From 605d7e1fe0adce6a24527f54aff529fb23b706a1 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 19 Jun 2020 12:18:57 +0200 Subject: [PATCH] gollum: Update the dependencies (security, CVE-2020-8184) This updates rack to 2.2.3 for CVE-2020-8184 [0]. [0]: https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak --- pkgs/applications/misc/gollum/Gemfile.lock | 24 ++++++------ pkgs/applications/misc/gollum/gemset.nix | 44 +++++++++++----------- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/pkgs/applications/misc/gollum/Gemfile.lock b/pkgs/applications/misc/gollum/Gemfile.lock index 4759cdcf5737..e7f905f3fe10 100644 --- a/pkgs/applications/misc/gollum/Gemfile.lock +++ b/pkgs/applications/misc/gollum/Gemfile.lock @@ -1,12 +1,12 @@ GEM remote: https://rubygems.org/ specs: - backports (3.17.0) + backports (3.17.2) concurrent-ruby (1.1.6) crass (1.0.6) execjs (2.7.0) - ffi (1.12.2) - gemojione (4.3.2) + ffi (1.13.1) + gemojione (4.3.3) json github-markup (3.0.4) gollum (5.0.1) @@ -25,28 +25,28 @@ GEM therubyrhino (~> 2.1.0) uglifier (~> 3.2) useragent (~> 0.16.2) - gollum-lib (5.0.3) + gollum-lib (5.0.4) gemojione (~> 4.1) github-markup (~> 3.0) - gollum-rugged_adapter (~> 0.99.4, >= 0.99.4) + gollum-rugged_adapter (~> 1.0) loofah (~> 2.3) nokogiri (~> 1.8) octicons (~> 8.5) rouge (~> 3.1) twitter-text (= 1.14.7) - gollum-rugged_adapter (0.99.4) + gollum-rugged_adapter (1.0) mime-types (>= 1.15) rugged (~> 0.99) json (2.3.0) kramdown (2.1.0) kramdown-parser-gfm (1.0.1) kramdown (~> 2.0) - loofah (2.5.0) + loofah (2.6.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mime-types (3.3.1) mime-types-data (~> 3.2015) - mime-types-data (3.2019.1009) + mime-types-data (3.2020.0512) mini_portile2 (2.4.0) multi_json (1.14.1) mustache (0.99.8) @@ -56,14 +56,14 @@ GEM mini_portile2 (~> 2.4.0) octicons (8.5.0) nokogiri (>= 1.6.3.1) - rack (2.2.2) + rack (2.2.3) rack-protection (2.0.8.1) rack - rb-fsevent (0.10.3) + rb-fsevent (0.10.4) rb-inotify (0.10.1) ffi (~> 1.0) rexml (3.2.4) - rouge (3.17.0) + rouge (3.20.0) rss (0.2.9) rexml ruby2_keywords (0.0.2) @@ -88,7 +88,7 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-helpers (1.2.3) + sprockets-helpers (1.3.0) sprockets (>= 2.2) therubyrhino (2.1.2) therubyrhino_jar (>= 1.7.4, < 1.7.9) diff --git a/pkgs/applications/misc/gollum/gemset.nix b/pkgs/applications/misc/gollum/gemset.nix index 3febcea2f9a6..c4df68960573 100644 --- a/pkgs/applications/misc/gollum/gemset.nix +++ b/pkgs/applications/misc/gollum/gemset.nix @@ -4,10 +4,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13ywgyyxzlgks7nb17gwqjmdqjjmhc8si3iliv8jhf51lb3s865v"; + sha256 = "0rg58rd3hgk8wz4fbapn3szwgymk1q9lv4ywg37bkbcflsbi70iy"; type = "gem"; }; - version = "3.17.0"; + version = "3.17.2"; }; concurrent-ruby = { groups = ["default"]; @@ -44,10 +44,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10lfhahnnc91v63xpvk65apn61pib086zha3z5sp1xk9acfx12h4"; + sha256 = "12lpwaw82bb0rm9f52v1498bpba8aj2l2q359mkwbxsswhpga5af"; type = "gem"; }; - version = "1.12.2"; + version = "1.13.1"; }; gemojione = { dependencies = ["json"]; @@ -55,10 +55,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "097mrsahv1h67kjrk1cpiqc1cbrfgvlp2rqwmzdzxrq0kx50461w"; + sha256 = "0fwd523pgr72w3w6jwpz9i6sggvz52d7831a1s4y3lv8m50j6ima"; type = "gem"; }; - version = "4.3.2"; + version = "4.3.3"; }; github-markup = { groups = ["default"]; @@ -87,10 +87,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0r59fyf7i4rlp6wj9ilnqd9pmgpkafv0yl4jmrxa6hr2p4cmnf1g"; + sha256 = "0pr3djmawqpmifyadw1vfzdkq720dsaqih1wf8k2vksw0lr9la74"; type = "gem"; }; - version = "5.0.3"; + version = "5.0.4"; }; gollum-rugged_adapter = { dependencies = ["mime-types" "rugged"]; @@ -98,10 +98,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0016yfac3b3sy34k9wrqg422mjm8cpd1jd1m4gdn4x2d4jxhxkzq"; + sha256 = "0ln12976vm1ks74yyrssdx576b1z0hs8r82fivr366knv5hlcrdm"; type = "gem"; }; - version = "0.99.4"; + version = "1.0"; }; json = { groups = ["default"]; @@ -140,10 +140,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jk9fgn5ayzbqvzqm11gbkqvas77zdbpkvynlylyiwynclgrn040"; + sha256 = "1s9hq8bpn6g5vqr3nzyirn3agn7x8agan6151zvq5vmkf6rvmyb2"; type = "gem"; }; - version = "2.5.0"; + version = "2.6.0"; }; mime-types = { dependencies = ["mime-types-data"]; @@ -161,10 +161,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18x61fc36951vw7f74gq8cyybdpxvyg5d0azvqhrs82ddw3v16xh"; + sha256 = "1z75svngyhsglx0y2f9rnil2j08f9ab54b3l95bpgz67zq2if753"; type = "gem"; }; - version = "3.2019.1009"; + version = "3.2020.0512"; }; mini_portile2 = { groups = ["default"]; @@ -234,10 +234,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10mp9s48ssnw004aksq90gvhdvwczh8j6q82q2kqiqq92jd1zxbp"; + sha256 = "0i5vs0dph9i5jn8dfc6aqd6njcafmb20rwqngrf759c9cvmyff16"; type = "gem"; }; - version = "2.2.2"; + version = "2.2.3"; }; rack-protection = { dependencies = ["rack"]; @@ -255,10 +255,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lm1k7wpz69jx7jrc92w3ggczkjyjbfziq5mg62vjnxmzs383xx8"; + sha256 = "1k9bsj7ni0g2fd7scyyy1sk9dy2pg9akniahab0iznvjmhn54h87"; type = "gem"; }; - version = "0.10.3"; + version = "0.10.4"; }; rb-inotify = { dependencies = ["ffi"]; @@ -286,10 +286,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xl7k5paf66p57sphm4nfa4k86yf93lhdzzr0cv0l4divq12g2pr"; + sha256 = "1r5npy9a95qh5v74lw7ir3nhaq4xrzyhfdixd7c5xy295i92nnic"; type = "gem"; }; - version = "3.17.0"; + version = "3.20.0"; }; rss = { dependencies = ["rexml"]; @@ -383,10 +383,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hy67dwz76n5db00d9n3qy59ici96c2g25c9xpmp2nh8ilvha338"; + sha256 = "14iq8v16l31bfq7pikfmgcv5x6pkc5lbdmwwg6zlzcy1bibcliar"; type = "gem"; }; - version = "1.2.3"; + version = "1.3.0"; }; therubyrhino = { dependencies = ["therubyrhino_jar"];