Relax requirements for ActiveJob in CVE 2018-16476 (#384)

mjankowski · reedloden · commit c667dc5a1237 · 2019-03-28T18:47:44.000-07:00
With the release of Rails 5.1.7 this advisory is coming up as a vulnerability,
even though the fix is in place in 5.1.7.

This change allows the 5.1.7 series to show as not vulnerable.
diff --git a/gems/activejob/CVE-2018-16476.yml b/gems/activejob/CVE-2018-16476.yml
@@ -32,4 +32,5 @@ patched_versions:
   - "~> 4.2.11"
   - "~> 5.0.7.1"
   - "~> 5.1.6.1"
+  - "~> 5.1.7"
   - ">= 5.2.1.1"
