Merge pull request #174 from codecation/CVE-2018-3741

Update rails-html-sanitizer, fixes CVE-2018-3741
codecation · May 10, 2018 · bdcfbc1 · bdcfbc1
2 parents 7611e1d + 375869d
commit bdcfbc1
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -90,7 +90,7 @@ GEM
     connection_pool (2.0.0)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    crass (1.0.3)
+    crass (1.0.4)
     database_cleaner (1.3.0)
     debug_inspector (0.0.2)
     debugger-linecache (1.2.0)
@@ -321,7 +321,7 @@ GEM
     kgio (2.9.2)
     launchy (2.4.2)
       addressable (~> 2.3)
-    loofah (2.2.1)
+    loofah (2.2.2)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
@@ -373,8 +373,8 @@ GEM
       activesupport (>= 4.2.0, < 5.0)
       nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
     rails_12factor (0.0.3)
       rails_serve_static_assets
       rails_stdout_logging