Patch REXML in Ruby 2.7

[mhashizume]

Ruby announced a vulnerability in REXML with a CVSS score of 6.6: GHSA-2rxp-v6pw-ch6m

This vulnerability does not affect Ruby 3.2 or later. We should probably assume that this affects Ruby 2.7, which we still use in agent-runtime-7.x.

We need to patch REXML in Ruby 2.7 to address this vulnerability.

It seems this is the commit in the REXML gem that addresses the vulnerability: ruby/rexml@ce59f2e

[github-actions]

Migrated issue to PA-7106

[AriaXLi]

Closing this issue because puppet-runtime is being archived (see OSPTE-212)