Merge branch 'rs-rails-security' into 'master'
Update rails, rails-html-sanitizer, and nokogiri for security fixes See https://dev.gitlab.org/gitlab/gitlabhq/issues/2643 See merge request !2603
Showing
source "https://rubygems.org" | source "https://rubygems.org" | ||
gem 'rails', '4.2.5' | gem 'rails', '4.2.5.1' | ||
gem 'rails-deprecated_sanitizer', '~> 1.0.3' | gem 'rails-deprecated_sanitizer', '~> 1.0.3' | ||
# Responders respond_to and respond_with | # Responders respond_to and respond_with | ||
... | @@ -103,7 +103,8 @@ gem 'asciidoctor', '~> 1.5.2' | ... | @@ -103,7 +103,8 @@ gem 'asciidoctor', '~> 1.5.2' |
gem 'rouge', '~> 1.10.1' | gem 'rouge', '~> 1.10.1' | ||
# See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s | # See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s | ||
gem 'nokogiri', '1.6.7.1' | # and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM | ||
gem 'nokogiri', '1.6.7.2' | |||
# Diffs | # Diffs | ||
gem 'diffy', '~> 3.0.3' | gem 'diffy', '~> 3.0.3' | ||
... | ... |
Please register or sign in to comment