From ef3ef2d4f3c7fc7d770503a5ec822987975391a7 Mon Sep 17 00:00:00 2001 From: Pau Perez Date: Mon, 16 Apr 2018 12:47:57 +0200 Subject: [PATCH] Upgrade Rails to 3.2.22.5 to get security fixes This will fix reported vulnerabilities CVE-2015-7576, CVE-2016-2098 (reported as high severity), CVE-2016-0751 and CVE-2015-7577. --- Gemfile | 2 +- Gemfile.lock | 58 ++++++++++++++++++++++++++-------------------------- 2 files changed, 30 insertions(+), 30 deletions(-) diff --git a/Gemfile b/Gemfile index 0e2d21d89c..392e9df765 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source 'https://rubygems.org' ruby "2.1.5" git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" } -gem 'rails', '3.2.21' +gem 'rails', '~> 3.2.22' gem 'rails-i18n', '~> 3.0.0' gem 'i18n', '~> 0.6.11' gem 'i18n-js', '~> 3.0.0' diff --git a/Gemfile.lock b/Gemfile.lock index 44197d99a4..2e7f98adc5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -137,12 +137,12 @@ GEM remote: https://rubygems.org/ specs: CFPropertyList (2.3.2) - actionmailer (3.2.21) - actionpack (= 3.2.21) + actionmailer (3.2.22.5) + actionpack (= 3.2.22.5) mail (~> 2.5.4) - actionpack (3.2.21) - activemodel (= 3.2.21) - activesupport (= 3.2.21) + actionpack (3.2.22.5) + activemodel (= 3.2.22.5) + activesupport (= 3.2.22.5) builder (~> 3.0.0) erubis (~> 2.7.0) journey (~> 1.0.4) @@ -157,18 +157,18 @@ GEM builder (>= 2.1.2, < 4.0.0) i18n (>= 0.6.9) nokogiri (~> 1.4) - activemodel (3.2.21) - activesupport (= 3.2.21) + activemodel (3.2.22.5) + activesupport (= 3.2.22.5) builder (~> 3.0.0) - activerecord (3.2.21) - activemodel (= 3.2.21) - activesupport (= 3.2.21) + activerecord (3.2.22.5) + activemodel (= 3.2.22.5) + activesupport (= 3.2.22.5) arel (~> 3.0.2) tzinfo (~> 0.3.29) - activeresource (3.2.21) - activemodel (= 3.2.21) - activesupport (= 3.2.21) - activesupport (3.2.21) + activeresource (3.2.22.5) + activemodel (= 3.2.22.5) + activesupport (= 3.2.22.5) + activesupport (3.2.22.5) i18n (~> 0.6, >= 0.6.4) multi_json (~> 1.0) acts-as-taggable-on (3.5.0) @@ -472,7 +472,7 @@ GEM rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) lumberjack (1.0.12) - mail (2.5.4) + mail (2.5.5) mime-types (~> 1.16) treetop (~> 1.4.8) method_source (0.9.0) @@ -501,7 +501,7 @@ GEM rack (>= 1.2, < 3) oj (2.1.2) orm_adapter (0.5.0) - paper_trail (3.0.8) + paper_trail (3.0.9) activerecord (>= 3.0, < 5.0) activesupport (>= 3.0, < 5.0) paperclip (3.5.4) @@ -539,7 +539,7 @@ GEM activesupport (>= 2.3.14) multi_json (~> 1.0) rack (1.4.7) - rack-cache (1.7.0) + rack-cache (1.7.1) rack (>= 0.4) rack-livereload (0.3.16) rack @@ -547,20 +547,20 @@ GEM rack rack-test (0.6.3) rack (>= 1.0) - rails (3.2.21) - actionmailer (= 3.2.21) - actionpack (= 3.2.21) - activerecord (= 3.2.21) - activeresource (= 3.2.21) - activesupport (= 3.2.21) + rails (3.2.22.5) + actionmailer (= 3.2.22.5) + actionpack (= 3.2.22.5) + activerecord (= 3.2.22.5) + activeresource (= 3.2.22.5) + activesupport (= 3.2.22.5) bundler (~> 1.0) - railties (= 3.2.21) + railties (= 3.2.22.5) rails-i18n (3.0.1) i18n (~> 0.5) rails (>= 3.0.0, < 4.0.0) - railties (3.2.21) - actionpack (= 3.2.21) - activesupport (= 3.2.21) + railties (3.2.22.5) + actionpack (= 3.2.22.5) + activesupport (= 3.2.22.5) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) @@ -666,7 +666,7 @@ GEM turbo-sprockets-rails3 (0.3.6) railties (> 3.2.8, < 4.0.0) sprockets (>= 2.0.0) - tzinfo (0.3.53) + tzinfo (0.3.54) uglifier (2.7.1) execjs (>= 0.3.0) json (>= 1.8.0) @@ -770,7 +770,7 @@ DEPENDENCIES rabl rack-livereload rack-ssl - rails (= 3.2.21) + rails (~> 3.2.22) rails-i18n (~> 3.0.0) redcarpet representative_view