Skip to content

Commit dadce0f

Browse files
KoronenKoronen
committed
Bump gems
Address a couple of CVEs (as reported by `bundler-audit`). Name: ffi Version: 1.9.23 Advisory: CVE-2018-1000201 Criticality: High URL: https://github.com/ffi/ffi/releases/tag/1.9.24 Title: ruby-ffi DDL loading issue on Windows OS Solution: upgrade to >= 1.9.24 Name: nokogiri Version: 1.8.2 Advisory: CVE-2018-8048 Criticality: Unknown URL: sparklemotion/nokogiri#1746 Title: Revert libxml2 behavior in Nokogiri gem that could cause XSS Solution: upgrade to >= 1.8.3 Name: nokogiri Version: 1.8.2 Advisory: CVE-2018-14404 Criticality: Unknown URL: sparklemotion/nokogiri#1785 Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Solution: upgrade to >= 1.8.5 Name: rubyzip Version: 1.2.1 Advisory: CVE-2018-1000544 Criticality: Unknown URL: rubyzip/rubyzip#369 Title: Directory Traversal in rubyzip Solution: upgrade to >= 1.2.2
1 parent f242e67 commit dadce0f

File tree

2 files changed

+50
-50
lines changed

2 files changed

+50
-50
lines changed

Diff for: Gemfile

+2
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# frozen_string_literal: true
2+
13
source 'https://rubygems.org'
24

35
ruby File.read('.ruby-version').chomp

Diff for: Gemfile.lock

+48-50
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
GEM
22
remote: https://rubygems.org/
33
specs:
4-
activesupport (4.2.9)
4+
activesupport (4.2.10)
55
i18n (~> 0.7)
66
minitest (~> 5.1)
77
thread_safe (~> 0.3, >= 0.3.4)
@@ -13,42 +13,43 @@ GEM
1313
execjs
1414
coffee-script-source (1.11.1)
1515
colorator (1.1.0)
16-
commonmarker (0.17.9)
16+
commonmarker (0.17.13)
1717
ruby-enum (~> 0.5)
18-
concurrent-ruby (1.0.5)
19-
dnsruby (1.60.2)
18+
concurrent-ruby (1.1.4)
19+
dnsruby (1.61.2)
20+
addressable (~> 2.5)
2021
em-websocket (0.5.1)
2122
eventmachine (>= 0.12.9)
2223
http_parser.rb (~> 0.6.0)
23-
ethon (0.11.0)
24+
ethon (0.12.0)
2425
ffi (>= 1.3.0)
25-
eventmachine (1.2.6)
26+
eventmachine (1.2.7)
2627
execjs (2.7.0)
27-
faraday (0.15.0)
28+
faraday (0.15.4)
2829
multipart-post (>= 1.2, < 3)
29-
ffi (1.9.23)
30+
ffi (1.10.0)
3031
forwardable-extended (2.6.0)
3132
gemoji (3.0.0)
32-
github-pages (183)
33-
activesupport (= 4.2.9)
34-
github-pages-health-check (= 1.7.3)
35-
jekyll (= 3.7.3)
36-
jekyll-avatar (= 0.5.0)
33+
github-pages (193)
34+
activesupport (= 4.2.10)
35+
github-pages-health-check (= 1.8.1)
36+
jekyll (= 3.7.4)
37+
jekyll-avatar (= 0.6.0)
3738
jekyll-coffeescript (= 1.1.1)
3839
jekyll-commonmark-ghpages (= 0.1.5)
3940
jekyll-default-layout (= 0.1.4)
40-
jekyll-feed (= 0.9.3)
41+
jekyll-feed (= 0.11.0)
4142
jekyll-gist (= 1.5.0)
4243
jekyll-github-metadata (= 2.9.4)
43-
jekyll-mentions (= 1.3.0)
44+
jekyll-mentions (= 1.4.1)
4445
jekyll-optional-front-matter (= 0.3.0)
4546
jekyll-paginate (= 1.1.0)
4647
jekyll-readme-index (= 0.2.0)
47-
jekyll-redirect-from (= 0.13.0)
48+
jekyll-redirect-from (= 0.14.0)
4849
jekyll-relative-links (= 0.5.3)
49-
jekyll-remote-theme (= 0.2.3)
50+
jekyll-remote-theme (= 0.3.1)
5051
jekyll-sass-converter (= 1.5.2)
51-
jekyll-seo-tag (= 2.4.0)
52+
jekyll-seo-tag (= 2.5.0)
5253
jekyll-sitemap (= 1.2.0)
5354
jekyll-swiss (= 0.4.0)
5455
jekyll-theme-architect (= 0.1.1)
@@ -65,28 +66,28 @@ GEM
6566
jekyll-theme-tactile (= 0.1.1)
6667
jekyll-theme-time-machine (= 0.1.1)
6768
jekyll-titles-from-headings (= 0.5.1)
68-
jemoji (= 0.9.0)
69-
kramdown (= 1.16.2)
69+
jemoji (= 0.10.1)
70+
kramdown (= 1.17.0)
7071
liquid (= 4.0.0)
7172
listen (= 3.1.5)
7273
mercenary (~> 0.3)
73-
minima (= 2.4.1)
74-
nokogiri (>= 1.8.1, < 2.0)
74+
minima (= 2.5.0)
75+
nokogiri (>= 1.8.2, < 2.0)
7576
rouge (= 2.2.1)
7677
terminal-table (~> 1.4)
77-
github-pages-health-check (1.7.3)
78+
github-pages-health-check (1.8.1)
7879
addressable (~> 2.3)
7980
dnsruby (~> 1.60)
8081
octokit (~> 4.0)
8182
public_suffix (~> 2.0)
8283
typhoeus (~> 1.3)
83-
html-pipeline (2.7.2)
84+
html-pipeline (2.10.0)
8485
activesupport (>= 2)
8586
nokogiri (>= 1.4)
8687
http_parser.rb (0.6.0)
8788
i18n (0.9.5)
8889
concurrent-ruby (~> 1.0)
89-
jekyll (3.7.3)
90+
jekyll (3.7.4)
9091
addressable (~> 2.4)
9192
colorator (~> 1.0)
9293
em-websocket (~> 0.5)
@@ -99,7 +100,7 @@ GEM
99100
pathutil (~> 0.9)
100101
rouge (>= 1.7, < 4)
101102
safe_yaml (~> 1.0)
102-
jekyll-avatar (0.5.0)
103+
jekyll-avatar (0.6.0)
103104
jekyll (~> 3.0)
104105
jekyll-coffeescript (1.1.1)
105106
coffee-script (~> 2.2)
@@ -113,33 +114,31 @@ GEM
113114
rouge (~> 2)
114115
jekyll-default-layout (0.1.4)
115116
jekyll (~> 3.0)
116-
jekyll-feed (0.9.3)
117+
jekyll-feed (0.11.0)
117118
jekyll (~> 3.3)
118119
jekyll-gist (1.5.0)
119120
octokit (~> 4.2)
120121
jekyll-github-metadata (2.9.4)
121122
jekyll (~> 3.1)
122123
octokit (~> 4.0, != 4.4.0)
123-
jekyll-mentions (1.3.0)
124-
activesupport (~> 4.0)
124+
jekyll-mentions (1.4.1)
125125
html-pipeline (~> 2.3)
126126
jekyll (~> 3.0)
127127
jekyll-optional-front-matter (0.3.0)
128128
jekyll (~> 3.0)
129129
jekyll-paginate (1.1.0)
130130
jekyll-readme-index (0.2.0)
131131
jekyll (~> 3.0)
132-
jekyll-redirect-from (0.13.0)
132+
jekyll-redirect-from (0.14.0)
133133
jekyll (~> 3.3)
134134
jekyll-relative-links (0.5.3)
135135
jekyll (~> 3.3)
136-
jekyll-remote-theme (0.2.3)
136+
jekyll-remote-theme (0.3.1)
137137
jekyll (~> 3.5)
138138
rubyzip (>= 1.2.1, < 3.0)
139-
typhoeus (>= 0.7, < 2.0)
140139
jekyll-sass-converter (1.5.2)
141140
sass (~> 3.4)
142-
jekyll-seo-tag (2.4.0)
141+
jekyll-seo-tag (2.5.0)
143142
jekyll (~> 3.3)
144143
jekyll-sitemap (1.2.0)
145144
jekyll (~> 3.3)
@@ -186,44 +185,43 @@ GEM
186185
jekyll-seo-tag (~> 2.0)
187186
jekyll-titles-from-headings (0.5.1)
188187
jekyll (~> 3.3)
189-
jekyll-watch (2.0.0)
188+
jekyll-watch (2.1.2)
190189
listen (~> 3.0)
191-
jemoji (0.9.0)
192-
activesupport (~> 4.0, >= 4.2.9)
190+
jemoji (0.10.1)
193191
gemoji (~> 3.0)
194192
html-pipeline (~> 2.2)
195193
jekyll (~> 3.0)
196-
kramdown (1.16.2)
194+
kramdown (1.17.0)
197195
liquid (4.0.0)
198196
listen (3.1.5)
199197
rb-fsevent (~> 0.9, >= 0.9.4)
200198
rb-inotify (~> 0.9, >= 0.9.7)
201199
ruby_dep (~> 1.2)
202200
mercenary (0.3.6)
203-
mini_portile2 (2.3.0)
204-
minima (2.4.1)
201+
mini_portile2 (2.4.0)
202+
minima (2.5.0)
205203
jekyll (~> 3.5)
206204
jekyll-feed (~> 0.9)
207205
jekyll-seo-tag (~> 2.1)
208206
minitest (5.11.3)
209207
multipart-post (2.0.0)
210-
nokogiri (1.8.2)
211-
mini_portile2 (~> 2.3.0)
212-
octokit (4.8.0)
208+
nokogiri (1.10.1)
209+
mini_portile2 (~> 2.4.0)
210+
octokit (4.13.0)
213211
sawyer (~> 0.8.0, >= 0.5.3)
214-
pathutil (0.16.1)
212+
pathutil (0.16.2)
215213
forwardable-extended (~> 2.6)
216214
public_suffix (2.0.5)
217215
rb-fsevent (0.10.3)
218-
rb-inotify (0.9.10)
219-
ffi (>= 0.5.0, < 2)
216+
rb-inotify (0.10.0)
217+
ffi (~> 1.0)
220218
rouge (2.2.1)
221219
ruby-enum (0.7.2)
222220
i18n
223221
ruby_dep (1.5.0)
224-
rubyzip (1.2.1)
222+
rubyzip (1.2.2)
225223
safe_yaml (1.0.4)
226-
sass (3.5.6)
224+
sass (3.7.3)
227225
sass-listen (~> 4.0.0)
228226
sass-listen (4.0.0)
229227
rb-fsevent (~> 0.9, >= 0.9.4)
@@ -234,11 +232,11 @@ GEM
234232
terminal-table (1.8.0)
235233
unicode-display_width (~> 1.1, >= 1.1.1)
236234
thread_safe (0.3.6)
237-
typhoeus (1.3.0)
235+
typhoeus (1.3.1)
238236
ethon (>= 0.9.0)
239237
tzinfo (1.2.5)
240238
thread_safe (~> 0.1)
241-
unicode-display_width (1.3.2)
239+
unicode-display_width (1.4.1)
242240

243241
PLATFORMS
244242
ruby
@@ -250,4 +248,4 @@ RUBY VERSION
250248
ruby 2.5.3p105
251249

252250
BUNDLED WITH
253-
1.16.1
251+
2.0.1

0 commit comments

Comments
 (0)