Commit 33af3052 authored by Dennis Schubert's avatar Dennis Schubert
Browse files

Bump rails

parent c04ee239

Changelog.md

+9 −0
Original line number Diff line number Diff line 
# 0.5.6.2



* Fix [CVE-2016-0751](https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc) - Possible Object Leak and Denial of Service attack in Action Pack

* Fix [CVE-2015-7581](https://groups.google.com/forum/#!topic/rubyonrails-security/dthJ5wL69JE) - Object leak vulnerability for wildcard controller routes in Action Pack

* Fix [CVE-2015-7576](https://groups.google.com/forum/#!topic/rubyonrails-security/ANv0HDHEC3k) - Timing attack vulnerability in basic authentication in Action Controller

* Fix [CVE-2016-0752](https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00) - Possible Information Leak Vulnerability in Action View

* Fix [CVE-2016-0753](https://groups.google.com/forum/#!topic/rubyonrails-security/6jQVC1geukQ) - Possible Input Validation Circumvention in Active Model

* Fix [CVE-2015-7577](https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g) - Nested attributes rejection proc bypass in Active Record

* Fix [CVE-2015-7579](https://groups.google.com/forum/#!topic/rubyonrails-security/OU9ugTZcbjc) - XSS vulnerability in rails-html-sanitizer

* Fix [CVE-2015-7578](https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI) - Possible XSS vulnerability in rails-html-sanitizer



# 0.5.6.1



* Fix Nokogiri CVE-2015-7499

Gemfile

+1 −1
Original line number Diff line number Diff line 
source "https://rubygems.org"



gem "rails", "4.2.5"

gem "rails", "4.2.5.1"



# Legacy Rails features, remove me!

# responders (class level)

Gemfile.lock

+32 −32
Original line number Diff line number Diff line
@@ -3,40 +3,40 @@ GEM 
  remote: https://rails-assets.org/

  specs:

    CFPropertyList (2.3.2)

    actionmailer (4.2.5)

      actionpack (= 4.2.5)

      actionview (= 4.2.5)

      activejob (= 4.2.5)

    actionmailer (4.2.5.1)

      actionpack (= 4.2.5.1)

      actionview (= 4.2.5.1)

      activejob (= 4.2.5.1)

      mail (~> 2.5, >= 2.5.4)

      rails-dom-testing (~> 1.0, >= 1.0.5)

    actionpack (4.2.5)

      actionview (= 4.2.5)

      activesupport (= 4.2.5)

    actionpack (4.2.5.1)

      actionview (= 4.2.5.1)

      activesupport (= 4.2.5.1)

      rack (~> 1.6)

      rack-test (~> 0.6.2)

      rails-dom-testing (~> 1.0, >= 1.0.5)

      rails-html-sanitizer (~> 1.0, >= 1.0.2)

    actionview (4.2.5)

      activesupport (= 4.2.5)

    actionview (4.2.5.1)

      activesupport (= 4.2.5.1)

      builder (~> 3.1)

      erubis (~> 2.7.0)

      rails-dom-testing (~> 1.0, >= 1.0.5)

      rails-html-sanitizer (~> 1.0, >= 1.0.2)

    active_model_serializers (0.9.3)

      activemodel (>= 3.2)

    activejob (4.2.5)

      activesupport (= 4.2.5)

    activejob (4.2.5.1)

      activesupport (= 4.2.5.1)

      globalid (>= 0.3.0)

    activemodel (4.2.5)

      activesupport (= 4.2.5)

    activemodel (4.2.5.1)

      activesupport (= 4.2.5.1)

      builder (~> 3.1)

    activerecord (4.2.5)

      activemodel (= 4.2.5)

      activesupport (= 4.2.5)

    activerecord (4.2.5.1)

      activemodel (= 4.2.5.1)

      activesupport (= 4.2.5.1)

      arel (~> 6.0)

    activerecord-import (0.10.0)

      activerecord (>= 3.0)

    activesupport (4.2.5)

    activesupport (4.2.5.1)

      i18n (~> 0.7)

      json (~> 1.7, >= 1.7.7)

      minitest (~> 5.1)
@@ -445,7 +445,7 @@ GEM 
    mime-types (2.99)

    mini_magick (4.3.6)

    mini_portile2 (2.0.0)

    minitest (5.8.3)

    minitest (5.8.4)

    mobile-fu (1.3.1)

      rack-mobile-detect

      rails
@@ -526,16 +526,16 @@ GEM 
      rack

    rack-test (0.6.3)

      rack (>= 1.0)

    rails (4.2.5)

      actionmailer (= 4.2.5)

      actionpack (= 4.2.5)

      actionview (= 4.2.5)

      activejob (= 4.2.5)

      activemodel (= 4.2.5)

      activerecord (= 4.2.5)

      activesupport (= 4.2.5)

    rails (4.2.5.1)

      actionmailer (= 4.2.5.1)

      actionpack (= 4.2.5.1)

      actionview (= 4.2.5.1)

      activejob (= 4.2.5.1)

      activemodel (= 4.2.5.1)

      activerecord (= 4.2.5.1)

      activesupport (= 4.2.5.1)

      bundler (>= 1.3.0, < 2.0)

      railties (= 4.2.5)

      railties (= 4.2.5.1)

      sprockets-rails

    rails-assets-diaspora_jsxc (0.1.4)

      rails-assets-favico.js (~> 0.3.9)
@@ -578,7 +578,7 @@ GEM 
      activesupport (>= 4.2.0.beta, < 5.0)

      nokogiri (~> 1.6.0)

      rails-deprecated_sanitizer (>= 1.0.1)

    rails-html-sanitizer (1.0.2)

    rails-html-sanitizer (1.0.3)

      loofah (~> 2.0)

    rails-i18n (4.0.8)

      i18n (~> 0.7)
@@ -600,9 +600,9 @@ GEM 
      remotipart (~> 1.0)

      safe_yaml (~> 1.0)

      sass-rails (>= 4.0, < 6)

    railties (4.2.5)

      actionpack (= 4.2.5)

      activesupport (= 4.2.5)

    railties (4.2.5.1)

      actionpack (= 4.2.5.1)

      activesupport (= 4.2.5.1)

      rake (>= 0.8.7)

      thor (>= 0.18.1, < 2.0)

    rainbow (2.0.0)
@@ -847,7 +847,7 @@ DEPENDENCIES 
  rack-protection (= 1.5.3)

  rack-rewrite (= 1.5.1)

  rack-ssl (= 1.4.1)

  rails (= 4.2.5)

  rails (= 4.2.5.1)

  rails-assets-diaspora_jsxc (~> 0.1.4)!

  rails-assets-highlightjs (= 9.0.0)!

  rails-assets-jakobmattsson--jquery-elastic (= 1.6.11)!