From 2f7582ea631efe18ea9efa272cccfda3cc5d7ea4 Mon Sep 17 00:00:00 2001 From: Kylor Hall Date: Thu, 24 Oct 2019 14:33:55 +0800 Subject: [PATCH] Update loofah for CVE-2019-15587. Name: loofah Version: 2.3.0 Advisory: CVE-2019-15587 Criticality: Unknown URL: flavorjones/loofah#171 Title: Loofah XSS Vulnerability Solution: upgrade to >= 2.3.1 --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4c191cff2..4bfab34d6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -77,7 +77,7 @@ GEM contentful (~> 2.1) contentful-webhook-listener (~> 0.1) middleman-core (~> 3.4) - crass (1.0.4) + crass (1.0.5) diff-lcs (1.2.5) domain_name (0.5.20170404) unf (>= 0.0.5, < 1.0.0) @@ -256,7 +256,7 @@ GEM listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - loofah (2.2.3) + loofah (2.3.1) crass (~> 1.0.2) nokogiri (>= 1.5.9) lumberjack (1.0.12)