From 9e2c170f8f7832722b21962e6ef46e9787325953 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Beausoleil?= <francois@teksol.info>
Date: Sun, 11 Nov 2018 20:44:57 -0500
Subject: [PATCH] Upgrade Rails, Rack, Loofah, I18n for security reasons

Numerous CVEs found:

     Name: loofah
     Version: 2.2.2
     Advisory: CVE-2018-16468
     Criticality: Unknown
     URL: https://github.com/flavorjones/loofah/issues/154
     Title: Loofah XSS Vulnerability
     Solution: upgrade to >= 2.2.3

     Name: nokogiri
     Version: 1.8.4
     Advisory: CVE-2018-14404
     Criticality: Unknown
     URL: https://github.com/sparklemotion/nokogiri/issues/1785
     Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
     Solution: upgrade to >= 1.8.5

     Name: rack
     Version: 2.0.5
     Advisory: CVE-2018-16470
     Criticality: Unknown
     URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk
     Title: Possible DoS vulnerability in Rack
     Solution: upgrade to >= 2.0.6

     Name: rack
     Version: 2.0.5
     Advisory: CVE-2018-16471
     Criticality: Unknown
     URL: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o
     Title: Possible XSS vulnerability in Rack
     Solution: upgrade to ~> 1.6.11, >= 2.0.6
---
 Gemfile.lock | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 30b1ea9..69c23a9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     chromedriver-helper (1.2.0)
       archive-zip (~> 0.10)
       nokogiri (~> 1.8)
-    concurrent-ruby (1.0.5)
+    concurrent-ruby (1.1.3)
     crass (1.0.4)
     dotenv (2.5.0)
     dotenv-rails (2.5.0)
@@ -103,7 +103,7 @@ GEM
     globalid (0.4.1)
       activesupport (>= 4.2.0)
     hookup (1.2.4)
-    i18n (1.1.0)
+    i18n (1.1.1)
       concurrent-ruby (~> 1.0)
     io-like (0.3.0)
     jbuilder (2.7.0)
@@ -126,14 +126,14 @@ GEM
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
       ruby_dep (~> 1.2)
-    loofah (2.2.2)
+    loofah (2.2.3)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.7.0)
+    mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (0.3.2)
+    marcel (0.3.3)
       mimemagic (~> 0.3.2)
-    method_source (0.9.0)
+    method_source (0.9.2)
     mimemagic (0.3.2)
     mini_magick (4.8.0)
     mini_mime (1.0.1)
@@ -143,7 +143,7 @@ GEM
     multi_json (1.13.1)
     multipart-post (2.0.0)
     nio4r (2.3.1)
-    nokogiri (1.8.4)
+    nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     pdf-core (0.7.0)
     pg (1.1.2)
@@ -154,7 +154,7 @@ GEM
       prawn (>= 1.3.0, < 3.0.0)
     public_suffix (3.0.3)
     puma (3.12.0)
-    rack (2.0.5)
+    rack (2.0.6)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails (5.2.1)
@@ -221,7 +221,7 @@ GEM
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     state_machine (1.2.0)
-    thor (0.20.0)
+    thor (0.20.3)
     thread_safe (0.3.6)
     tilt (2.0.8)
     ttfunk (1.5.1)