gollum: 5.1 -> 5.1.1 (security, CVE-2020-14001)

This also fixes a potential security issue (reported by bundler-audit)
by updating kramdown to 2.3.0 for CVE-2020-14001 [0].

[0]: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6
This commit is contained in:
Michael Weiss 2020-08-13 21:08:06 +02:00
parent 421b2a04b0
commit 6e4042d067
No known key found for this signature in database
GPG key ID: 5BE487C4D4771D83
2 changed files with 15 additions and 13 deletions

View file

@ -2,17 +2,17 @@ GEM
remote: https://rubygems.org/
specs:
backports (3.18.1)
concurrent-ruby (1.1.6)
concurrent-ruby (1.1.7)
crass (1.0.6)
execjs (2.7.0)
ffi (1.13.1)
gemojione (4.3.3)
json
github-markup (3.0.4)
gollum (5.1)
gollum (5.1.1)
gemojione (~> 4.1)
gollum-lib (~> 5.0)
kramdown (~> 2.1.0)
kramdown (~> 2.3)
kramdown-parser-gfm (~> 1.0.0)
mustache (>= 0.99.5, < 1.0.0)
octicons (~> 8.5)
@ -38,7 +38,8 @@ GEM
mime-types (>= 1.15)
rugged (~> 0.99)
json (2.3.1)
kramdown (2.1.0)
kramdown (2.3.0)
rexml
kramdown-parser-gfm (1.0.1)
kramdown (~> 2.0)
loofah (2.6.0)
@ -63,7 +64,7 @@ GEM
rb-inotify (0.10.1)
ffi (~> 1.0)
rexml (3.2.4)
rouge (3.21.0)
rouge (3.22.0)
rss (0.2.9)
rexml
ruby2_keywords (0.0.2)

View file

@ -14,10 +14,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "094387x4yasb797mv07cs3g6f08y56virc2rjcpb1k79rzaj3nhl";
sha256 = "1vnxrbhi7cq3p4y2v9iwd10v1c7l15is4var14hwnb2jip4fyjzz";
type = "gem";
};
version = "1.1.6";
version = "1.1.7";
};
crass = {
groups = ["default"];
@ -76,10 +76,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "06qc6flb2sik64ich3j4a9yky9cqsj77vdjff51wxi4lhd9ga6sk";
sha256 = "14i6y3ilv9l7cqvkawl75js26cfj1pd8cphhmq9lic95ajvdf371";
type = "gem";
};
version = "5.1";
version = "5.1.1";
};
gollum-lib = {
dependencies = ["gemojione" "github-markup" "gollum-rugged_adapter" "loofah" "nokogiri" "octicons" "rouge" "twitter-text"];
@ -114,14 +114,15 @@
version = "2.3.1";
};
kramdown = {
dependencies = ["rexml"];
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1dl840bvx8d9nq6lg3mxqyvbiqnr6lk3jfsm6r8zhz7p5srmd688";
sha256 = "1vmw752c26ny2jwl0npn0gbyqwgz4hdmlpxnsld9qi9xhk5b1qh7";
type = "gem";
};
version = "2.1.0";
version = "2.3.0";
};
kramdown-parser-gfm = {
dependencies = ["kramdown"];
@ -286,10 +287,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1agrrmj88k9jkk36ra1ml2c1jffpp595pkxmcla74ac9ia09vn3s";
sha256 = "1wcz7i009wdbymlfsamagqi18m6ih8j60bii0k18f21g70r72i0m";
type = "gem";
};
version = "3.21.0";
version = "3.22.0";
};
rss = {
dependencies = ["rexml"];