Commit 265b4913 authored by Robert Speicher's avatar Robert Speicher

Merge branch '50930-update-rubyzip-to-1-2-2' into 'master'

Update rubyzip gem to 1.2.2 (CVE-2018-1000544)

Closes #50930

See merge request gitlab-org/gitlab-ce!21460
parents 3e1466d9 4df16d8d
...@@ -801,7 +801,7 @@ GEM ...@@ -801,7 +801,7 @@ GEM
sexp_processor (~> 4.1) sexp_processor (~> 4.1)
rubyntlm (0.6.2) rubyntlm (0.6.2)
rubypants (0.2.0) rubypants (0.2.0)
rubyzip (1.2.1) rubyzip (1.2.2)
rufus-scheduler (3.4.0) rufus-scheduler (3.4.0)
et-orbi (~> 1.0) et-orbi (~> 1.0)
rugged (0.27.4) rugged (0.27.4)
......
...@@ -809,7 +809,7 @@ GEM ...@@ -809,7 +809,7 @@ GEM
sexp_processor (~> 4.1) sexp_processor (~> 4.1)
rubyntlm (0.6.2) rubyntlm (0.6.2)
rubypants (0.2.0) rubypants (0.2.0)
rubyzip (1.2.1) rubyzip (1.2.2)
rufus-scheduler (3.4.0) rufus-scheduler (3.4.0)
et-orbi (~> 1.0) et-orbi (~> 1.0)
rugged (0.27.4) rugged (0.27.4)
......
---
title: Update rubyzip to 1.2.2 (CVE-2018-1000544)
merge_request: 21460
author: Takuya Noguchi
type: security
...@@ -77,7 +77,7 @@ GEM ...@@ -77,7 +77,7 @@ GEM
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.7.0) rspec-support (~> 3.7.0)
rspec-support (3.7.0) rspec-support (3.7.0)
rubyzip (1.2.1) rubyzip (1.2.2)
selenium-webdriver (3.8.0) selenium-webdriver (3.8.0)
childprocess (~> 0.5) childprocess (~> 0.5)
rubyzip (~> 1.0) rubyzip (~> 1.0)
...@@ -103,4 +103,4 @@ DEPENDENCIES ...@@ -103,4 +103,4 @@ DEPENDENCIES
selenium-webdriver (~> 3.8.0) selenium-webdriver (~> 3.8.0)
BUNDLED WITH BUNDLED WITH
1.16.1 1.16.4
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment