From 375869d16ae2273d9e5e83b70d5f18a36cc1a5b7 Mon Sep 17 00:00:00 2001 From: Chris Hunt Date: Thu, 10 May 2018 07:59:49 -0700 Subject: [PATCH] Update rails-html-sanitizer, fixes CVE-2018-3741 --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d626e4bf..2ec205b3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -90,7 +90,7 @@ GEM connection_pool (2.0.0) crack (0.4.3) safe_yaml (~> 1.0.0) - crass (1.0.3) + crass (1.0.4) database_cleaner (1.3.0) debug_inspector (0.0.2) debugger-linecache (1.2.0) @@ -321,7 +321,7 @@ GEM kgio (2.9.2) launchy (2.4.2) addressable (~> 2.3) - loofah (2.2.1) + loofah (2.2.2) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.0) @@ -373,8 +373,8 @@ GEM activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.3) - loofah (~> 2.0) + rails-html-sanitizer (1.0.4) + loofah (~> 2.2, >= 2.2.2) rails_12factor (0.0.3) rails_serve_static_assets rails_stdout_logging