017-1000248).
Version 2.0.2
relaxes the redis-store
dependency. Can this version be released? Can we do anything to help?
I'm working on the updating dependencies for a Rails app and until 2.0.2 is released, I was able to do this in the Gemfile to get the latest commit:
gem 'redis-rack-cache',
git: 'https://github.com/redis-store/redis-rack-cache.git',
ref: 'd1fdd3868bdc02efa5ae724a2758b3abfda271ab'
(Only a temporary solution)
bump!
hey folks, we just released v2.0.2. apologies for the wait!