From 373dd8c2fe1305da0851bf7f8bc143e4ba9b97ab Mon Sep 17 00:00:00 2001
From: Adrian Cann <adriantcann@gmail.com>
Date: Sun, 14 Oct 2018 10:37:12 -0400
Subject: [PATCH] Update gems with security vulnerabilities

ruby-advisory-db: 323 advisories
Name: nokogiri
Version: 1.8.4
Advisory: CVE-2018-14404
Criticality: Unknown
URL: https://github.com/sparklemotion/nokogiri/issues/1785
Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
Solution: upgrade to >= 1.8.5

Name: rubyzip
Version: 1.2.1
Advisory: CVE-2018-1000544
Criticality: Unknown
URL: https://github.com/rubyzip/rubyzip/issues/369
Title: Directory Traversal in rubyzip
Solution: upgrade to >= 1.2.2
---
 Gemfile      |  2 +-
 Gemfile.lock | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Gemfile b/Gemfile
index b76b1ae..6bc787b 100644
--- a/Gemfile
+++ b/Gemfile
@@ -24,7 +24,7 @@ gem "normalize-rails", "~> 3.0.0"
 gem "pg"
 gem 'puma'
 gem "rack-canonical-host"
-gem "rails", "~> 5.0.1"
+gem "rails"
 gem "recipient_interceptor"
 gem "redcarpet"
 gem "refills"
diff --git a/Gemfile.lock b/Gemfile.lock
index 16cc188..2d4638e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -152,7 +152,7 @@ GEM
       activesupport (>= 4.2.0)
     hashdiff (0.3.7)
     highline (1.7.8)
-    i18n (1.0.1)
+    i18n (1.1.0)
       concurrent-ruby (~> 1.0)
     i18n-tasks (0.9.5)
       activesupport (>= 4.0.2)
@@ -181,7 +181,7 @@ GEM
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
-    mini_mime (1.0.0)
+    mini_mime (1.0.1)
     mini_portile2 (2.3.0)
     minitest (5.11.3)
     multipart-post (2.0.0)
@@ -192,7 +192,7 @@ GEM
       net-ssh (>= 2.6.5)
     net-ssh (4.1.0)
     nio4r (2.3.1)
-    nokogiri (1.8.3)
+    nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     normalize-rails (3.0.3)
     oj (2.18.5)
@@ -259,7 +259,7 @@ GEM
       rspec-mocks (~> 3.5.0)
       rspec-support (~> 3.5.0)
     rspec-support (3.5.0)
-    rubyzip (1.2.1)
+    rubyzip (1.2.2)
     safe_yaml (1.0.4)
     sass (3.4.22)
     sass-rails (5.0.6)
@@ -372,7 +372,7 @@ DEPENDENCIES
   puma
   rack-canonical-host
   rack-timeout
-  rails (~> 5.0.1)
+  rails
   recipient_interceptor
   redcarpet
   refills
@@ -396,4 +396,4 @@ RUBY VERSION
    ruby 2.5.1p57
 
 BUNDLED WITH
-   1.16.2
+   1.16.5