Commit 2b32e9b5 authored by Dennis Schubert's avatar Dennis Schubert

Merge branch 'hotfix/0.6.4.1'

parents a9c282d9 610f39e9
# 0.6.4.1
Fixes a possible Remote Code Execution ([CVE-2016-4658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658)) and a possible DoS ([CVE-2016-5131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131)) by updating Nokogiri, which in turn updates libxml2.
# 0.6.4.0
## Refactor
......
......@@ -132,7 +132,7 @@ gem "leaflet-rails", "0.7.7"
# Parsing
gem "nokogiri", "1.7.0.1"
gem "nokogiri", "1.7.1"
gem "open_graph_reader", "0.6.2" # also update User-Agent in features/support/webmock.rb
gem "redcarpet", "3.4.0"
gem "ruby-oembed", "0.10.1"
......
......@@ -395,7 +395,7 @@ GEM
nenv (0.3.0)
nested_form (0.3.2)
nio4r (2.0.0)
nokogiri (1.7.0.1)
nokogiri (1.7.1)
mini_portile2 (~> 2.1.0)
notiffany (0.1.1)
nenv (~> 0.1)
......@@ -845,7 +845,7 @@ DEPENDENCIES
minitest
mobile-fu (= 1.3.1)
mysql2 (= 0.4.5)
nokogiri (= 1.7.0.1)
nokogiri (= 1.7.1)
omniauth (= 1.4.2)
omniauth-facebook (= 4.0.0)
omniauth-tumblr (= 1.2)
......
......@@ -4,7 +4,7 @@
defaults:
version:
number: "0.6.4.0" # Do not touch unless doing a release, do not backport the version number that's in master
number: "0.6.4.1" # Do not touch unless doing a release, do not backport the version number that's in master
heroku: false
environment:
url: "http://localhost:3000/"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment